- Featured in:
-
More IT Security Manager Resumes
Use these IT Security Manager samples as a guideline or visit our extensive library of customizable best resume templates.
Select
Customize
Download
Find out what is the best resume for you in our Ultimate Resume Format Guide.
Additional Information Technology Resume Samples
IT Security Manager Resume Samples
No results found
0-5 years of experience
Oversaw enterprise-wide security at all levels of the organization including secure client access in support of content management tool, web hosting and video streaming for over 160 local TV stations.
- Maintained 99.99% uptime for the enterprise. Increased the TCP concurrent sessions from 256K to 6M to defense against DDOS attacks.
- Expanded infrastructure to handle nearly 3000% increased volume of page view and bandwidth while decreasing bandwidth costs by 30%.
- Maintained availability, integrity, and confidentiality of all [company name] computing environments, web, networks, systems, and information assets encompassing 200+ systems.
- Managed threat and vulnerability management programs including inventory assessment, threat and vulnerability analysis and vulnerability management processes.
- Expanded availability by architecting and managing numerous migrations for the top layer infrastructure firewall sandwich, BGP load balancing, and Denial of Service protection in the data center.
0-5 years of experience
Supported over 1200 clients and 700 employees monitor systems and provide various audit support.
- Supported various healthcare applications such as Eclipsys, Siemens, Lawson, Pyxis, and Cerner.
- Brought all PCs and Servers to current patch management which improved uptime and processes.
- Assisted with the implementation of electronic medical records system.
- Created hospital disaster recovery plan and training.
- Produced training material, policies and procedures to all new hires.
6-10 years of experience
Group manager of FTEs and multiple contract personnel. Responsible for the overall IT security posture of the organization. System responsibility includes all Certificate management, Compliance reporting, Data Loss Prevention, next generation firewalls, IDS/IPS, IdM /Provisioning, Mobile Device Management, penetration testing, Privilege Access Management, Remote Access management, and Wireless Access. Direct multi-million dollar capital (infrastructure and project) and operations budget development and management. Manage team’s involvement and contributions on key enterprise-level, high-impact projects such as HITECH Act, Epic EMR, VDI (including mobile devices), and ICD-10 compliance.
- Implemented the Presbyterian Information Security Management Framework (ISMS) for design and maintenance of a coherent set of policies, processes and systems to manage risks to the information assets.
- Selected, configured and implemented a new Identity Access Management system that streamlined manual processes.
- New installs and upgrades to security technology including firewalls, DLP, IDS/IPS, and Mobile Device management.
- Complete DMZ redesign which significantly increased security as noted by CMS audit.
- Implemented the Privileged Access Management system to better manage changes to the environment.
0-5 years of experience
Responsible for securing the BHS computing environment, ensuring the integrity and confidentiality of patient data. Lead various teams to ensure compliance with HIPAA regulations.
- Lead ad-hoc team tasked with addressing issues raised during annual PriceWatehouseCoopers security audits resulting in a reduction in the number of observations from over 60 in 2003 to less than 10 in 2004.
- Served as official liaison to PwC auditors; gathering information they required and assisting them as needed.
- Chaired the committee responsible for creating a comprehensive suite of policies and procedures fulfilling the administrative requirements of the HIPAA Security regulations.
- Lead the implementation of two major projects that increased the security of patient information and provided technical staff and management with tools allowing continuous monitoring and auditing of key systems.
- Lead cross-functional team composed of members of the BHS Audit and Compliance departments and the Siemens IT staff to perform a comprehensive HIPAA Privacy and Security risk analysis.
- Received an employee achievement award my first year with Siemens.
0-5 years of experience
Responsible for the information security and oversight of the physical security for the Lee’s Summit remote hosting data center containing over 4,000 sq. ft. of raised floor.
- Designed security architecture to protect data center systems storing and processing personal health information.
- Created security related documentation and presentations for clients and medical professional groups.
- Performed internal security breach investigations on client and corporate systems resulting in closing the breach and identification of responsible parties.
