Information Security Officer Resume Sample
Work Experience
- Facilitates awareness and trainin
- Manage an aggressive program to promote employees’ awareness and understanding of Information Security Policy, Standards & procedures
- Review Vendor Security Questionnaires and/or Vendor Onsite Security Reviews. Guide the business in development of action plans while reporting and tracking to closure all information security issues resulting from Self-Assessment, Audit, Risk Assessment, Ethical Hacks, Vendor Reviews, etc
- Identify key business contacts to ensure adequate coverage for the business’ security program
- Experience
- Identify and analyze root cause of mobile/web security issues and work to reduce trending in future development
- Possess strong / experienced application development and/or application security background; with solid knowledge of SDLC from design, testing, deployment to post production and the different risk elements associated with each step
- Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for the line of business (LOB)
- Serve as Great Western Bank’s Incident Manager. Enhance and organize the program and activities
- Enhance and coordinate Great Western Bank’s information security and awareness training. This includes new hire orientation as well as ongoing training
- Facilitates awareness and training
- Your experience in an international, multicultural working environment is an advantage
- Your being a great teammate is a good factor
- Earned an appropriate certification such as CISSP, GIAC, CEH, CISM, or similar certification demonstrating security management
- Maintain the regions’ technology risk register and the mitigation process
- Oversee the work of the organization’s information security program including directing the implementation and administration of the company’s information security function. Conduct an annual review of program strategies to identify risks and opportunities, gaps, and reasonable controls to be implemented
- Provides guidance and advocacy regarding the prioritization of LOB investments that impact information security
- Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
- Monitors information security trends internal and external to the bank and keeps LOB leadership informed about information security-related
- Ensures compliance with policies and laws
- Contributes to BMO Financial Group’s overall business results by making recommendations that significantly improve operational efficiency and effectiveness
- Establish leadership relevance for the Global Groups functions and LATAM Sector by ensuring visibility and alignment to the global cyber security program/framework and other BISO's roles within PepsiCo and the information security industry. It's imperative that this role mirror scope and processes that complement the other BISO roles in AMENA, ESSA, and North America
- Develop a framework that includes a support model for Regions within the Sector to ensure comprehensive security operational coverage for the LATAM business and Global Groups functions.
Education
Professional Skills
- Strong overall competencies including analytical skills, effective planning and prioritisation skills
- Excellent problem solving skills, with proven organizational skills
- Strong leadership skills with proven experience working in a senior information security management position
- Above average customer service skills as well as verbal and written communication skills
- Experience giving presentations and superb communication skills
- Strong interpersonal skills: effective listening, patience, composure
- Middle level experience in Excel (pivot tables, reports, basic macro skills)
How to write Information Security Officer Resume
Information Security Officer role is responsible for security, technical, analytical, risk, business, leadership, interpersonal, technology, development, presentation.
To write great resume for information security officer job, your resume must include:
- Your contact information
- Work experience
- Education
- Skill listing
Contact Information For Information Security Officer Resume
The section contact information is important in your information security officer resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:
- First and last name
- Telephone number
Work Experience in Your Information Security Officer Resume
The section work experience is an essential part of your information security officer resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous information security officer responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular information security officer position you're applying to.
The work experience section should be the detailed summary of your latest 3 or 4 positions.
Representative Information Security Officer resume experience can include:
- Act as primary Information Security liaison to Blue Cross Blue Shield Association by participating in CISO workgroups and providing thought leadership. Oversee company’s compliance with Security and Incident Response portions of the Association’s Inter Plan Program Policies and Provisions
- Solid technical acumen and strong consultative skills
- Strong MS Office skills for creating metrics, presentations, and performing data analytics
- Excellent consulting and problem-solving / analytical skills
- Effective team/relationship building and leadership skills across divisional and departmental
- Good communication and presentation skills articulating IT security and privacy technical issues in a clear and actionable manner to non-technical leadership
Education on an Information Security Officer Resume
Make sure to make education a priority on your information security officer resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your information security officer experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.
Additional details to include:
- School you graduated from
- Major/ minor
- Year of graduation
- Location of school
These are the four additional pieces of information you should mention when listing your education on your resume.
Professional Skills in Information Security Officer Resume
When listing skills on your information security officer resume, remember always to be honest about your level of ability. Include the Skills section after experience.
