Sharp and dedicated Information Security Specialist eager to contribute solid industry experience,  considerable management proficiency, and extensive project leadership talents toward supporting a dynamic organization in maximizing security and risk management.

 

 

         Reliably manage high-level security administration and analysis of existing technical and business processes across multiple platforms.

         Adept at formulating policies, programs, procedures, and plans to safeguard sensitive information.  

         Proficiency in identifying, mitigating, and swiftly resolving crucial security flaws within applications, infrastructures, and third-party hosted sites.

         Advanced knowledge of forensic best practices to support thorough digital forensic investigations.

         Significant experience in systems architecture, installation, implementation, integration, security, and administration.    

         Equally talented in hands-on and supervisory roles; excel in managing, mentoring and motivating teams to complete projects within defined budgets and rigid schedules.

 

 

Blue Cross / Blue Shield C Eagan, MN , 2005 to Present

Manager, Threat and Vulnerability Management

         Spearhead security threat and vulnerability management via technologies such as PIX, McAfee Antivirus, PointSec, Snort/Sourcefire Intrusion Prevention, Arcsight Tivoli Security Compliance Manager, and Vontu.

         Analyze, assess and precisely determine vulnerability, coordinate disaster recovery processes, and diligently steer compliance with Sarbanes Oxley and HIPAA criteria.

         Formulate and enforce policies and standards relating to PIX firewalls, McAfee, Novell, Windows, AIX, Linux, and Cisco devices.

         Strategically implement Data Leakage Protection at network, file systems and database layers to facilitate compliance with customer and regulatory requirements.

         Expeditiously built a hardy incident management framework, established metrics, trained staff, and developed governance process to ensure success.

         Merged disparate processes into common delivery framework and implemented new technologies which fortified company s bottom line.

         Headed multiple large-scale vulnerability assessment projects on internally-developed, externally-developed, and third-party hosted solutions.

         Directed development of a robust security incident response methodology.

         Devised and implemented monitoring tools to sift through 4+ million security events per day.

         Cost-effectively defined and administered Threat and Vulnerability team budget.

 

Continued

 

 

 

Yyyyyy x. yyyyyy ~ Page 2 of 2

 

Professional Experience continued

 

St. Paul Travelers C St. Paul, MN, 2001 to 2005

Lead Corporate Network Security Specialist

         Administered full-scope IT security operations for several insurance companies encompassing 12,000 clients and 1,000 servers across multiple platforms. 

         Applied sharp analytical abilities toward conducting annual risk assessments of Internet and internal infrastructures vital to uncovering and rectifying security weaknesses.

         Resourcefully designed, implemented and supported security solutions for subsidiaries in Mexico, California and Minnesota.

         Directed, mentored and supervised IT personnel in efficiently mitigating risks to systems.

         Leveraged exemplary critical thinking abilities to refine digital forensic process requiring close collaboration with corporate security, legal services and human resources staff. 

         Established and introduced best practices to preserve data integrity and protect individual privacy.

         Researched, evaluated and acquired digital forensic equipment, tools and laboratory assets, dependably adhering to budget parameters.

         Created and deployed security hardening standards across enterprise to cover 90% of server and application fleet, and devised eight hardening standards for operating systems and middleware.

         Drew upon seasoned leadership expertise to manage, motivate, coach and support team of five in delivering 99.9% uptime across 10 firewalls.   

         Championed DNS server update for systems worldwide and exercised keen technical acumen to design, implement and manage ISA server solution. 

 

NxNetworks C St. Paul, MN, 1999 to 2001

Senior Network Engineer

• Orchestrated efforts to avert theft and disclosure of intellectual property for engineering provider of software, hardware, encrypted and standard VoIP devices, routers, switches and other products.
• Carefully safeguarded software code and hardware engineering documents while monitoring network and development infrastructure for intrusion prevention.
• Bolstered performance and security of remote access infrastructure through DMZ segmentation and geographically independent RADIUS.
• Configured routers, packet filter firewalls and IPSec tunnels while leveraging mesh design to strengthen security and availability of highly-sensitive network services.

 

Prior Background:

 

NT Administrator / Technical Leader, Viracon C Owatonna, MN

NT Administrator / Help Desk Lead, Luther Seminary C St. Paul, MN

 

 

B.A. in Philosophy, University of Minnesota C St. Paul, MN

 

Technical Training & Certifications:

 

• Certified SANS GIAC Systems and Network Auditor (Silver Level)

         Certified SANS GIAC Forensics Analyst

• Certified Information System Security Professional (CISSP)
• Cisco Certified Network Associate (CCNA)
• Microsoft Certified Systems Engineer (MCSE)

 

 

 

 

 

 

 

 

Date

 

 

 

Hiring Agent Name

Company

Address

City/State/Zip

 

Dear ______________:

 

Are you seeking a results-focused, solutions-oriented Information Security Specialist to support your company in maximizing performance?  I am currently exploring new opportunities, and am interested in joining your team.  To acquaint you with my qualifications, I m submitting my resume for your review.  In advance, thank you for your time and consideration.

 

In addition to CISSP, GCFA and GSNA credentials, I offer almost a decade of experience in IT and IS security, and excel in project management, network design and development, team leadership, and conducting digital forensic investigations. I also possess outstanding prioritization, communication, troubleshooting, analytical and interpersonal skills.

 

As an integral member of your company, I will consistently exhibit dedication to playing a large role in achieving and surpassing goals.  I am eager to meet with you to discuss how my qualifications support your current and prospective needs, and welcome the opportunity to interview at your earliest convenience.

 

Professional regards,

 

 

 

Yyyyyy x. yyyyyy