- Trained security concepts and implemented security projects across multiple groups including Engineering, IT Management, Regulatory Affairs, Sales and Marketing, and Legal.
0-5 years of experience
Refined Vulnerability Scans and identified critical issues for immediate patching.
- Configured and installed AirTight wireless monitoring equipment within first 30 days.
- Conducted Penetration and complete IT Auditing for Worldwide locations.
- Designed and implemented APT defenses to include FireEye installation.
- Cleaned HQ and overseas locations of Signature and Non-Signature malware within the first 90 days.
0-5 years of experience
Managed security operations and technology including endpoint security, security event management, incident response, security awareness and PCI/SOX/PII compliance reporting. Led a team of 8 full time associates.
- Managed a budget of $3.5M including resource and project forecasting and strategic planning.
- Led national implementation of application control/whitelisting software to over 3500 retail locations, which significantly increased security posture and PCI compliant store systems.
- Successfully managed through vendor product defects, unplanned resource constraints and significant timeline shifts, delivering on time and on budget.
- Distributed and maintained endpoint security tools (virus protection, HIPS, NAC, encryption, FIM, IDS, web content inspection, log management) on over 10K desktops and 2.5K servers providing 24×7 support and 99% uptime.
- Triaged and coordinated the initial stages of security events and incidents; keeping leadership up to date during ongoing security events.
- Maintained and enhanced a custom Identity and Access Management solution to provide automated provisioning/deprovisioning/workflow and access attestation. This system was a key control for the compliance and internal audit teams.
- Created and maintained a comprehensive set of operational policies, procedures, disaster recovery plans and general documentation. This documentation played a critical role in maintaining both PCI and SOX compliance.
6-10 years of experience
Security and Information Assurance Manager, 40+ personnel and monitoring proper use of classified systems.
- Managed the physical and logistical security as well as maintained the hardware and software systems for 100+ JWICS, SIPR, NIPR computers.
- Provided desktop and network support for 200+ users
- Directed the cleanup of multiple classified message incidents minimizing damage from release of classified information on an unclassified network. Authorized the destruction of unauthorized electronic devices brought into a classified area.
- Maintained classified publications, records and data ensuring proper filing and destruction methods.
- Stood up multiple local area networks (LAN) with no base support; often coordinated with multiple commands which allowed users to tunnel to HHQ and pass real time intelligence to national agencies.
- Managed the accreditation of new PCs to be implemented on the classified network.
- Managed the construction of a new SCIF as well as the deployment of the PCs.
0-5 years of experience
Conducted investigations and led incident response as needed.
- Served as liaison to FBI, Legal and Third party investigators as needed.
- Provided continuous monitoring to corporate systems.
- Refined Vulnerability Scans and identified critical issues for immediate patching.
- Configured and installed AirTight wireless monitoring equipment within first 30 days.
- Conducted Penetration and complete IT Auditing for Worldwide locations.
- Designed and implemented APT defenses to include FireEye installation.
- Cleaned HQ and overseas locations of Signature and Non-Signature malware within the first 90 days.
0-5 years of experience
Developed and administered a secure global IT network infrastructure for high availability failover and disaster recovery.
- Designed, implemented and administered a Hyper-V based server environment
- Designed and maintained an Integrated Active Directory infrastructure with Office 365, Exchange, SharePoint and Cloud Storage.
- Maintain the Datacenter infrastructure, servers, routers, switches, firewall, phone systems and network area storage.
0-5 years of experience
Ensured the integrity of corporate data; managed corporate data as an asset; ensured data security and recoverability and made changes in the security processes and security infrastructure as required by technologies deployed and/or business requirements.
- Ensure system availability, system reliability, production turnaround and response times meet or exceeded expectations established for business services.
- Reduced risks of data breaches and related costs.
- Implemented enterprise system security monitoring and alerts.
- Responded to, managed, and reported on all security incidents.
- Reduced data loss through implementation of new backup methodologies.
