Information Risk Management Resume Sample
Work Experience
- Manage all IRM aspects of the vendor risk management for existing and new vendors and partners including completing risk assessments, doing contract reviews, tracking results, conducting onsite visits when warranted and participating in RFPs when required
- Advocate for and get included key IRM requirements in process and procedures including but not limited to Software Development LifeCycle (SDLC), Requests for Proposals (RFP), Requests for Information (RFI), Quality Assurance Reviews (QA), Project Lifecycle, etc
- Set strategy, goals, and targets for your team and for Information Risk Management for Group Functions. Assist the DIRO in implementing the divisional framework to measure & report on the achievement of information risk management IRM goals
- Collaborate with other IRM teams and professionals including the Chief Information Risk Officer, the Divisional Information Risk Officer, Audit Services, Procurement Office, and peer Technology Risk Management leads across Manulife globally
- Maintain Time Warner Corporate’s Data Loss Prevention and Privacy Assessment programs
- Assists the business and IT in conducting IT Risk assessments related to infrastructure, platforms, and applications in accordance with the company’s Information Risk Management methodology
- Defining information risk metrics and key risk indicators across all information risk domains
- Developing, implementing, and maintaining an issue management and oversight process. This includes: defining the issues management criteria, tools, and methodologies; establishing and maintaining an enterprise-wide risk issues library; performing an independent review and challenge of first line issue identification and corrective action; and tracking first line corrective action
- Defining and determining thresholds for information key risk indicators
- Determining critical themes and escalating to drive risk reduction
- Performs independent review and challenge of front line unit assessments and control testing
- Assesses adherence with policies and standards related to infrastructure
- Conducts 2nd line application risk assessments and control testing
- Participates and / or advises first line teams involved in key infrastructure projects
- Serves as a trusted advisor on IRM communications issues, gaining and maintaining the confidence of MUFG’s senior IRM leaders
- Track critical information risk issues including control deficiencies, policy exceptions, and other self- identified issues
- Working closely with front line units to define and implement gap closure plans to source data for the identified risk metrics and key risk indicators
- Acting as an advisor to front line units to design and implement strategies to provide the supporting data
- Aggregating information risk data from various front line units
- Analyzing data to set enterprise-level risk thresholds and limits to be followed by front line units
- Defining the requirements for technology solutions for dashboard automation
- Producing periodic risk reporting to key committees, senior management, and the board
- Demonstrates good knowledge of information, cyber, security, and technology risk concepts
- Skilled in interpreting and driving enforcement of information risk policies, standards, and regulatory requirements
- Building and maintaining information risk management policies and standards. This includes: ensuring all policies and standards are kept relevant and in good standing; supporting the alignment of policies and standards to both regulations and controls; and defining supporting policy implementation guidance
Education
Professional Skills
- Excellent communication skills in English (oral and written) including presentation skills with demonstrated ability to present at all organizational levels
- Excellent communication skills (oral and written) including presentation skills with demonstrated ability to present at all organizational levels
- Excellent PC skills and demonstrated proficiency with MS Office Suite
- Strong analytical skills/problem solving/conceptual thinking and ability to work with Technical & Non-Technical business owners
- Innovative problem solving skills with proven ability to exercise flexibility and judgment
- Innovative problem solving skills with proven ability to exercise flexibility and judgement
- Excellent organization, analytical and time management skills required
How to write Information Risk Management Resume
Information Risk Management role is responsible for business, collaboration, organization, analytical, reporting, finance, training, integration, procurement, auditing.
To write great resume for information risk management job, your resume must include:
- Your contact information
- Work experience
- Education
- Skill listing
Contact Information For Information Risk Management Resume
The section contact information is important in your information risk management resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:
- First and last name
- Telephone number
Work Experience in Your Information Risk Management Resume
The section work experience is an essential part of your information risk management resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous information risk management responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular information risk management position you're applying to.
The work experience section should be the detailed summary of your latest 3 or 4 positions.