Present the most important skills in your resume, there's a list of typical information security officer skills:
- Strong interpersonal skills and team building skills
- Excellent communication skills and ability to effectively engage from Senior Executives through individual technical staff
- Effective leadership skills with the ability to create empowered teams including knowledge sharing, documentation, timeliness and proactive planning
- Strong collaborative and communication skills Highly dependable team player with ongoing commitment to excellence
- Excellent technical, organizational, planning, documentation and communications skills
- Excellent oral and written communication skills; ability to develop polished communications for the entire bank, senior management and IT staff
List of Typical Experience For an Information Security Officer Resume
Experience For Business Information Security Officer Resume
- Excellent interpersonal skills to negotiate and communicate with others, especially in complex situations; and
- Define secure application configurations leveraging technical knowledge and problem solving skills in accordance with Citi’s secure SDLC process
- People Management skills (influencing/convincing)
- Five+ years of proven project experience leading to successful capability and risk reduction
- Leadership skills at a supervisory level
- Proven hands-on, experience in multiple information security disciplines
- Prior experience in a project management and/or risk and control role would be an advantage (e.g. in BISO, ORM, Audit, Data Privacy)
- General working knowledge of managing a COMSEC account; experience ordering and applying keying material for communication devices (e.g., Taclanes)
Experience For Regional Information Security Officer Resume
- Responsible for developing, maintaining and validating Disaster Prevention / Disaster
- Good understanding of OSI model, with sound knowledge with security issues on operating systems (Windows, Linux), web applications, and databases (desirable)
- Good knowledge on Linux system configuration and management. Working knowledge of Linux scripting (desirable)
- Experience in leading projects leveraging global teams with matrix resources
- Demonstrate continuous improvement throughout the IS program by promptly evaluating and reporting the Corrective Action Plan
- CISSP, CRISC, CISA, and/or CISM (or combination of in good standing) with SANS, other relevant technical/information security certifications (desirable)
- Report on the effectiveness of the organizations security program to the leadership team including the progress of remedial actions
- Work with teams to dentify security gaps prior to PEN testing &
- Relevant working experience in a similar role
Experience For Technical Information Security Officer Resume
- Multi-tasking – can manage several concurrent projects and prioritise demands
- Experience communicating to senior management
- Experience in executing information security risk assessments
- Hands-on experience in Information Security with demonstrable, game-changing accomplishments in the Information Security area
- Experience using the Proactive Risk Identification & Mitigation Engine (PRIME)
Experience For Divisional Information Security Officer Resume
- Experience with PCI controls and compensating controls
- Experience managing people
- Demonstrable understanding and experience of Civil Nuclear Security regulations and standards
- An understanding and some experience of wider security requirements within personnel and physical security is beneficial
- Experience implementing a common Risk Management Framework
- Strong knowledge of key issues regarding IT Security and Information Risk Management (Data Security, Endpoint Security, Record Retention, Data Privacy etc)
- Good understanding of IS policies, standards and procedures
- Good knowledge of AAA (TACACS, RADIUS etc.) and identity and access management (desirable)
Experience For Senior Information Security Officer Resume
- Familiarity Unstructured Data inspection technology. Experience and hands on knowledge with Data Loss Prevention security controls
- Conduct acceptable use audits and security policy and good practice trainings
- Collect and analyze internal/external customer feedback on experience of Security for opportunity for enhancement
- To ensure effective IT policies are in place and embedded aligned to the business strategy
- Manage multi-tasks assignments and efficiently prioritize workload with limited supervision and resilient under pressure
- Demonstrated IT/ Security project management
Experience For Technology Information Security Officer Resume
- Demonstrated conflict resolution abilities
- Demonstrated motivational leadership traits
- Assess effectiveness of endpoint security controls and solutions
- Demonstrable experience with NIST cybersecurity framework , ISO2700X and PCI DSS and other relevant security standards and technologies
- Scheduling, preparing and documenting security governance meetings
- Working technical knowledge of TCP/IP networking concepts and protocols, and working technical knowledge of common network protocols (DNS, HTTP/HTTPS)
- Reporting security risks to management and handling data breaches
- Working knowledge of common internet services/protocols such as DNS, SMTP, SFTP etc (desirable)
Experience For Group Information Security Officer Resume
- Ongoing management of the Information Security Management System
- Looking for all possible (and impossible) risks, threats in a persistent way
- Interpreting results of ethical hacks for mobile applications
- Ensuring Group Policies are understood & implemented across the Business Units
- Improving security awareness across staff
- Keeping abreast of all current InfoSec risks and threats
- Contributing to the information risk assessment
- Supporting the security incident process
- Maintaining ISMS action logs, e.g. the risk log, security incident log and CAPA log etc
Experience For Global Information Security Officer Resume
- Understanding of promotion of security policies
- Ensuring business continuity
- Performing information security reviews and control compliance assessments
- Reviewing business processes and products for policy violation/non-compliance areas
- Performing acquisition due diligence for Information Security risks and control deployment
- Developing and implementing the organization's information security policies, process and plans
- Developing and maintaining the information security team to include internal processes and practices
- Reviewing legislation within an information security nexus and providing subject matter expert feedback