- Negated financial impacts of downtime while maintaining continuity of critical systems.
- Provided cost-effective disaster recovery solutions across multivendor platforms.
0-5 years of experience
Support business, technology and security requirements, ensuring adequate resources, skills, personnel, and service solutions exist to meet organizational requirements for 4000 employees; 1200 technology users in the defense shipbuilding industry. Enacted improvements to staff recruitment and training, enforced personal accountability, and raised team expectations to overcome departmental reputation for poor customer service, ticket and time management, and asset losses. Service desk improvements ranked as a top positive technology comment in FY13 employee survey.
- Saved over $1M in IT spending in FY13, exceeding management challenge goal on a $10M+ budget.
- Restored a poorly performing helpdesk; hired veteran service manager and service-oriented technicians, leading to an 81% increase in ticket closures and customer satisfaction ratings of 4.8 out of 5 over last 12 months.
- Rebuilt a failing $5m+ managed services contract, salvaging a business relationship with a $3M liability; ultimately leading to successful completion of project milestones and goals and fostering new service agreements.
- Implemented the company IT Security program; combining cost-effective technical measures with administrative controls derived from ISO 27000 / NIST 800-53 governance models to support business security requirements.
- Collaboration with Security Department contributed to two back-to-back superior ratings on annual Defense Security Services inspections, the highest audit rating a company can receive.
0-5 years of experience
Supervised the overall security objectives of the company while working toward completion of the company goal for security
- Oversaw incident response planning as well as the investigation of security breaches and assisted with disciplinary and legal matters associated with security breaches of security.
- Implemented, developed, and managed Information Systems security, policies and procedures throughout the entire company, resulting in a more secure data and better educated employees
- Developed metrics to determine/increase security effectiveness, improve productivity, and reduce costs resulting in a more secure and productive environment
0-5 years of experience
Provided daily operations security services management for the company and developed/implemented policies for user account management, IDS management, log management. Managed client Active Directory domain for users and computers.
- Spearheaded security transition services for personnel, processes and multi-platform technologies for major entertainment and large utility clients. Allocated resources and oversaw the performance of systems analysts, programmers, and other computer-related workers.
- Led the highly successful Security Information and Event Management pilot program for Capgemini using Tivoli SIEM to monitor internal/external threats; assessed process/hardware risks, identified threat vectors and identified security policies and approved rules for Tivoli TSIEM. Designed the SIEM service for the Capgemini Service Catalog.
- Directed security application and DMZ incident management teams, restructured the DMZ environment, and established new security/patch management policies, processes and procedures as well as vulnerability management using Qualys.
- Reduced resource requirements by 66% for a new client requiring reengineering of their Active Directory domain supporting people, applications and equipment; implemented ITIL v3 and ITSM processes into daily operations, streamlined a user account approval form and introduced new account management processes which decreased account creation time from 7 business days to 2 through the use of Remedy ticket stages. This process became a reusable template for Capgemini IT security service offerings.
0-5 years of experience
Assessed the IT security environment and advised on information security policies and procedures within all IT systems for Fortune 500 company. Mentored and evaluated the work of subordinates contributing to security posture and policy. Evaluated and made recommendations on IT Security tools.
- Acted as the lead response and advisor to the security manager on incidents.
- Wrote multiple policies and procedures, developed presentations for upper management and contributed IT Security articles for the corporate security newsletter.
- Participated in the security awareness program and assisted to increase the participation and completion percentages, including the implementation of metrics to conduct tracking.
10+ years of experience
Managed information security governance and operations (based on ISO 27001 and SAS70 frameworks) for the Montvale corporate offices, the U.S. regional offices, and the company-owned Mercedes-Benz dealership in New York, NY. Lead for corporate data privacy/data protection and critical IT application recovery.
- Created local information security policies, procedures, and guidelines and conducted awareness training to all staff members. Ensured the company maintained compliance with our parent, Daimler AG, by adhering to global information security & data privacy policies and standards.