Representative Information Risk Management resume experience can include:
- Superior organization skills, Strong MS Office skills along with strong verbal and written communication skills
- Helps consolidating and reporting results and driving the first line units to address issues found through the testing
- Manage third-party risk, business continuity risk, and IT operational risk for owned and operated, on premise, SaaS/Iaas/PaaS environments, and licensee
- Implements regulatory requirements for the second line of defense through a number of activities including updating the IRM framework, policies, and standards
- Assists with analyzing and reporting aggregate risk information to senior management
- Assists with determining critical information risk themes and escalating to senior management to drive risk reduction
Education on an Information Risk Management Resume
Make sure to make education a priority on your information risk management resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your information risk management experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.
Additional details to include:
- School you graduated from
- Major/ minor
- Year of graduation
- Location of school
These are the four additional pieces of information you should mention when listing your education on your resume.
Professional Skills in Information Risk Management Resume
When listing skills on your information risk management resume, remember always to be honest about your level of ability. Include the Skills section after experience.
Present the most important skills in your resume, there's a list of typical information risk management skills:
- Effective administrative and analytical skills
- Excellent presentation, written and verbal skills required
- Strong and recent applied experience with Cryptography and Key Management
- Executing analysis and aggregations of material risks/threats across FLUs and helping the First Line IRM Executive to assess and validate FLU risk exposures
- Experience evaluating security controls, conducting risks assessments and providing guidance for platform
- Strong understanding of regulatory requirements, including and not limited to GLBA, FFIEC etc
List of Typical Experience For an Information Risk Management Resume
Experience For Manager, Information Risk Management Resume
- Assist in maintaining group wide assessment pipeline and reporting
- Oversee Realogy’s Information Security training and awareness program
- Works closely with the training and awareness team to communicate regulatory requirements across the enterprise
- Leverage Governance, Risk & Control technologies to establish and maintain an enterprise-wide risk issues library for information risk management
- In support of the CISO, develop, maintain, and drive IRM metrics that report upon KPI’s and KRI’s as related to the firm’s compliance with regulatory requirements and internal policies and controls related to information assets. The IRM metrics shall establish an environment of continuous improvement
- Engages with senior representatives across Realogy and its Business Units to provide full-spectrum alignment on Realogy’s IRM program
- Monitors for new regulatory requirements and assesses applicability to the enterprise
- Understands, translates, and communicates regulatory requirements across the enterprise
Experience For Information Risk Management Analyst Resume
- Coordinates and oversees regulatory examinations, including defining management responses to examinations, communicating with regulatory agencies and examiners, and ensuring remediation of regulatory examination issues
- Reviews front line units regulatory responses
- Remediates regulatory examination issues within the second line of defense and oversees remediation of first line issues
- Defines the requirements for the GLBA, PCI, and HIPAA programs for the enterprise
- Develop and support team’s SharePoint, MF Connect and other collaboration tools
- Acts as a key point of contact from IRM and Communicates IRM requirements to front line unit IT project teams
- Oversees implementation of IRM requirements across the life cycle of the IT project
- Reviews and challenges various information risk related project activities performed by the first line units
- Conducts independent assessments and reviews based on the nature of the project (e.g., complexity, criticality etc.)
Experience For VP, Information Risk Management Resume
- Reports status and output of assessments to senior management
- Defines information risk/threat scenarios based on industry intelligence and the enterprise internal environment
- Works with the first line units to develop playbooks to address key information risk/threat scenarios
- Operational Resilience – concerns measures to ensure Availability of Business Services
- Information Management – concerns managing Information (Technology) Risks within the lifecycle of information and use of information to the benefit of the stakeholders
- Assists with the development and implementation of a long-range strategic plan for the information security risk management function in support of the company’s information risk management program
Experience For Information Risk Management Expert Resume
- Remains current on technical changes and new technologies. Identifies and recommends opportunities for improving the company’s information risk management program
- Supports the alignment of the policies and standards to both regulations and industry frameworks
- Interpret and synthesize requirements from policies across the spectrum of information risk, including information security, business continuity, third party management, technology management, and IT governance
- Ensures policies adhere to enterprise risk guidelines and templates
