Sample Template Example of Beautiful Excellent Professional Curriculum Vitae / Resume / CV Format with Career Objective, Job Description, Skills & Work Experience for Freshers & Experienced in Word / Doc / Pdf Free Download
Download Resume Format
RUBY
CISSP
309 Calabria Place, Longmont, CO 80001
Ruby@msn.com (720)
684-1230
OBJECTIVE:
To help clients
implement and maintain outstanding information security for computers,
networks, and communication systems. This includes performing thorough security
assessments to determine threats, vulnerabilities and risks, and then applying
appropriate cost-effective safeguards and countermeasures to minimize risks.
GENERAL EXPERIENCE:
More than ten years experience
managing, testing, and evaluating computer systems and networks for the Department
of Defense (DoD), the Department of the Interior (DOI), and commercial
companies.
Thorough understanding of the “big
picture” of computer and network security, including Physical Security, Environmental
Security, Personnel Security, Procedural (or Administrative) Security, Information
Security (INFOSEC), Communications Security (COMSEC), Transmission Security (TRANSEC),
Operations Security (OPSEC), Logical (or Technical) Security, Hardware and Software
Security, Electronic Perimeter Security (firewalls, etc.), Intrusion Detection Systems
(IDS), Security Awareness Training and Education, Business Continuity and Disaster
Preparedness, Internal and External Audits, and Incident Response.
SPECIAL EXPERIENCE: ACTIVE DoD TOP SECRET CLEARANCE/SCI (July 2008)
More than ten years of special
experience performing information protection functions including:
·
Risk
assessment, risk management, and risk control (evaluating threats,
vulnerabilities, risks, countermeasures, and residual risks).
·
Documentation,
including policies, standards, and procedures. Can create, coordinate,
implement, maintain, train, and enforce compliance with security requirements.
·
Security
architectures, including experience with mainframes, midrange systems, personal
computers, perimeter security devices (such as firewalls), intrusion detection
systems (IDS), and many other hardware and software devices used to implement a
high level of security.
·
Project
management, following rigorous methods to ensure all program and project phases
are completed on schedule and within resource (personnel and budget)
limitations.
·
Security
awareness training and education, including creating and presenting interesting
courses to a wide variety of audiences. Can write informative articles and
produce posters, brochures, and other training materials.
·
Certification
and Accreditation (C&A) using the DoD Information Assurance Certification
and Accreditation Process (DIACAP), National Institute of Standards and
Technology (NIST) Special Publications, and other Federal guidelines.
CAREER HIGHLIGHTS:
2007-Present, Northrop Grumman
As a member of the System Security Engineering team, responsible to
implement and maintain information assurance for the Space Based Infrared
System (SBIRS) and some interfaces to external systems. Responsible for the
technical baseline which includes creating, applying, and maintaining program
security requirements and the security architecture, as well as C&A
activities and documentation according to DIACAP. Responsible to perform or
analyze security assessments to determine threats, vulnerabilities,
countermeasures, risks, and residual risks associated with the program. Responsible
to track the satisfactory reconciliation of items included in the Plan of Action
and Milestones (POA&M). Responsible to identify or apply cost-effective
safeguards and countermeasures to mitigate or reduce risks to levels acceptable
to the Designated Approving Authority (DAA).
2003-2007, U.S. Department of the Interior (DOI).
Performed computer and network security functions for the Bureau of
Land Management (BLM). Specifically, helped ensure appropriate, cost-effective
levels of hardware, software, and communications security for the BLM
Information Technology (IT) network encompassing 11 western states and offices
in Virginia and Washington, DC.
Performed certification and
accreditation for the Bureau of Reclamation (BOR). Area of responsibility
included computers, networks, and communication systems in 17 western states. Followed
Federal A-130 guidelines to identify and document relevant security
requirements; to perform technical vulnerability and risk assessments; to prepare
System Security Plans; to plan, conduct, and report the results of security
tests and evaluations; and to recommend appropriate countermeasures to reduce
risks to levels acceptable to the DAA. Created, maintained, reviewed, and
updated information security policies, directives, standards, and procedures
for the Government. Helped ensure compliance with the Federal Information
Security Management Act (FISMA).
1999 - 2002, USAA.
As USAA’s
Lead Security Analyst, kept abreast of current and projected information
security threats, vulnerabilities, risks, and countermeasures. Helped find
cost-effective ways to mitigate cyberthreats and vulnerabilities, balancing the
desire for high security against business needs and budgets. The world-wide USAA
network included mainframes, hundreds of UNIX boxes (both Solaris and AIX),
more than 24,000 PCs (NT and Windows 2000), a variety of firewalls, and an
intrusion detection system (IDS).
Project
manager or business manager for multiple key projects directly related to
achieving and maintaining a high level of information security. Helped the
company transition from Capability Maturity Model (CMM) Level 1 to Level 2.
Prepared and
presented numerous briefings to upper management identifying current and
projected trends, including options and recommendations for future actions.
Produced,
coordinated, updated, and maintained information security documentation
(policies, architectures, standards, procedures, guidelines, checklists,
briefings, etc.) relating to computer and network security. Followed ISO 17799
to produce security documents. Ensured compliance with federal regulations such
as the Gramm-Leach-Bliley (GLB) Act and the Health Insurance Portability and
Accountability Act (HIPAA). Worked closely with Internal Audit, the unit
responsible to check compliance with these documents. Reviewed and provided
comments on documents originated by other offices and agencies.
Produced and
presented a variety of courses and other training materials (articles, posters,
brochures, etc.) to help people understand the importance of and methods for
ensuring a high level of information security.
Helped write
business continuity and disaster recovery plans and procedures, and was a
member of the incident response team.
Performed
site visits to external business partners and other companies doing business
with or for USAA. Developed a checklist to assess their ability to protect
confidential information. Maintained the results of these external audits in a
database representing several hundred companies.
STRENGTHS:
·
Dependable
and innovative with good leadership ability. Readily adaptable to new
situations and requirements, motivated to succeed in all circumstances.
·
Excellent
writer and speaker. Skilled communicator, experienced at conducting meetings
and giving presentations. Expert in Word and PowerPoint, good in Excel, capable
in Publisher and Access.
·
Astute
planner and decision maker, especially gifted in organizational skills. Consistently
exercises good judgment in professional tasks and human relations. Manages
resources effectively and well.
·
Background,
experience, and education combined with aggressive, forward-looking approach
will be a definite asset to meeting your needs.
PROFESSIONAL AFFILIATIONS:
·
Certified
Information Systems Security Professional (CISSP) - Since January 1997.
·
Information
Systems Security Association (ISSA) - Board of Directors, 1997-2002.
·
Federal
Information Systems Security Educators Association (FISSEA).
EDUCATION:
·
M.A.,
Webster University, Computer Data Management
·
B.S.,
United States Air Force Academy, Computer Science
Download Resume Format
0 comments:
Post a Comment