- Performed annual audits (Sarbanes Oxley, Payment Card Industry, International Organization for Standardization, etc.) in conjunction with internal and external auditing entities. Led remediation efforts, revised processes, and improved security controls to reduce inefficiencies and successfully complete corporate audits. Presented audit findings and results to senior and executive management.
- Implemented secure application development program – coding standards, static & dynamic code reviews, vulnerability tests, developer training, etc. – with integration into the Software Development Lifecycle (SDLC). Acquired cloud-based analysis software used by application developers to identify and correct threat-vulnerable code prior to production migration. Improved developer’s secure coding practices and reduced remediation time/costs for the responsible IT application support teams.
- Led the identification, collection, and preservation of electronic data for litigation matters under the direction of the company’s legal department. Maintained adherence to the electronic discovery amendments for the Federal Rules of Civil Procedure (FRCP) and Federal Rules of Evidence (FRE).
- Performed onsite/offsite disaster recovery tests (applications, middleware, infrastructure, networks, etc.) for the company’s financial, sales, and marketing areas. Successfully recovered all functionality for the company’s customer-facing website – www.mbusa.com – in less than ten hours.
0-5 years of experience
Worked with Cisco Works and Cisco switches to manage port access to VLANS.
- Expert knowledge of operating system configurations and of TCP/IP and multiple network protocols, such as, DNS, DHCP, SMTP, SNMP, WINS, etc.
- Implemented and maintained Microsoft Public Key Infrastructure/Certificate Services, beginning with web certificate security and expanding to User, Computer, Domain, Code Signing, Wireless Access certificate security.
- Installed Microsoft Internet Security & Acceleration 2004 server, provided day to day policy management, user access, and blocking restricted websites.
- Cisco Intrusion Detection System (IDS) & Intrusion Prevention System (IPS), Cisco Security Monitoring, Analysis and Response System (MARS), and Mirage Zero-Day IDS/IPS
- Maintained three Linux Red Hat servers.
0-5 years of experience
Responsible for overseeing information technology security for the County. Developed information security policies and procedures based on ISO 17799 standards to ensure compliance with HIPAA security regulations. Responsible for the department’s Continuity of Operations (COOP) and disaster recovery plans. Project manager for several infrastructure and security related projects in support of County programs and initiatives.
- Installed a County-wide Security Information and Event Management (SIEM) system
- Implemented interfaces with other non-standard devices and services into the SIEM environment
- Monitored County information systems for security related events and responded to incidents and alerts
- Monitored physical security systems such as cameras, secured doors and other access control systems
- Participated in several software development projects to review code design for security risks
- Assisted with other County support teams in developing secure cross organizational data exchange efforts
- Provided analysis and reports for mandated governmental reviews and audits
- Conducted annual security awareness training for County employees and IT staff
- Coordinated with outside vendor to provide data interface for credit card processing capability
0-5 years of experience
- Established control over key firewalls, routers, and VPN devices with minimal downtime.
- Designed and implemented a new remote office VPN solution that standardized VPN platforms.
- Designed and implemented a two-factor authentication system using RSA tokens and authentication appliances.
- Managed 20 firewalls located at over 16 sites, which included 13 site-to-site VPN connections using Juniper NetScreen and SSG firewalls, a Cisco Pix firewall, and a Cisco VPN 3005 Concentrator.
- Designed and implemented remote access VPN solutions using Cisco ASA and Juniper SSG devices.
- Performed Q1-2006 and Q2-2006 internal audits of 45 SOX IT controls.
- Supported 2006 annual external audit of 45 SOX IT controls by PricewaterhouseCoopers.
- Assisted in the transition of internal audit responsibilities for SOX IT controls from the IT Department to the Compliance Department.
0-5 years of experience
- Established control over key firewalls, routers, and VPN devices with minimal downtime.
- Designed and implemented a new remote office VPN solution that standardized VPN platforms.
- Designed and implemented a two-factor authentication system using RSA tokens and authentication appliances.
