Security & Compliance Resume Sample
Work Experience
- Manages the team’s participation in external auditing activities such as those for Service Organization Controls (SOC) in its industry wide review of standards in service organizations
- Manages the team’s participation in internal activities such as the audit of the appropriateness of end user terminations to ascertain the proper and timely removal of end user access privileges within the secured data contained in such applications as the Active Directory by Identity and Access Management (IAM)
- Drive efficiency in security audit techniques and effectiveness in the team’s remit
- Manages the Investigation, identification and documentation of compliance variances and overall review findings by directing the team’s formalized analysis and reporting. Acts as the highest point of escalation of any issues related to Global Vulnerability Management for further review by aligned stakeholders and others in SOS and IT
- Manages staff to the highest level of performance, recommends staff for hiring, aligns responsibilities and objectives to abilities in accordance with the role’s remit
- Provides coaching on performance to achieve success and maintain the team’s effectiveness in day to day adherence to EY’s compliance policy based on a formal approach to the Global Vulnerability Management process
- Facilitate the implementation of the risk assessment and monitoring framework for SOC2 reporting
- Guide staff by reviewing and providing guidance in the development and maintenance of SOC2 scoping documentation including system understanding, process flows, and system infrastructure diagrams
- Adapt in a dynamic work environment, learns quickly, solve problems and make decisions with minimal supervision
- Own responsibility over our Product-related Security Compliance initiatives such as SOC 2, ISO 27001, ISO 27018, PCI (service provider), FedRAMP, and whatever is next to come for Zendesk. This includes performing gap assessments against these frameworks for new products, tools, and technologies as well as planning and executing regular internal audits
- Own responsibility over third-party Security-related vendor assessments to ensure the vendors we use have a level of Security to balance the level of risk they’d introduce into Zendesk environment(s)
- Manage a team of employees and contractors in order to
- Help ensure internal teams are ready for external audits
- Participate in and help to manage the Company’s overall security compliance program by identifying and articulating real risks, as well as, helping design effective controls to mitigate them
- Inspire business partners to do the right thing using diplomacy and tact in all interactions, while finding effective resolutions to problems
- Track and report findings and work with teams to remediate and mitigate risks
- Align and consult with key control owners including IT, Legal, Sales, Engineering, Operations, and fellow Security team members
- Ensure control alignment and validation for systems in scope
- Provide guidance and best practices for remediating and mitigating controls gaps ensuring sufficient remediation plans and tracking to timely resolution
- Inform senior management timely of key program updates, milestones, and barriers for program implementation
- Review and validate system and process narratives
- Support GRC tool implementation and workflows
- Experience with SOC2 reporting engagements, and Security, Availability, Confidentiality, Privacy, and Processing Integrity Trust Service Principles
- Effectively communicate and influence senior leadership across various departments within the organization
- Information technology risk management experience and proven ability to meet deadlines
- Experience leading team members, directing staff priorities and completing reviews to ensure quality work products
Education
Professional Skills
- Advanced oral and written communication skills in the English language to work effectively with all levels of IT personal as well as EY business stakeholders, vendors, customers and others aligned to the role’s remit
- In depth experience and understanding of the IT Infrastructure in general as well as In depth knowledge of network security concepts, best practices, and procedures to recognize the impact of identified variances to the overall operational readiness of IT Services to EY’s businesses
- Effectively prioritizes IT Security work to align with ICG Leadership Team priorities, IT Leadership Team priorities, followed by IT Security Team priorities
- Strong presentation and communication skills along with experience in preparing reports for senior executives
- Demonstrable experience of driving operational implementation of risk reduction initiatives, across business units, using influencing and security skills
- Excellent communication, writing and interpersonal skills with all levels of IT, business, vendors, and customers
- Excellent communication/presentation skills including the ability to translate technical/security issues to business users
How to write Security & Compliance Resume
Security & Compliance role is responsible for organization, english, interpersonal, security, business, reporting, architecture, auditing, gis, technical.
To write great resume for security & compliance job, your resume must include:
- Your contact information
- Work experience
- Education
- Skill listing
Contact Information For Security & Compliance Resume
The section contact information is important in your security & compliance resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:
- First and last name
- Telephone number
Work Experience in Your Security & Compliance Resume
The section work experience is an essential part of your security & compliance resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous security & compliance responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular security & compliance position you're applying to.