- Communicate policy and standard enhancements to domestic stakeholders as well as stakeholders across borders
- Coordinates and supports implementation of IRM principles through review and challenge of front line assessments of Third-Parties and major projects/initiatives
- Acts as a key point of contact from IRM Assessment group to coordinate and manage Second Line of Defense IRM Assessment activities
- Coordinates and supports implementation of IRM principles through review and challenge of front line assessments of major projects/initiatives and of Third-Parties
Experience For Director, Information Risk Management Resume
- Proven knowledge of Third-Party assessments and IT project delivery lifecycles (e.g. Waterfall, Agile)
- Able to communicate related policies, procedures, and guidelines
- Responsible for the creation, coordination, dissemination and management of Information Risk Management Framework
- Establish and manage security controls for all products
- Monitor and analyze key performance indicators and key risk indicators to identify changes or trends in the environment and determine the effectiveness and adequacy of the controls
- Managing IT Audits and facing up to auditors and regulators
- Integrate analytics strategy into existing and evolving reporting capability
Experience For Senior Manager, Information Risk Management Resume
- Evolve IRM processes, including assessments and risks/controls library, to be technology enabled and data driven
- Represent MUFG IRM in external information sharing/industry forums and committees (e.g., FS- ISAC, FSSCC, SIFMA Cyber Security Sub-Committee)
- Participation in industry forums, conferences, and other information sharing venues and events
- Responsible for the creation, coordination, dissemination and management of Information Security Policies
- Responsible for the development, execution and management of a complete Information Security Awareness Program incorporating available content from 21st Century Fox and creating content specific to NGP
- Responsible for ongoing compliance reviews to measure compliance against regulatory requirements, corporate policy and program security requirements
- Develop presentations to inform risk based decisions, outline corporate information security risks and offer risk mitigation recommendations
- Develop and maintain meaningful metrics to support Risk Management Program
- Familiarity with Privacy by Design and Global Privacy considerations (e.g., GDPR)
Experience For Director, Asia Information Risk Management Resume
- Building, maintaining and evolving information risk management policies and standards. This includes: ensuring all policies and standards are kept relevant and in good standing; supporting the alignment of policies and standards to both regulations and controls; and defining supporting policy implementation guidance
- Serve as the IRM Program SME with various stakeholders to include executive leadership, business partners and regulators
- Execute documented process workflows to deliver ISM, S&I, BCP, TRM and general IRM services
- Maintain content within Information Risk Management systems
- Update IRM documentation as required
- Work closely with and take direction from COE Leads in-addition to MBPS IRM Team Lead
Experience For Information Risk Management Lead Resume
- Communicate via email, chat and telephone with globally dispersed coworkers and clients
- Monitor the information risk regulatory landscape and industry best practices and assess applicability to the enterprise
- Facilitate implementation of regulatory requirements and best practices through updates to the IRM framework, policies, and standards and collaboration with key stakeholders and senior management
- Collaborate with the training and awareness team to communicate requirements and best practices across the enterprise
- Oversee regulatory examination responses and remediation progress through collaboration with key stakeholders and senior management
- Define business requirements for the technology enablement of IRM processes
- Influence the appropriate selection of technologies and tools to meet IRM business requirements
- Collaborate with technology teams to ensure appropriate implementation of business requirements
- Act as IRM point person for technology initiatives
Experience For Information Risk Management Summer Intern Resume
- Design, develop and implement a data analytics strategy and model
- Act as GRC point person for all data related initiatives
- Understand MUFG’s information risk practices and reflect them in external forums and committees
- Participate or ensure appropriate MUFG participation in external forums and committees; communicate critical industry issues and initiatives to appropriate MUFG staff
- Maintain relationships with industry peers
Experience For Information Risk Management Manager Resume
- Knowledge of the financial services industry and its regulations/laws
- Manage the IRM process and framework
- Feed into various Risk reports and adhere to regional and global risk process and reports
- Perform Information Risk Assessments for various projects and initiatives
- Keep yourself and the IT and business abreast with the latest IRM and Security incidents, vulnerabilities and trends and plan appropriate defensive and mitigation actions
List of Typical Skills For an Information Risk Management Resume
Skills For Manager, Information Risk Management Resume
- Depending on your skill set and experience, assist in delivering the following IRM COE services
- Demonstrated experience and technical expertise creating baseline security controls across all information security functions in various environments
- Experience creating information security awareness campaigns for various industries using multi-channel delivery mechanisms