- Managed 20 firewalls located at over 16 sites, which included 13 site-to-site VPN connections using Juniper NetScreen and SSG firewalls, a Cisco Pix firewall, and a Cisco VPN 3005 Concentrator.
- Designed and implemented remote access VPN solutions using Cisco ASA and Juniper SSG devices.
- Performed Q1-2006 and Q2-2006 internal audits of 45 SOX IT controls.
- Supported 2006 annual external audit of 45 SOX IT controls by PricewaterhouseCoopers.
- Assisted in the transition of internal audit responsibilities for SOX IT controls from the IT Department to the Compliance Department.
6-10 years of experience
Established and lead a security team for the division.
- Supported and lead security design and compliance for the Bank IRS and NYS Tax processing sites.
- Integrated and enforced industry leading security standards and products.
- Provided vulnerability assessment and remediation for security related issues.
0-5 years of experience
Identified, analyzed, and evaluated technology security risks; determined quantitative and qualitative risk measurement methodologies; prioritized the resolution of risks through the development of a strategic CyberSecurity roadmap
- Ensured the correct implementation, configuration, and operation of security architecture and products; enabled a team culture of documentation, mentorship, and cross-training
- Supervised security operations to ensure business uptime and continuity
- Helped to develop policies and governance standards for the enterprise; enforced security policies and configuration requirements
- Increased awareness through community engagements and information security training of the end-user community
- Ensured the highest standards of customer service and business support while delivering security solutions for various environment participants
- Directed Battelle’s security software policies and practices including antivirus, spam protection, and security patching of all Battelle PCs
- Managed Battelle’s network security monitoring to ensure the security of network resources
- Administrative line management for four full-time staff members and oversight for contract resources
- Interacted with staff members at all levels throughout the organization
0-5 years of experience
Lead the security, governance, and compliance of the Department of State’s INL/Air Wing as well as for global DoS sites that consist of US citizens and foreign nationals. Support all internal and external audits, incident response, and disaster recovery issues.
- Applied project management expertise to lead all phases of projects from inception to completion
- Delivered the following enterprise projects from inception to deployment: PKI/PIV, whole disk encryption replacement, log correlation, SIEM, network surveillance, mobile theft management, IPS replacement and web content filter replacement
- Instrumental in directing all security, remediation, and governance efforts
- Re-engineered IT security processes and procedures to comply with Federal Policy and Diplomatic Security standards
- Designed the controls for a PCI compliant flight reservation system
0-5 years of experience
- Created a security policy and incident response plan for two colleges.
- Implemented disaster recovery and risk management solutions for two colleges.
- Provided endpoint security management 15 PC Labs and over 200 administrative computers.
- Administrator for over 30 servers on site that included exchange, file\print and authentication servers.
- Manage four personnel on the IT team ranging from server admins to help desk techs.
- On-site administrator for four Active Directory Window domains with over 1200 users.
6-10 years of experience
- Managed and maintained daily security operations, including security system maintenance, security log monitoring, PCI/SOX/SAS70 compliance.
- Developed, deployed, and maintained IT security systems including: VPN, File Integrity Monitoring, Syslog Logging, Log Monitoring, Application Firewalls, IDS/IPS, Event Correlation, Key Encryption Management Systems/HSM.
- Conducted vulnerability scanning, assessments, penetration testing and source code review.
- Key contributor to PCI/SOX/SAS70 artifacts and audit interviews.
- Conducted and assessed self-audits in preparation for annual compliance audits.
- Encryption key owner entailing creation of triple-des, multi-part banking encryption keys.
- Conducted and maintained business relationships with vendors and partners, including price negotiations, architectural planning/forecasting, troubleshooting of issues both security and general networking/systems related, and working with partner/customer technical engineers to configure business connectivity.
0-5 years of experience
- Duties included serving as Information Security and IT Manager for the command and control of security operations including physical systems security and data security. Environment included security controls on mainframe, AS/400 and client server systems.