The work experience section should be the detailed summary of your latest 3 or 4 positions.
Representative Security & Compliance resume experience can include:
- Plan and perform internal audits to assess control design and effectiveness Perform gap assessments of existing controls/requirements on new environments and tools
- Amazing communication skills, capable of confidently articulating and debating cross functional view points
- Manage a portfolio of existing systems and new projects through effective cross-functional teams and priority setting
- Experience in working with a team and developing strong business relationships under a common goal
- Fluent in English (some French would be advantageous) with exceptional reporting writing and presentation skills
- Exceptional writing skills - able to document and communicate complex logic
Education on a Security & Compliance Resume
Make sure to make education a priority on your security & compliance resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your security & compliance experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.
Additional details to include:
- School you graduated from
- Major/ minor
- Year of graduation
- Location of school
These are the four additional pieces of information you should mention when listing your education on your resume.
Professional Skills in Security & Compliance Resume
When listing skills on your security & compliance resume, remember always to be honest about your level of ability. Include the Skills section after experience.
Present the most important skills in your resume, there's a list of typical security & compliance skills:
- Willing to learn and able to handle ambiguity and operate effectively with little supervision
- Ensuring that current technical documents and evidence are collected, updated, and distributed effectively
- Strong system architecture skills, with the ability to view the overall picture of an application as well as integrations
- Excellent Leadership skills with ability to independently lead virtual teams to deliver results
- Demonstrated communication and project management skills
- Ownership and good organisation skills
List of Typical Experience For a Security & Compliance Resume
Experience For Security Compliance Manager Resume
- Demonstrated ability to efficiently prioritize and organize competing work demands in a fast-paced environment with little oversight
- Superb communication and facilitation skills
- AP Security experience, hands on experience with GRC
- Experience in the IA/Cyber Security field with DOD or DON experience
- High interpersonal skills and ability to interact with all departments in a global organization
- Adequate time-management skills to ensure all responsibilities are met on strict deadlines
- Strong Experience of security assurance and risk management, in complex, multinational, corporate environments
Experience For Security & Compliance Manager Resume
- Experience managing and leading high performing technology teams
- Experience as a manager of technology security with job history demonstrating increasing levels of responsibility
- Experience of working with the principles and controls surrounding ISO 27001, CAS-T and PSN
- Experienced, focused, performance-driven professional to serve as an evangelist while selling the NaviSite product set
- Work with executives to prioritize security initiatives and spending based on appropriate risk management and/or financial methodology
- Experience on performing SAP License Audits
- Seven or more years of broad based IT experience with technical knowledge of network, hardware, storage, operating systems and applications
- Experience in a combination of security, risk management and technology jobs
Experience For Senior Analyst, Security Compliance Resume
- Knowledge and experience with cloud security best practices
- Works with the business SoD mitigating control monitors to ensure effective/accurate monitoring is occurring in a timely manner
- Validates security maintenance processes and procedures are followed as defined with little to no mistakes/omissions
- Significant experience working in Cyber Security audit and compliance
- Proven ability to design and manage a cyber security compliance programme
- Broad professional experience across a wide base of disciplines within corporate governance including
- Hands on experience on Vulnerability scanners (e.g. Qualys , Nessus, Rapid 7..)
- Hands on experience on Antivirus tools (e.g. Symantec, Trend Micro, Sophos..)
Experience For Director, Security & Compliance Resume
- Experience performing IT security A&A
- Hands-on experience with SAP’s GRC 10.0 solutions
- Export/Traffic/Security Compliance experience
- Experience with large enterprise-wide systems design, development, and support
- Experience with IT compliance programs, audits and assessments
- A strong consultative background Security solutions for business problems (Security risk and governance)
- Experience as a technical manager or technology lead
- A very good awareness of IT architecture, design, configuration, and implementation
- Experience with cloud, SaaS, PaaS, aPaaS and IaaS concepts and technologies
Experience For AWS Security Compliance Architect Resume
- Coordinating and Supporting CNX/Client/Internal/Standards (PCI, ISO 27001, SSAE16, APRA, FFIEC etc.) audits
- Working knowledge of NIST 800-53 controls
- Performing proactive risk assessments
- Performing information security reviews and security governance compliance assessment preparation for in scope standards such as: ISO270001, PCI, etc
- Defence in depth oversight for service suppliers from bidding, on boarding, design, operations and decommissioning
- Demonstrable sound judgement in decision making-situations involving risk assessments and recommendations and establishing policies and controls
- An appetite for solving problems through data gathering, systematic analysis, creative thinking and collaboration with team members across the organization
Experience For Analyst, Security Compliance Resume
- Audit of devices/services for Security best practice (system hardening, user accounts, logging, monitoring, etc.)