- An ability to become a trusted advisor by building strong relationships
- Experience in creating a risk management framework for multi-industry corporations
- Experience in and technical expertise to support drafting technical security policies and guidelines
Skills For Information Risk Management Analyst Resume
- Experience operationalizing PCI requirements within an on premise or AWS enterprise
- Maintain executives calendars, schedule all meetings and conference calls, handle meetings and prioritization issues
- Hands-on experience as an IT Systems, Security or Risk Analyst is an asset
- Proven ability to analyse situations, make decisions
- Demonstrated ability to meet commitments and to work in a complex infrastructure environment
- Multitask and prioritize work assignments in a time sensitive environment with flexibility and adaptability in work approach
Skills For VP, Information Risk Management Resume
- Work on multiple tasks concurrently and reprioritize work independently
- Experience in design, development, analysis of risk relevant metrics in a technology environment
- Relevant experience in Information Risk Management Cyber Security, IT security design, Technology architecture
- Relevant professional Information Security experience
- Managing resource requirements, project workflow, budgets, and preparing and/or coordinating complex written materials
- Participating in an agenda and supporting materials for Information Risk Governance Group (IRGG) meetings on behalf of the First Line IRM Executive
- Building time to travel between meetings/floors
- Being part of the Regional Center of Expertise in Bratislava
Skills For Information Risk Management Expert Resume
- Working in multicultural environments
- Defining information risk management program requirements for integration into the broader risk governance mechanisms
- Being a team member and the ability to work with members in different Chase hubs
- Builds and maintains IRM policies and standards and keeps relevant, including maintaining internal procedures
- Deep expertise with analyzing risk and reporting to operators and executives on the implications and opportunities associated with the risk(s)
- Schedule appointments, detailed meetings, recurring meetings, and other events; book conference rooms/WebEx /dial ins, and other venues (e.g. reservations)
- Maintain “time out of office” (e.g. scheduled vacations, working remotely)
Skills For Director, Information Risk Management Resume
- Attractive working environment of a stable international financial institution
- Works closely with first line units on the definition of action plans for any risk issues identified during the reviews
- Monitors ongoing remediation activities by the front line units
- Information Technology (IT) – concerns managing Information (Technology) Risks within IT Governance, IT Management and IT Security
- Assists with defining information risk scenarios based on industry intelligence and the enterprise internal environment
- Knowledge of three-tiered risk governance structure recommended, including interrelationships and dependencies
- Responsible for NGP PCI Compliance Program to include annual self-assessment and ongoing compliance activities
- Work with internal and external auditors managing information requests, findings, and remediation plans
- Confidently and articulately register dissenting or unpopular opinions with colleagues and senior management
Skills For Senior Manager, Information Risk Management Resume
- Capacity to stay current on emerging technologies
- A superior track record building relationships with executives, business leads and technologists
- Broad understanding of Information Security Programs, common operational challenges and risk mitigation techniques
- Conduct information requests, assessments and system/log monitoring activities
- Assist in driving continuous improvement initiatives across all IRM COE’s
- Work independently on assigned tasks while providing regular progress updates to COE Lead’s
- Print daily/weekly calendars the night before
- Possibility for personal and professional growth
Skills For Director, Asia Information Risk Management Resume
- Able to be a leader across the organization, a valued partner, and subject matter expert on regulatory requirements, remediation, and reporting as well as Information Risk Management industry forums and information sharing groups and events
- Through strong collaboration and Influencing skills, educate the business units representatives on the imperatives of these programs so that it remains a priority within business units where resources are stretched
- Extensive knowledge of risk management policies, methods, standards, processes, governance models, and in-depth knowledge of industry standard risk analysis approaches is required
- Demonstrates an excellent understanding of systems architecture, hardware, operations, system life cycle, and information security along with investigative principles, incident response procedures, computer forensics, information security practices, and effective risk management
- Working knowledge of IRM principles in one or more COE areas is nice to have
- High proficiency using Microsoft Excel, Microsoft Word, and collaboration tools (ie Yammer and Skype)
Skills For Information Risk Management Lead Resume
- Expertise and knowledge of current industry trends and risks in technology, such as cyber threats, and information risk standards to improve controls
- Able to provide expertise and knowledge of current industry trends and risks in technology, such as cyber threats, and information risk standards to improve controls across the firm
- Able to be a leader across the organization, a valued partner, and subject matter expert for information risk management framework related matters / framework services