Experience For Senior Director, Information Security Officer Resume
- Leading and managing information security staff and resources
- Identifying and implementing solutions to organizational information security threats and vulnerabilities
- Backfilling the role of Chief Information Risk Officer in his/her absence
- Leading projects related to information security
- Remaining current on information security trends, threats and vulnerabilities
- Collaborating with the Enterprise Security Office to ensure that the ISPO's alignment with their processes, policies and plans
Experience For Junior Information Security Officer Resume
- Develop and implement procedures for detecting, reporting and responding to security incidents
- Ensure security of LPUS business applications, appropriate access control, incident management handling, and logging and monitoring of system activity
- Responsible for providing consistent information security technical assessments, supporting all Global Consumer Banking lines of business and CIOs
- Assist business in managing and preventing future incidents and providing incident coordinator services as needed
- Ensure that organizational personnel including contractors, receive appropriate information security awareness training
List of Typical Skills For an Information Security Officer Resume
Skills For Business Information Security Officer Resume
- Excellent interpersonal skills; a credible communicator and negotiator with stakeholder influencing skills
- Strong analytical thinking and strong decision-making skills
- Risk management experience with proven ability to effectively apply risk principles to challenging business situations
- Prior experience developing and disseminating effective security-related information, training and education
- Demonstrated excellence in writing, speaking, and presentation skills
- Demonstrable skills in delivering projects, work prioritisation and planning
- Strong relationship, team building and facilitation skills
- Good experience validating compliance of security controls
- Excellent communication skills – both written and verbal, including the capacity to communicate complex and technical issues in simple terms
Skills For Regional Information Security Officer Resume
- Strong risk analytics and problem solving skills
- Excellent interpersonal skills to interact with leaders at multiple levels and interactive with teammates
- Strong inter-personal skills with ability to nurture relationships with colleagues across multiple disciplines
- Developing an understanding of the business direction and priorities, opportunities and challenges in order to prioritise security focus
- Experience working with diverse groups with varying priorities and goals and moving these groups toward consensus
- Strong experience in application security, vulnerability testing and development of risk appetite supporting the mobile application ecosystem
- Demonstrated experience and familiarity with engineering and troubleshooting security controls in a large-scale infrastructure
Skills For Technical Information Security Officer Resume
- Manages risk by analyzing the root cause of issues, impact to business, and required corrective actions by leveraging analytical skills
- Prior experience in quantifying and/or qualifying risks as they relate to the enterprise systems
- Proven experience in developing policy position statements and articulating deviations
- Demonstrated experience managing and developing IT Security staff
- Proven high performance in problem solving, collaboration and priority setting
- Demonstrated experience in implementing security controls, conducting Threat and Risk Assessment, gap analysis, and requirements traceability matrix
- Experience validating that our mobile offerings are designed and implemented to the highest security standards
- Working experience, of which at least 5 years’ experience in IS
Skills For Divisional Information Security Officer Resume
- Change management and business process experience is ideal together with a proven track record of driving large-scale change programmes
- Solid experience in translating Information Security requirements into IT Security controls and measures
- Demonstrated experience managing multiple projects and teams within an IT environment
- Strong work ethic, high drive and ability to focus. Strong stamina. Shows optimism and determination when facing challenges
- Prior experience providing support in a higher education environment
- Possess over the top problem solving and negotiation skills
- Effectively coach employees and lead and direct the work of others
- Strong LOB knowledge/experience for the type of business they are aligned to (e.g. CSBB/GBM)
- Demonstrated experience with Enterprise Network devices
Skills For Senior Information Security Officer Resume
- Implementing an effective process for the reporting of security incidents
- Understanding of Regional Business Requirements and EGSO initiatives and effective communication with relevant BU’s
- Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms (cloud, mobile security)
- Partner with NIRT to focus efforts on CAP Threat Modeling, Threat Monitoring and focused Pen Tests and Red Teaming efforts prioritized by critical assets
- Experience in understanding and deploying and operating risk management frameworks
- Experience with risk assessments including heat maps, control gaps, compliance monitoring, testing, risk remediation, and mitigation
- Experience in designing, evaluating and documenting processes
- Experience in building, implementing, and managing enterprise-level information security programs
- Knowledge and experience in managing and supporting security requirements for variety of different systems and applications
Skills For Technology Information Security Officer Resume
- Experience in reporting and/or data parsing systems
- Ten or more years’ experience in developing and implementing QA processes
- Experience managing or leading cyber security teams
- Experience of working and managing outsourced service partners
- Demonstrate knowledge of the latest IT thinking and threat modelling methods together with a creative drive
- Knowledge and skill with business continuity planning, auditing, and risk management
- Experience with data classification, labeling, and protection technologies including the Traffic Light Protocol
- Experience troubleshooting and configuring web servers, databases and information security specific software
- Experience developing and delivering information security programs in compliance with common industry frameworks (ISO, NIST, COBIT, ITIL, etc.)