- Present Salesforce's cloud infrastructure, including demonstrating deep familiarity with Salesforce's hardware, software, networking and security stack
- Identify and report IT risks (internal/external) and identifying mitigating activities and manage the risk profile
- Committed to empowering the organization through the use of self-service methods, documentation and training
- Delegate and oversee work done by onshore/offshore security team and assist resources in troubleshooting and resolving security issues
- Ensure compliance to internal and client requirements during transition and during ramp down
Experience For Director, Global Security & Compliance Resume
- Assist business in managing and preventing future incidents
- Analyse vulnerability scans and assessments, reporting & tracking till closure
- Thrive in an environment that is dynamic and constantly changing
- Develop and lead IT Security Policies, Standards and Guidelines ensuring alignment to the Risk Management strategy and IT Standards governance model
- Develop best practice in relation to Information Security management and control, influencing colleagues at all levels
Experience For Security Compliance Account Manager Resume
- Work with IT and business leadership, regularly, to ensure that information security and compliance expectations are being met
- IT technical background (eg. understanding technologies)
- Compliance process knowledge (HC, patching, PSM, B&R, SA&D, AV, server build, UID mgmt)
- An aptitude for creativity and critical thinking
- Comfortable working with clients at all levels - it is just as important to work with the front line as the CIO and CTO
Experience For Senior Manager, Security & Compliance Resume
- Manages and communicates IT Security incidents driving for root cause; refines IT Security strategy and technologies based on incident outcomes
- Analyze, make recommendation and ensure Publishing dashboards on a regular basis
- Participate in BU and client facing engagements and present as needed
- Delivery of established Global Security metrics as well as all visibility enabling initiatives, country-wide
- Attentiveness to detail and high keyboarding accuracy
Experience For Global Security Compliance Manager Resume
- Follow existing processes and suggest improvements to them
- A sound understanding of security best practices and international standards such as ISO2700 and PCI DSS
- Consistent record of working with senior partners to deliver positive outcomes in the security posture
- Recruit, train, develop, and evaluate new and existing IT team members
- Manage internal requests for new vendors and partners and evaluate for risk
- Contribute to the design, development and implementation of the NIST Cyber Security Framework (‘the framework’) into AZIT
- Lead the NIST Cyber Security Framework evaluations and the continual control maturity programs
- Support change and improvement to critical cyber security operational and control processes within the IT Security team and other IT functions
List of Typical Skills For a Security & Compliance Resume
Skills For Security Compliance Manager Resume
- Basic programming experience in Java/.Net/JavaScript and other web based technologies, Salesforce platform development (e.g. Apex code) experience is ideal
- Use technical writing skills to write processes and procedures based on workflows and swim lanes
- Proven experience in an Information Security role in a commercial and/or Public Sector environment
- Transforming how information (documentation and evidence) is organized so that relevant group’s processes and practices are efficient and scalable
- Articulating the technical, documentation and evidence requirements to stakeholders
- Experience designing, implementing, and maintaining network security and network systems including LANs/WANs/VPNs/Firewalls and IDS’s
- Experience performing audits, risk assessments, and reviewing and developing key processes and controls
Skills For Security & Compliance Manager Resume
- Experience directly related to information technology, networking or software engineering
- Experience of working with the principles and controls surrounding ISO 27001, CAST and PSN
- Experience leading mid-size to large-size, elite and fast-moving IT and Security, Implementations
- Experience leading a high performing IT Security team
- Lead, assess and develop a team of 30+ players and varying numbers of contractors through strong communication, empowerment, reward and coaching techniques
- Experience in working with security consulting teams
Skills For Senior Analyst, Security Compliance Resume
- Experience presenting and communicating to Executive Management
- Experience leading and managing a team
- Experience developing team members and growing security organization influence
- Experience with enterprise governance, risk, and compliance software packages (e.g. Archer) Working knowledge of risk management processes and risk registers
- Experience working in one or more popular GRC platforms (Archer, RSAM, Prevalent)
- Experience of working in other IT disciplines and across a range of industries and sectors
Skills For Director, Security & Compliance Resume