- Strong focus and attention to detail in both normal and high-pressured situations
- Knowledge of and experience with IT principles, operations and processes important
- Knowledge, preferable but not mandatory
- Knowledge of information risk scenarios and analysis and identification of critical information risk themes
Skills For Information Risk Management Summer Intern Resume
- Able to be a subject matter expert on risk | threat scenarios
- Exposure to financial services or similar complex large corporate environments with the depth and complexity comparable to Manulife Financial
- Five years or more of progressive information risk management experience in one or more disciplines: project/vendor risk assessment, network security, infrastructure/platform security, data/application security, vulnerability/patch management, IT auditing, IT risk and control assessments, and business continuity/disaster recovery planning
- Ten years or more of progressive experience in one or more of the following disciplines: Information Technology/Systems, Information Risk Management, Project Management, Audits, Information Security ideally with some of that time spent in a large, complex organization
- Experience in developing and implementing actionable dashboards and reports to enhance security posture and protect the organization
- Experience in developing and monitoring Information Risk metrics, processes and subsequent initiatives to achieve management targets
- Task management to meeting target dates
- Motivated and able to self-learning quickly
Skills For Information Risk Management Manager Resume
- Knowledge of encryption technologies, including public key cryptography, digital certificates, signatures and Key Management
- Goal & result oriented
- Move fast to adapt the new technologies
- Thought leader and work independently
- Languages: Proficient in English, spoken and written
- Security Certifications: CISM, CISSP and/or CISA
- Translate regulatory requirements into practical considerations and solutions for GRC processes, risk management, and control management
- Familiarity with three lines of defense within a financial institution is required
List of Typical Responsibilities For an Information Risk Management Resume
Responsibilities For Manager, Information Risk Management Resume
- Lead information security, technology risk and business continuity program activities, including implementing controls and facilitating information and vendor risk assessments
- Provide information security, system recovery and regulatory compliance consulting services to business and IT partners to mitigate their risks to an acceptable level
- Lead / support technical project risk assessments from an information risk management perspective, including risk identification based on information criticality through to control implementation and the management of risk acceptance by business areas
- Support operational information risk activities including providing local oversight of security processes for incident/crisis management, access management, vulnerability and patch management, as well as operational processes for business continuity and disaster recovery
- Coordinate IT audits conducted by Audit Services, regulators, clients and third-party auditors. Help in drafting responses and remediation plans. Ensure evidence is collected and shared in a timely fashion and all outstanding issues are closed as committed. Manage third-party IT audit engagements as required
Responsibilities For Information Risk Management Analyst Resume
- Lead project risk assessments from a technical security and information risk management perspective (includes risk identification based on information criticality through to control implementation and management of risk acceptance by business areas)
- Be part of an active team who remains current on emerging risks and technologies, key developments and strategies for the businesses we support. Keep abreast of new thoughts, tools and approaches within the IRM discipline. Stay informed on emerging technologies, key business drivers, evolving threats and opportunities from both the business and IRM
- Collaborate with other IRM professionals including the Director of Information Security Management, the Director of Technology Risk Management, the Director of Business Continuity Management, the Divisional Information Risk Officer and other IRM professionals across Manulife globally
- Excellent organizational and interpersonal skills as well as problem solving, negotiation, and follow-up skills, communication, writing, and judgment
- Strong attention to detail, solid organization and time management skills and multi-tasking abilities
Responsibilities For VP, Information Risk Management Resume
- Coordinating for Incident Response, pulling in and working with appropriate support groups (Legal, IT Security, and HR) as needed
- Participating in daily security briefing calls
- Booking conference rooms/Video Conferencing
- Working closely with process owners and control officers, review and analyze metrics for trending, patterns and breaches
- Collaborating with IT Security teams to develop actionable metrics as a result of the Threat & Vulnerability Management program
- Providing guidance and governance to Information Technology (IT) teams to drive a risk aware culture
Responsibilities For Information Risk Management Expert Resume
- Lead information security, technology risk activities, including implementing controls and facilitating information and vendor risk assessments
- Annual review of risk appetite metrics focusing on adding new risk appetite metrics
- Partner with business units to assist in identifying and developing new metrics