- Responsible for instituting corporate change control processes for the entire bank region, in particular the loans processing area.
- Created an Access database for tracking projects, equipment and systems data.
- Determined standard configurations of desktop equipment using Microsoft products.
- Managed inside and outside resources for the installation, maintenance and control of a large bank LAN/WAN.
- Managed the day-to-day activities of 24 technical support personnel in support of LAN/WAN (2500 seats), troubles and faults, move, add, change, install activities.
0-5 years of experience
Held a DOD SECRET security clearance
- Facility security officer responsible for all military classified material
- IT Manager accountable for the integration, security and maintenance of all computer and LAN hardware and software
- Team Leader for software production and delivery to the US Navy
- Integrated new digital technology which increased productivity of software development
0-5 years of experience
Managed and reported on the progress and remediation of IT Security Audit Exception Projects that required participation by multiple teams and which had been identified by outside Client auditing firms
- Recommended Project Management tools (MS Project and CA Clarity) for use in managing and tracking IT Security projects
- Managed and reported on the results of a Security review (by multiple teams) of the Network, Operating and Application Systems status/design of a new client’s environment that was being transitioned from their data center to the Dallas data center
- Worked with clients and viable prospective clients, to understand and document critical business process security requirements and conducted/managed security tactical and strategic assessment projects
- Responsible for the development of Security Policies and a Security Awareness Program far all Capgemini employees and contractors
- Status, Solution and Recommendation Reporting through the use of MS Project, Word, Excel, PowerPoint and Visio
10+ years of experience
IT Security Monitoring: Utilized expertise to implement and optimize enterprise IT security monitoring, event correlation, patch status, compliance and alerting solutions.
- IT Risk Assessment: Lead over 120 IT risk assessment activities leveraging expert knowledge and industry sources to assess current threat levels and re-defining current security posture.
- IT Security Training: Promoted and developed agency- wide security awareness of computing environment and provided related end-user IT security training.
- Incident Response: Collaborated with IT Security Counsel Incident Response Team; Oversee investigation of computer security incidents. Responsible for analyzing, and resolving IT security incidents. Created and disseminated incident reports to Senate committees.
6-10 years of experience
Maintain knowledge of hardware, software and network security technology performed efficiently
- Worked efficiently with other people of the team and also have the ability to work independently
- Able to put a keen eye on each detail and work efficiently to meet deadlines
- Self-motivated and organized, possess excellent communication both oral and written
- Ability and willingness to work for long working hours
- Sound knowledge of Computer Science, Math and Science
- Work with configuration management, network performance management
- Monitor network traffic to identify problems and make recommendations with NMS monitoring tools
0-5 years of experience
Lead Global IT teams in incident handling and risk mitigation to threats against the environment
- Provide training and guidance to staff and senior management on appropriate cyber security measures for all global offices
- Advise and assist with implementation, maintenance, and planning of secure IT infrastructure including AD, Watchguard X series UTM Firewall/IPS, Splunk as a SIEM with attack mitigation scripts
- Manage teams that provide integration to various technologies to be utilized for threat monitoring and control tactics
- Assist senior management with maintaining and implementing a secure culture and awareness throughout the enterprise
6-10 years of experience
Maintain knowledge of hardware, software and network security technology performed efficiently
- Worked efficiently with other people of the team and also have the ability to work independently
- Able to put a keen eye on each detail and work efficiently to meet deadlines
- Self-motivated and organized, possess excellent communication both oral and written
- Ability and willingness to work for long working hours
- Sound knowledge of Computer Science, Math and Science
- Work with configuration management, network performance management
- Monitor network traffic to identify problems and make recommendations with NMS monitoring tools
0-5 years of experience
Responsible for the activities of IT security (SIEM, incident response, DLP, Security auditing and compliance)
- Audit based on SOX, HIPAA, compliance and worked with legal and finance to ensure auditing governance was followed. Conducted investigations based on requirements from Legal and HR.
