Advanced Senior It Specialist, It Critical Infrastructure Resume
0/5 (Submit Your Rating)
SUMMARY:
- Senior Management skills and competencies: Relationship management, staff development, budget management, vision, communication skills, strategic management, leadership, risk management, process management, and political skills.
- Cybersecurity strategy, policies and procedures, information security, vulnerability management, testing, risk and threat modeling, engineering, pen testing and forensics, ability to understand how a business functions and to balance security needs with organizational goals, and a commitment to continuous development and continuing, to stay on top of IT and Cybersecurity trends.
- Compliance Professional: Spent 10 years performing IT and business audits and developing and implementing Governance, Risk, Compliance and Cybersecurity frameworks.
PROFESSIONAL EXPERIENCE:
Confidential
Advanced Senior IT Specialist, IT Critical Infrastructure
Responsibilities:
- Project Lead for the Industrial Controls System Reliability and Security Assurance project across all Confidential business Units - Refinery, Pipeline, Terminals and Marine.
- Facilitating the development and implementation of the NIST r4, 39 & 62, API1164 and ISA99 standards and policies for the Refinery, Terminals, Marine and Pipeline systems identified in the Purdue Model 1 to 0 (Basic Process Control, Field Instrumentation, and Safety Information Systems (SIS)).
- Facilitated the development of a new Confidential Operational Cybersecurity Risk Model. It is based upon NIST CSF 1.0 and enterprise Risk Calibration standard.
- Facilitating and implementing the NIST r4 and, Cybersecurity Framework 1.0, Department of Energy’s Maturity Model publications into the enterprises business units.
- Facilitating the building of a Cybersecurity Framework which includes identifying critical assets, risks, vulnerabilities, gaps and designing a defense in depth security model.
- Project lead for facilitating and implementing the development of a Confidential Cybersecurity Governance, Risk and Compliance Framework.
- Project lead for facilitating and implementing the development of a Confidential Vulnerability Management Framework based upon NIST & 39. Which includes:
- Situational Awareness Report
- Building a testing network and a vulnerability identification system and process.
- Project Lead for developing and implementing a Confidential Enterprise Computer Security Incident Response Team (CSIRT).
- Project Lead for assessing Confidential ’s Enterprise Cybersecurity Risk.
Confidential
Advance Senior Information Technology Auditor
Responsibilities:
- Audits Performed: Various Marathon Pipeline (MPL) SCADA, Refining DCS Infrastructure, Terminal Transportation & Railroad Light Products, Security Operations Center, PCI, SOX, Change Management and IT Applications.
- Represented Internal Audit in the role as consultant for the following company-wide projects - Cyber Security Initiatives, Whitelisting/Firewall rollout to refineries, SCADA security design and implementation, and review of the Refining and SCADA Policies, Procedures and Standards.
- Completed various audits based upon Industry standards and frameworks - PCI, NIST, SANS 20 Critical Controls, NIST Cybersecurity Framework 1.0, COBIT 5.0, API 1164, ISA-62443-3-2, NERC CIP v 3 & 6 Standards.
- Facilitated and implemented the development of the Cybersecurity Audit program.
Confidential
Security and Controls Coordinator
Responsibilities:
- Managed the overall direction of all security functions associated with business systems and practices, Standards, Policies and Procedures, applications, security awareness and computing services within the enterprise.
- Setup and managed a Governance, Risk and Compliance Framework.
- Conducted the information security and cyber-security risk assessment program and reviewed compliance with the information security policy and associated procedures.
- Developed a security roadmap with clearly defined milestones and objectives to mature YPC’s operations and reduce risk and exposure based on an established security framework.
Confidential
Senior IT Audit Manager
Responsibilities:
- Used comprehensive knowledge of Sarbanes-Oxley (SOX), GLBA, Payment Card Industry (PCIDSS), FERC/NERC, IFRS, XBRL, GAAP, PCAOB Standards, SEC regulations, COSO/COBIT, NIST 800 Series/Standards, and ISO27001/02 to complete audits.
- Coordinated partnerships with Senior Managers and Directors to meet the enterprises common goals.
- Completed Specialized Technology Compliance/Auditing Initiatives: Process Control Networks (PCN), Offshore Platforms (Ekofisk-North Sea), Programmable Logical Controllers (PLC), Distributed Control System (DCS), and Supervisory Control and Data Acquisition (SCADA).
Confidential
IT Auditor
Responsibilities:
- Created and Implemented an IT Audit department.
- Completed various audit based upon Industry standards and frameworks - Sarbanes-Oxley (SOX), Health Insurance Portability and Accountability Act (HIPAA), COSO and COBIT.
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