- Contribute to developing proactive and predictive cyber risk reporting and analytics
- Assist staff in requesting for additional user access or software
- Enthusiastic team player who is willing to help out and who works well with colleagues
- Keep up to date with office procedures, training and policy guidelines and compliance requirements
- Technical Infrastructure and vendor assessments
- Perform Quarterly access review
Responsibilities For Director, Information Risk Management Resume
- Lead / support technical project risk assessments from an information risk management and technical security perspective, including risk identification based on information criticality through to control implementation and the management of risk acceptance by business areas
- Collaborate with other IRM professionals including the Director of Information Security Management, the Director of Technology Risk Management, the Director of Business Continuity Management, Divisional Information Risk Officer and other IRM professionals across Manulife globally
- Participating in regulatory assessments & audits (FFIEC, GLBA, SOX, HIPAA, PCI)
- Lead divisional information security, technology risk and business continuity program activities in Asia including implementing controls and facilitating information and vendor risk assessments
- Provide information security, system recovery and regulatory compliance consulting services to business and IT partners to mitigate risks to an acceptable level
- Support project risk assessments from an information risk management perspective, including risk identification based on information criticality through to control implementation and the management of risk acceptance by business areas
- Support operational information risk activities including providing oversight of ongoing divisional security processes for incident/crisis management, access management, vulnerability and patch management, as well as operational processes for business continuity and disaster recovery
Responsibilities For Senior Manager, Information Risk Management Resume
- Coordinate IT audits conducted by Audit Services, regulators, clients and third party auditors. Help in drafting responses and remediation plans. Ensure evidence is collected and shared in a timely fashion and all outstanding issues are closed as committed. Manage third-party IT audit engagements as required
- Able to be proactive; call/email, check-in. Consider what else can be done and prioritize responsibilities
- Hands-on experience with Microsoft Office Suite ( Outlook, Word, Excel, and PowerPoint)
- Experience with conference room audio/visual set up
- Work with business units and technical teams to implement information risk management processes and supporting procedures
- Assist and actively participate in the team’s plans to achieve our goals, including those that originate from Global IRM (our oversight team) and the business. Participate in frameworks used to measure and report on progress made towards the achievement of those goals
Responsibilities For Director, Asia Information Risk Management Resume
- Updating process documentation as necessary
- Defines the requirements for technology solutions for dashboard automation
- Reviews and challenges information risk metrics and reports produced by the front line units
- Support the design, development and review of metrics
- Able to work in a fast-paced environment and handle multiple requests concurrently
- Other applications helpful include Concur, internet and research tools
Responsibilities For Information Risk Management Lead Resume
- Familiarity with office equipment (e.g. multi-functional devices and audio-visual conference tools)
- Proficient in Microsoft Office applications, especially Outlook for email and calendar
- Collaborating with the second line of defense and coordinating with FLUs to establish the necessary incident management and response teams in the first line of defense
- Assisting the Central ISA Business Unit Risk Officer in assessing and validating all non-compliance with policies, standards, laws and regulatory guidance across FLUs and communicating material instances of non-compliance to the second line of defense
- Effective communication skills and able to build relationships with technical and non-technical
- Execute Second Line Monitoring within Key Control Testing and Quality Assurance activities related to IT assets
Responsibilities For Information Risk Management Summer Intern Resume
- Provide advice and challenge as a IRM advisor towards internal business partners related to information security
- Contribute to execution of Business Impact Assessments, Risk Assessments and projects
- Broad knowledge of information security principles (e.g. access control, data protection, security architecture, infrastructure/application security design principles, policies) and privacy (i.e. GDPR)
- Holds one or more security certificates (CISSP, CRISC, CISA, CSA, CEH, CISM)
- Navigate company’s resources
- IT education oriented on security
Responsibilities For Information Risk Management Manager Resume
- Knowledge of IT and IT Security related methodologies and frameworks (COBIT, ISO2700x, etc.)
- International certifications for Information (Technology) Risk Management (e.g. ISC2, ISACA accreditations) are considered as advantage
- GRC Enablement: Dashboard
- Network Security reviews
- Organize IRM Events
- Seven years or more of progressive information risk management experience in one or more disciplines: project/vendor risk assessment, network security, infrastructure/platform security, data/application security, vulnerability/patch management, Access control reviews, IT auditing, IT risk and control assessments, and business continuity/disaster recovery planning