- Maintaining IT security for Foster Wheeler Americas for over 3200 users in various countries.
- Created Cyber security IT security policies and practices.
- Responsible for identity management access (IAM) for all the Americas offices.
- Application Security testing for new and existing commercial applications as well as company developed applications.
- Responsible for the activities within the IT security department as penetration testing, vulnerability scanning and remediation testing.
- Plan and prepare for future improvements to various types and operating levels of IT security hardware and software.
- Recommend IT security solutions within budget.
0-5 years of experience
Developed and maintained department budgets
- Security Manager for the department of 4 people including contractors.
- Daily monitoring of security logs of all firewalls and security devices.
- Maintaining PCI environment to remain PCI DSS Compliant
- Maintain Checkpoint and Palo Alto firewalls for external and PCI environments
- Monitoring and maintaining of 25 Palo Alto IPS/IDS throughout the environment.
- Web application security assessment testing of [company name] websites
- Researched, recommended and implemented new technologies that was best for the environment.
- Internal Pen testing for PCI audits and security assessments
- PCI ISA Certified Internal Auditor
0-5 years of experience
Lead and manage IT security operations for rapidly growing 500-person gaming subsidiary of Warner Brothers / Time Warner Inc.
- Significantly improved company’s security infrastructure by establishing formal IT security policies, operating standards and procedures, mandates from parent company and PCI-DSS compliance standards.
- Establish, maintain and monitor information and network security for all of Turbine’s environments including corporate, gaming development, and production.
- Lead acquisition and implementation of IT security technologies and services with budgets up to $250k, manage vendor relations and oversee deployment for o File Integrity Monitoring for PCI environment
- Created & achieved successful delivery of a security awareness program
- Own management of recurring security & compliance monitoring tasks, including all IT security violations, incident response process, vulnerability scans & remediation, access review & confirmation of system patching.
- Provide subject matter expertise to IT operations & business units, assisting project teams comply with policies, industry regulations and best practices work with outside consultants & regulators on independent security reviews as needed
- Partner with Human Resources, Legal and parent company Security to improve processes & issues that relate to IT security & protection of information assets
- Maintain awareness of & understand new & changing information security laws & regulations
6-10 years of experience
Responsible for security administration team; consisting of security and network analysts.
- Oversee capital projects for HIPAA privacy and security regulations.
- Work closely with corporate compliance office, HIPAA taskforce and disaster recovery/contingency
- Responsible for IS policies and procedures, maintaining capital project status reports utilizing
0-5 years of experience
Responsible for protecting confidential data (HIPAA) and Intellectual Property
- Worked with outsourced IT service provider to document and implement globally compliant SOX processes, which included Change Management, Logical Access, Security and Computer Operations controls
- Worked with IT and business to ensure SOX compliance of worldwide JD Edwards upgrade and implemented Roles Based Access Control
- Worked with Internal Audit team to ensure SEC and FDA compliance
0-5 years of experience
Report to U.S. CISO as primary application security manager for U.S. IT Security Services team.
- Coordinated with and obtained buy-in from line of service stakeholders allowing for development of firm-wide plan for detection, categorization and remediation of application and system level vulnerabilities.
- Worked closely with lines of service (Tax, Advisory, Federal, etc.) to develop/update secure application development standards (standards loosely based on OWASP and ISO 17799).
- Utilized various security assessment tools (commercial, open-source, and custom) to audit both internal and external applications and infrastructures.
0-5 years of experience
- Document and enhance security policies, and procedures.
- Coordinate the security and Infrastructure teams’ preparation for internal and external audits of the IT systems.
- Represent Security in the weekly IT Coordination meeting.
- Manage the vendor SSL renewal process of the e-commerce and login sites.
- Gather and build security metrics to present to senior IT and business management.
0-5 years of experience
Management of support teams for North America production facilities.
- Project Management of all North America production sites IT activities.
- Design, implementation, and execution of DRP and BCP.
- Perform risk assessment and translated results to upper management.
