Senior Information Technology and Security Sample Resume Format in Word Free Download

Sample Template Example of Beautiful Excellent Professional Curriculum Vitae / Resume / CV Format with Career Objective, Job Description, Skills & Work Experience for Freshers & Experienced in Word / Doc / Pdf Free Download

Maya Oberlaender

309 Birksbridge Court, Spring, TX 77001, USA

Phone:  (+1) 832 717 9876

maya.oberlaender@gmail.com

                                                                                                                                     

SENIOR INFORMATION TECHNOLOGY & SECURITY EXECUTIVE

International player, dynamic, focused, multi-lingual Senior Information Technology and Security professional with successful record in developing and leading corporate security and information security programs for global organizations.  Provide a profit driven, cross-functional strategic and tactical approach to ensuring enterprise security initiatives. Polished communicator exhibiting highest ethical standards, professionalism and attention to strategic vision and detail. Master of Science.

Areas of expertise include: Global Experience, Infrastructure, Applications, Database, Systems Development, Incident Response, Risk Mitigation, Domestic and International Standards, Compliance, Security Operations.

Key Competencies

• C-Level Experience    • Enterprise Security & Risk Management    • Department Leadership

• Strategic Planning & Execution     • Budget & Project Management    • Crisis Management

• Change Management    • Corporate Espionage    • Continuous Improvement    • Audit

Professional Experience

Kabel Deutschland AG, Munich, Germany                                                                              01/2010-12/2011

Europe’s largest cable-net and leading solution provider of high-speed Internet with 3,000+ employees.

CHIEF SECURITY OFFICER

Responsible to secure all company assets including both physical and logical security. Developed vision, prioritized risks, designed solutions to mitigate security issues. Designed and built corporate programs and managed the corporate security department including employees, budget, policy, hiring/firing, build-or-buy etc.

• Strategy management and planning for long term and cross-functional units incl. ISMS governance.
• Delivered outstanding executive leadership and brought the company from 0 to 3 (CMMI) maturity level.
• Organizational development – successfully built a functioning & productive security department from scratch consisting out of 13 employees.
• Developed additional Security Operations team consisting of 25 resources.
• Setup the security assessment, planning and process approach for the enterprise. 
• Delivered strategy, created teams, built trust, assessed & audited the biggest corporate technology system (“Delphi”).
• Written and approved policies, designed processes, created and lead the Security boards. Presented to and received approval by CEO, COO and other executives for the security roadmap and policies.
• Partnered with other executives and drove change throughout the organization.
• Executed an enterprise wide awareness program (“security first”) achieving 80+% mindset change and positive attitude.  Mascot, posters, intranet, flyers, cups, quiz, sessions etc.
• Achieved the revision of a top management decision in regards to a standard tool (IE6) and ingrained instead a secure one (IE8) – achieving approximately $6.5 Millions in savings per year.
• Achieved additional savings of more than $250,000 in negotiating better prices and contracts.
• Enforced regulatory (telecoms sector) requirements and delivered on the technical & organizational measures in regards to the data protection act.  Veto-member in ITIL-CAB meetings.
• TKG-Security-Officer responsible for legal intercept, ownership of §109, §110 and §112 – renewed and communicated with BNetzA (regulatory oversight body) the technical security concepts and designs.
• Defined the IT risk management standard based on NIST SP 800-30 and other international sources.
• Introduced new tools such as SIEM (Arcsight, Q1 labs), IBM AppScan, HP Fortify etc. 
• Managed a complete new approach to application development including an application security model, based on industry best practices such as OWASP Top10, SANS Top 25, and self-developed policies.
• Enforced badges, CCTV, physical policies for fire protection, access control, burglary alarm, etc.

FMC TECHNOLOGIES, Inc., Houston, TX                                                                                04/2007-08/2009

One of the world’s leading global providers of technology solutions to the oil and gas industry with 13,000+ employees.

CHIEF INFORMATION SECURITY OFFICER                                                                                                                              

Protected and strategically secured all company information assets. Developed and implemented the corporate awareness and security program. Defined targets, created solutions and successfully prevented competitive information espionage.

• Revised the corporate information security policy resulting in the alignment of security measurements throughout the enterprise with business requirements and identifying and addressing compliance needs - a major milestone towards an ISO 27001 certification.
• Developed and introduced the global risk assessment process for all of IT to standardize processes and minimize corporate risk (incl. PCI-DSS compliance).
• Planned and executed the multi-media awareness campaign which heightened awareness of IT security risks throughout the enterprise and resulted in reducing business risks as demonstrated by a participation of 25% and 71% positive response to a global corporate survey.  Security mascot has won 3 awards.
• Successfully managed global information security crises, including a zero-day virus attack, and performed root cause analysis. Built and formed a diverse global crisis team on the fly.
• Secured the major global engineering system against cyber-attacks and vulnerabilities.
• Founded and led 15 member global IT Security Council.
• Advised senior management regarding (EU) privacy and (US) litigation / discovery processes (EU directive 95/46/EC and FTC), leading to a “safe harbor” agreement.
• Executed information security program planning (Including budget and roadmap) for the next 3 years.
• Incident Response and forensics investigations as appropriate, working with law enforcement agencies.

