Sample Template Example of Beautiful Excellent Professional Curriculum Vitae / Resume / CV Format with Career Objective, Job Description, Skills & Work Experience for Freshers & Experienced in Word / Doc / Pdf Free Download
Download Resume Format
JOY BAKER
309 91st Avenue SE
Mercer Island, WA 98001
Mobile: (425)829-9876
Email: joy@live.com
SUMMARY
Information
Security and Risk Management professional with over ten years of experience
managing enterprise security at Microsoft, including two years as a consultant
and eight as a Microsoft employee.
Experience includes managing people and programs that reduce or optimize risk in the Microsoft corporate environment, and protect the company's digital assets.
Responsibilities encompass managing a wide range of governance, risk and compliance (GRC) programs, driving high-priority audit and regulatory issues to resolution, and ensuring line of business application and infrastructure compliance with information security policies.
Experience includes managing people and programs that reduce or optimize risk in the Microsoft corporate environment, and protect the company's digital assets.
Responsibilities encompass managing a wide range of governance, risk and compliance (GRC) programs, driving high-priority audit and regulatory issues to resolution, and ensuring line of business application and infrastructure compliance with information security policies.
Skills
and Specialties
Capabilities
include strong leadership skills, excellent oral and written communications,
effective relationships with customers and all levels of management, as well as
solid program and project management.
Certifications
Certified Information Systems Security
Professional (CISSP)
Certified in Risk and Information Systems
Controls (CRISC)
PROFESSIONAL EXPERIENCE
MSIT
Information Security & Risk Management (ISRM)
Governance,
Risk and Compliance (GRC) Team
Microsoft
IT, Redmond, WA
June
2003 - Present
Key member of the
Microsoft IT Information Security and Risk Management organization for over eight
years.Performing a variety of roles, with increasing levels of responsibility
and scope, as a manager of people and as an individual contributor:
Senior Information Security Manager
September
2010- Present
Responsibilities
include:
· Lead the risk
management team in creation of new risk treatment processes based on the ISO
27001 and 30010 frameworks, including processes for creation of risk treatment
plans, risk acknowledgement, and policy exceptions
· Collaborate across GRC
and ISRM teams, together with outside consultants, to specify requirements,
design and deploy the RSA Archer GRC platform for management of risk treatment,
risk acknowledgement, and compliance with information security policy
· Support the creation
and adoption of a streamlined risk assessment process (SRA) to provide
quick-turnaround, high- volume high-level risk rating as first step in the
management, mitigation, remediation or acceptance of risk
Senior Information Security Manager
April
2008- September 2010
Reports to the Senior Director, Information
Security Compliance and Operations.Managed teams of principal program managers
and engineers. The teams delivered programs that significantly reduced
information security risk at Microsoft and ensure compliance with corporate
policies and regulatory requirements.
Programs
included:
·Deployment of
BitLocker Drive Encryption across the Microsoft managed environment to
significantly reduce potential impact of lost and stolen devices
·Development of the
Information Security Mobile Security Strategy for smartphones and other emerging
form factors as consumer technologies become more prevalent in corporate
environments
·Elimination of
third-party remote access technologies in the Microsoft environment to reduce
risk of data loss and ensure remote access only through approved technologies
·Deployment of enhanced
security policy settings, including Extended Protection and GPO for screen
saver lockout
Senior Information Security Program Manager
June
2003- April 2008
Senior Security Program Manager in the
Microsoft IT Information Security organization delivering solutions across a
variety of complex and high-priority information security subject areas.
Significant accomplishments included:
Microsoft Managed
Services/ Business Online Services- served as the MSIT Information Security
representative and consultant during formation of new business
Audit Issue Resolution
Drove resolution of
internal audit issues involving information security, reduced number of past
due issues by 90%
Projects Managed vendor and
v-teams teams in delivering theOneList remediation tracking and prioritization
tool, Business Group Security Scorecard, and security exceptions management processes
analysis.
Hosting and Solution
Delivery Services Led cross-organizational v-team in setting security
requirements, and security assessment of third-party hosting and delivery
facilities in the United Kingdom, Germany and Poland to ensure compliance with
Microsoft security policies.