Skills For Group Information Security Officer Resume
- Skilled in performing risk assessments & classifying information assets
- Experience in understanding business requirements and aligning them with Information Security Policies
- Experience analyzing and evaluating security solutions for business requirements
- Experience working in Financial Services or a Technology Company supporting Financial Services industry
- Solid understanding of vulnerability assessment, threat analysis and reporting
- Good understanding of endpoint security solutions like anti-phishing and anti-malware, multifactor authentication, DLP, etc
- A good understanding of application security, development processes, and testing
Skills For Global Information Security Officer Resume
- System administration experience, including troubleshooting, support,
- Experience leading teams in accomplishing process review and improvement
- Client-focused and service orientated. Proactively engages with stakeholders and maintains effective working relationships
- Strong understanding of cyber security trends and events
- Development experience in one or more of the following: C#, C++, Java, JavaScript, ASP.NET, or PHP
Skills For Senior Director, Information Security Officer Resume
- Good understanding of defensive, corrective and detective controls and requirements
- Previous Analytic and troubleshooting experience is required
- Project Management experience and/or related training or education
- Experience of managing offshore-provided IT service, operations and support
- An understanding and some experience of wider security requirements within personnel and physical security
- Experience working within information security
- A robust knowledge of PCI DSS and ISO27001, with previous experience of PCI Level assessment processes being an advantage
- Strong background in delivering security awareness programmes is crucial
Skills For Junior Information Security Officer Resume
- Experience of working with outsourced service partners
- Strong understanding of cyber security and familiarity with current trends/ developments
- 6 months' experience, 12 semester hours, or a combination of both in one or in any combination of the below areas involving
- Proven ability to write policies and procedures relating to information technology
- Proven ability to exercise independent thinking and judgment
List of Typical Responsibilities For an Information Security Officer Resume
Responsibilities For Business Information Security Officer Resume
- Drive adoption of global security program standards throughout their region Experience, Skills and Qualifications
- Prior experience with Deutsche Bank’s applications e.g. in a Developer or ITAO role or defining business requirements would be beneficial
- Experience with multi-tasking and prioritization
- Build and maintain strong and effective relationships with business users and teams to ensure that service delivery meets their expectations
- Successful experience in retrieving, analyzing, reporting, addressing and/or tracking security intrusions and vulnerabilities
- Experience managing high-performing teams in stressful environments
- Good understanding of technical security controls and secure coding standards
- Based on the self-assessment support the business in analyzing the risk and prioritizing tasks
- Demonstrated knowledge in systems design, development, documentation, testing, implementation and/or maintenance
Responsibilities For Regional Information Security Officer Resume
- A solid understanding of security best practices and international standards such as ISO2700 and PCI DSS
- Security Training and Awareness, Security Governance, and Security Incident Management knowledge & experience
- Demonstrable experience of driving operational implementation of policies and processes across business units
- Experience in handling end to end delivery with full delivery ownership
- Ensure that good consumer outcomes are at the centre of decision making
- Ensure effective communication to all key stakeholders in order to sustain relationships between business and IS
- Determine own work priorities in line with agreed plans to ensure the achievement of the function’s objectives
- Assessing strengths and development needs of team members; providing timely & specific feedback and coaching; promoting career development of staff
- Managing the Virginia Tax staff and other resources that support the agency’s IT security environment. Developing and testing IT security programs
Responsibilities For Technical Information Security Officer Resume
- Working knowledge of developing and testing IT security programs
- Assisting business and support functions in evaluating tools and technology that support the enterprise's security and risk management approach
- Maintaining contacts with product providers and service companies as needed for product updates or troubleshooting
- Updating and maintaining the system security plans for each accredited computer system at specified sites
- Working knowledge of Microsoft OS, Unix, Linux, Oracle and application patching policies, processes, and procedures
- Getting familiar with the latest industry standards and innovative IS technologies