HEIDELBERG AMERICAS, Inc., Kennesaw, GA, USA                                                              01/2005-12/2006

Heidelberg is the global market leader in the commercial printing industry with 18,000 employees.                  

GLOBAL IT SECURITY MANAGER                                                                                             

Strategically designed and managed the IT Security program; steering internal and external resources. Created awareness, improved reliability (C-I-A) and held responsibility for overall IT Security performance to minimize security breaches/incidents.

• Centralized the security framework following ISO 17799, 27001, 27005, COBIT, and the NIST 800*

SP publications, leading to a clear, concise, and planned security infrastructure to meet Key

Performance Indicators such as a reduction of approximately 75% in security tools, and secured and

improved patch-rate of servers by 95%.

• Streamlined the entire group intranet-security-structure including design, content, and main focus creating a clear, easy-to-navigate structure that reduced time needed to address security issues.
• Evaluated and improved the patching-processes, particularly in the server domain (Microsoft), and introduced metrics to measure success which reduced un-patched servers by more than 95% leading to a more resilient state, resulting in less downtime / business loss.
• Introduced IT infrastructure Library (ITIL) in the department standardizing processes and following common best practices.

SUEDZUCKER CORPORATION, Mannheim, Germany                                                              08/1999-12/2004

Globally operating food group and world market leader sugar provider with 20,000 employees

PROJECT LEADER & SYSTEM PROGRAMMER 

Introduced and managed security as enterprise IT target, created awareness, designed policy and detailed plans of internet infrastructure, built and ran the whole DMZ structure. Secured networks and servers, documented handbook of security, managed certificates, held lectures and trained staff.

• Redesigned, planned, built and ran new internet architecture resulting in a secure, reliable, highly available and load-balanced infrastructure as Project Leader resulting in a state-of-the-art DMZ including 7 zones of security, application level gateways, SOAP (WS-security), completing the transition smoothly.
• Established a complete 4-tier antivirus-software-concept with automatic updating, and reduced the virus-impact about 10,000%.
• Redesigned the system backbone resulting in highly scalable throughput of network bandwidth and network extensions eliminating broadcast storms, outdated architectures and unmanaged nodes.
• Corporate Security Policy development.
• Certificate-Management (Post-Indent-Procedure).

 

EDUCATION & LANGUAGES

Master of Science, University of Heidelberg, Heidelberg, Germany

CISSP, CISM, CRISC, CISA, ACSE, GSNA (all current)

Fluent German and English; limited French and Spanish

MILITARY

Gunner, Tank-grenadier, Hunter- German Military, Wallduern, Germany

PROFESSIONAL MEMBERSHIPS

International Information Systems Security Certification Consortium, Inc., (ISC)²®

InfraGard

Information Systems Audit and Control Association (ISACA)

 Computer Security Institute (CSI)

American Petroleum Institute (API)

TECHNICAL EXPERIENCE

Security	Firewalls (Palo Alto, Checkpoint, Juniper, IP-tables, IP-chains), SAP-router, Cisco ACL’s, Client Firewalls, Intrusion Detection / Prevention Systems (ISS, HIDS/NIDS), Application GW, McAfee, Symantec, Kaspersky, etc. antivirus scanners (all), Patching, SSL, SSH, Smartcards, ROI-calc., Policies, APP-scanners, WebScarab,  ethereal, nmap, MBSA, ISO27000, ISO27001, ISO27002, ISO24762, ISO20000, ITIL, BS17799, ISO, BCP, DR, Compliance, COBIT, GLBA, PCI, HIPAA, SOX. NIST, SP 800-30, SP 800-53, forensics, web proxies, content filtering, Bluecoat, Anti-Malware, DLP, RSA, DRM, Websense, Web Application Firewalls (WAFs), reverse proxies, honeypots/nets. SIEM, SOC, vulnerability mgmt, SAN, SAP (Onapsis), AppScan, Fortify, Q1 radar, Arcsight express, etc.
Op. Systems	UNIX (Sun, AIX, HP, SCO, Linux) Microsoft (W2K/W2K3, NT, 9x, XP), DOS, VMware, CygWin.
Network	TCP/IP full suite, IPSec, CA Unicenter, HP-OpenView, Cisco IOS 12, LAN’s and WAN’s, SAN, Ethernet, Router, Switches, SAP-router, .NET framework, NOVELL, HTTP(S), FTP, SMTP, SNMP, Token Ring, ATM, ISDN, VOIP.
Programming	C/C++, SQL, SQL Windows, PERL, Scripting + various legacy languages like Fortran, Basic, Pascal.
Databases	Oracle, Informix, Progress, Sybase, SQL Server 2000/5/7, MS-Access, ANSI SQL.
Model./ ERP	UML, ErWin Designer, Power-builder, SAP, additional custom-developed tools (Perform).
P/Q Mgmt	MS Project, MS Project-SERVER, trainings, project leader practice, ISO 9001, ITIL, HP Servicedesk.
Other	MS Office, Exchange, L.Notes, Sharepoint, MOSS 07, NetMeeting, FrontPage, GoLive, Apache, IIS, PCI-DSS Compliance, Employee management, SAP, Oracle, ARS remedy.  Excellent people mgmt and time mgmt skills, marketing and negotiating skills. “Thinking outside the box”, Virtual management, influencing other executives, global background, senior management interactions, unquestionable ethics and integrity.

Download Resume Format