- Representative of IT security for compliance audits conducted by external entities for the following: PCI(VISA, MCI, Amex, Discover), GSM/SAS, NASPO, CIFIUS, ENVCo, ISO2700x as well as random customer audits.
- Analyze and resolve information security incidents and vulnerability issues.
- Responsible for internal Information Security audits at multiple sites.
- Incident and audit log management: Network vulnerabilities, Server statistics, Anti-virus, Backup, Access Control, and Firewall.
- Manage support of data communications and telecommunications.
0-5 years of experience
Manage all aspects of IT security
- Assist in the operation and management of information security technologies such as endpoint and email data loss prevention, endpoint and mail encryption, security event correlation, and vulnerability scanning tools.
- Continuously monitor system security events and identify threats and vulnerabilities against organization assets. Investigate, report, and recommend corrective actions.
- Create and manage information security and risk management awareness training programs.
- Coordinate internal and external network and systems vulnerability assessments for HIPAA and Meaningful Use compliance. Validate the completion of the annual information security risk assessments.
- Work with the information security team and corporate compliance, audit, legal and HR management teams as required.
- Manage security incidents and events to protect corporate IT assets.
- Access and identity management
- Implemented Source One email archive
0-5 years of experience
- Working Manager and supervised two employees on the Security team.
- Identify and plan for data security for data, software applications, hardware, network, and computer installations.
- Develops and implement data and computer security policies and procedures.
- Develops and maintains security systems and practices to protect the integrity, accuracy, confidentiality and recoverability of data and information procedures on Windows(4.0,2000, XP, 2003), UNIX(Sun Box), AS400(IBM), and OS390(IBM) systems.
- Develop and analyze security software for data security.
- Review all computer Firewall, proxy and system logs and messages for security violations.
- Install, monitor, and update Virus protection software.
- Install security patches from Microsoft.
- Perform semi-annual computer access reviews.
0-5 years of experience
Responsible for all data security for the bank. Lead team of two supervisors and eleven staff in all aspects of data security, to include identity management and user authentication, compliance, employee investigations, firewalls, VPN, enterprise encryption strategies, intrusion detection/prevention, anti-virus, content filtering, etc.
- Responsible for getting IT to pass all audits, including Sarbanes/Oxley, GLBA, HIPAA, and VISA/Mastercard PCI. Also responsible for engaging external vendors to conduct penetration tests and vulnerability assessments.
- Responsible for directing data security strategy efforts of the bank, to include recommending new processes/policies as well as new security technologies. Responsible for maintaining documentation of IT Security and ensuring it complied with federal regulations (e.g. SEC & OCC) and IT Governance/Risk Management. This included management of technical projects and their design, implementation, testing, and documentation.
- Performed all duties from previous job as IT Infrastructure Security Manager.
0-5 years of experience
- My current role is to handle IT Security for our cloud hosting environments that span two data centers.
- I have to make certain we are in compliance with our corporate IT security policies (to not only protect assets but to also position us to pass our SSAE 16 and HIPAA audits) as well as design complex VPN solutions and to allow internet originated traffic to our cloud hosted network resources/services while adhering to our 3-tier security model.
- I have to make certain the appropriate access control systems are in place to only allow the necessary access to resources/services (to security principals) via various access connectivity methods (SSL, VPN (SSL, IPsec), RDP, SSH etc.) and as such I have to make certain we have the proper tools/services/systems in place to allow for IAM and SIEM/LM.
- I am presently a working hat Ohio (IT) Security manager with a security engineer reporting to me.
Information Technology Cover Letter Examples
Rate This Article
[IT Security Manager]
Last edited by: Gabriela Barcenas, CPRW, Content Writer II -
Gabriela Barcenas
CPRW, Content Writer IIGabriela is a Certified Professional Resume Writer (CPRW) and career adviser. With 10 years of digital media experience and five years of resume writing expertise, her publication history includes fashion, education, travel, social justice, equitable design and career advice.