Customer Engagement Conducted onsite
workshops with senior management and staff at several customer locations to
share Microsoft best practices for securing the enterprise. Delivered “How we
do security at Microsoft” talks at regional customer gatherings, at the
Executive Briefing Center, and TechNet with consistently high review scores.
Thought Leadership Worked across
functional groups in Information Security and across IT to further adaption of
information security best practices, particularly with regard to regulatory
compliance, and industry frameworks and standards such as ISO 17799 and 27001.
Information
Security
Microsoft
IT, Redmond, WA
Information Security
Consultant (Contract)
May
2001- June 2003
Responsible for technical architecture,
business analysis, systems analysis and development of several internal
applications for the Microsoft Monitoring and Compliance Team to monitor client
health and remediate vulnerabilities in the corporate environment. These
applications identify computers vulnerable to critical security breaches, hacks
and viruses, and perform various remediation actions to reduce vulnerabilities
on the corporate network.
Project management and operational
responsibilities included:
·Delivery
of project requirements documents, detailed design documents, functional
specifications and test plans
·Identification
and resolution of blocking issues across analysis, development, test and deployment
teams
·Delivery
of projects on time, on or under budget, and meeting or exceeding customer
expectations
Development responsibilities included:
·Creation
of .NET applications for data management and vulnerability notification
systems, using Web Services, XML, ADO.NET and Visual Basic.NET
·Data
Modeling, Database Analysis
·Design
and development of Transact-SQL queries, stored procedures and triggers to
support vulnerability scanning and remediation applications
VerticalNet Solutions
Professional
Services
San
Francisco, CA
Senior Project Manager
April
2000- May 2001
Responsible for all project management tasks
for several business-to-business Internet ecommerce web sites. Specific duties
encompassed management of the complete project life cycle, from requirements
analysis, technical architecture, and software development to systems
integration, testing and deployment. These sites conduct various forms of
e-commerce transactions ranging from auctions to structured negotiations in the
in the commodities, legal and finance industries.
Responsibilities included:
·Overall
responsibility for profitability of each project
·Leading,
motivating, and managing multiple project teams.
·Planning,
executing, tracking and delivering multiple software projects on time and
budget
·Ensuring
that business requirements are clearly defined, and that all project
documentation, including functional specifications, is complete, accurate, and
current.
·Working
with technical architects to define appropriate application solutions and
technologies
·Facilitating
all project meetings, preparing project reports, maintaining the project
schedule, tracking risks, and managing all other aspects of the project
·Managing
client relationship and client communications
Information Technology Group, Redmond, WA
Senior Systems Analyst
April 1999 to April 2000
Responsible for program management and
analysis for the Microsoft Worldwide Events system on Microsoft.com.
Responsibilities included the following:
·Manage
analysis team and production of all analysis deliverables, including business
requirements, functional specifications, topology and system architecture
documents
·Drive
all project meetings, including steering committee meetings and daily project
status meetings, manage the project schedule
·Facilitate
discussion, research, and resolution of issues across all functional teams
·Maintain
issues and action logs, communicate relevant discussions and decisions to all
project team members
·Provide
direction and guidance to analysis team members
Project Management-
Contract Engagements
Southern California
July 1995 to April
1999
Project Manager for a variety of enterprise
software development projects for a number of diverse clients, including Deloitte, Sempra Energy Corporation,PacifiCare, Fluor Corporation,
and The Walt Disney Company,Projects varied in complexity and timeline, and
included traditional project management activities and functions such as
project vision and scope, business requirements, functional specifications,
scheduling and resourcing, budgets and evangelization.
Baker, McNamara and
Associates
Los Angeles, CA
Managing Partner and
Principal Consultant
1980 to 1995
Software sales and consulting firm Baker,
McNamara and Associates is an Authorized Dealer for Timberline Software Corp.,
a leading developer of accounting and estimating software for the construction
and architect/engineer industries. The firm provided sales, installation,
training, consulting and continuing support to clients throughout the western
United States.
EDUCATION
Bachelor of Science,
Accounting
|
San Jose State
University, San Jose, CA
|
Continuing Education
|
University of
California, San Diego
|
Download Resume Format
.JPG)
0 comments:
Post a Comment