Responsibilities For Divisional Information Security Officer Resume
- Developing information system security plans (SSP), best practices and guidelines
- Executing self-assessments based on ISO27000 to measure the security status
- Working knowledge of Internet and intranet security requirements and vulnerabilities
- Assistance in specifying/running penetration tests and/or helping others to interpret/understand the results of penetration testing
- Provide consulting services on current and upcoming projects covering all levels of network and IT security architecture
- Direct team activities during production problems including those existing with vendors and third party partners
Responsibilities For Senior Information Security Officer Resume
- Assist in implementing endpoint security solutions and controls e.g. Security configuration management solutions, application whitelisting, endpoint monitoring
- Maintain relevant metrics to facilitate reporting and decision making
- Provides general IS consulting services, including interpretation and/or clarification
- Read about and be aware of trends regarding business recovery planning and security in industry
- Complete security-related risk assessments against corporate policies, including cloud computing assessments
- Responsible for developing and maintaining Security and Confidentiality Plan for the Project
Responsibilities For Technology Information Security Officer Resume
- Compile monthly Infosec reports covering areas such as breaches, patching compliance, policy compliance, etc
- Ensure compliance with existing laws and regulations and ensure a secure IT environment
- Partner with the business Operational Risk functions to establish an understanding of the business’ appetite and tolerance for risk
- Opportunity to be an active member of a diverse, fast-growing multinational company, that is socially responsible
- Monitor ‘Run The Bank’ processes are working
- Help Citi’s business units implement and comply with new and existing security policies, standards, and controls
- Increases awareness of all employees about Information Security within the Region and identify specific Country or Business training needs
- Exposure to regional/sector risk management teams and an understanding of the sensitivity of the dynamic relationships cross-sectors and regions
Responsibilities For Group Information Security Officer Resume
- Ensures compliance with GIS IS training requirements and provides appropriate materials and opportunities
- Perform risk assessments of business processes, utilizing the RCSA framework
- Provide 2nd line support to controls and compliance testing
- Improve the overall IT control environment, whilst minimizing the Bank’s exposure to risk
- Provide regular, timely reporting on the information security status across the supported business division
- An understanding of enterprise, network, and cloud based technologies
- An understanding of IT Risk & Control frameworks
- Provides periodic IS risk management reports highlighting key issues and corrective action plans
- Provide advice and guidance for IT security related activities; ensuring users are aware of key issues and able to implement correct procedures and protocols
Responsibilities For Global Information Security Officer Resume
- Possess a firm understanding of the offerings within both Amazon Web Services (AWS) and the Microsoft Azure platforms
- Complete regular security and compliance reporting to both LPUS and LP Corp
- Responsible for overseeing the Annual Risk Assessment and Analysis for the Project
- Prepare and coordinate implementation of university-wide information security training
- Advise on secure application development projects to assist teams ensuring they understand the required approach to security
- Security testing of web and thick client applications
- Provide/facilitate instruction and training for One staff on Infosec topics
- Ownership of application penetration tools (licencing, strategy, etc)
Responsibilities For Senior Director, Information Security Officer Resume
- Present Information Security updates in IT Steering Committee and Business Risk, Compliance & Control Committee (BRCC)
- Oversight of coordination and integration of identity management and security monitoring functions
- Coordinate and develop business continuity and disaster recovery plans and lead testing of plans and other scenario based exercises
- Lead regular testing of high-risk applications and processes
- Lead scenario analysis and testing specific to LOB, Create and manage inventory and control of all repositories that house high risk data (PCI, PII, HIPAA)
Responsibilities For Junior Information Security Officer Resume
- Drive data protection strategy and initiatives through assigned LOB areas Ensure 100% completion of all required security training for assigned LOB
- Lead security-based training that is specific to LOB
- Act as point of contact for providing responses to RFP received by LOB from potential customer
- Ensure compliance with policy and standards for LOB Marketing areas (communications, websites)
- Manage security exceptions to contract language during negotiation
- Advise on deviation control alternatives, such as compensating controls, and assist with standard exception process