- Experience working in a global organization where partners and team members are geographically dispersed
- Experience of IT Health Checks, Cyber Essentials +, Penetration Testing
- Experience of working with HMG accreditation / certification schemes
- Self-motivated, willingness to take on challenges and adaptability to change and manage changing priorities
- Security Training and Awareness and Security Incident Management knowledge experience
- Demonstrable experience of working within regulated environments
- Experience documenting processes, labs and test environments
- B.S. Computer Science, Management Information Systems, Software Engineering or equivalent work experience
Skills For AWS Security Compliance Architect Resume
- Experience working in a technology security discipline
- Experience with managing audits of technology architecture, applications, and systems
- 4 – 8 years experience working in a security discipline
- Experience with performing security assessments of technology architecture, applications, and systems
- Compliance experience in the Production industry
Skills For Analyst, Security Compliance Resume
- Experience and expertise with Internal and External Audit programs
- Risk assessment, risk review, and project management experience
- Experience with Shared Assessments tools and concepts (SIG questionnaire)
- Previous work experience in a highly regulated industry (Medical, Financial, Insurance, etc.)
- Experience with information security management practices and guidelines
- Previous experience of a management role in an operational or compliance function in a customer-focused, target-driven environment
Skills For Director, Global Security & Compliance Resume
- Finding your dream job at IBM: navigating our company with the potential for many careers by channeling an employee’s strengths and career dreams
- Working knowledge and understanding of Regulations
- Working knowledge of delivering security standards such as NIST 800-53, ISO27001
- Generating process improvements that bring about measurable improvement in quality and/or efficiency of security best practices
- Adding to our broader team's point of view and base of knowledge and understanding
- Working towards Certified Information Systems Security Professional (CISSP) Certification
Skills For Security Compliance Account Manager Resume
- Working towards Shared Assessments Certified Third Party Risk Professional (CTPRP) Certification
- Improving services and customer reports
- Managing Vendors, partners and ISV's
- Improving quality of processes and documentation
- Working knowledge of SOx & GxP compliance
- Performing proactive risk assessment and ensure corrective action are taken
- Managing, training and mentoring compliance team members
- Working knowledge of the NIST/DoD Risk Management Framework and the DoD Assessment and Authorization process
- Producing actionable, risk-oriented reports on security assessment results
Skills For Senior Manager, Security & Compliance Resume
- Planning and executing compliance programs from scoping to final deliverables with an eye for documenting and continuous process improvements
- Preparing and presenting program status to management and stakeholders
- Maintaining a complete and current technical content library with up-to-date inventory and control of technical content used by the security compliance team
- Working knowledge of at least two: McAfee Antivirus, AppControl, Tanium, Archer, NetIQ Sentinel
- Climb and work at various levels and work at standing, sitting, lying down crouched or kneeling positions
- Manage risk assessment program, ensuring identification and mitigation of risk when acquiring or developing IT systems and processes
- Constantly learning, absorbing new information daily, and having a keen focus on how to best discuss complex, technical problems with customers
- Represent the Pegasys Compliance team in any client facing meetings when conference calling is not available
- Partners with the VP, IT Services and IT Leadership Team in developing annual operating budgets and provides fiscal direction to the IT organization
Skills For Global Security Compliance Manager Resume
- Analyze complex situations, assessing risks and balancing strategic and tactical security requirements
- Formal Security training (certificate) or equivalent: any of the following certificates would be a definite advantage, BSI ISO/IEC 27001:2013, CISSP, CISA
- A deep passion for working with the latest, cutting-edge technologies
- Ensure that training and awareness sessions are carried out, ensuring alignment with customer and Orange's policies
- Track record of identifying and resolving complex security issues in collaboration with other subject-matter experts
- Routinely react to visual, aural and other signals, including alarms and instructions and is required to visually inspect facilities
List of Typical Responsibilities For a Security & Compliance Resume
Responsibilities For Security Compliance Manager Resume
- Experience in a sales engineering role with a similar product line or service offering (hosting, outsourcing, ISP, solutions, professional services etc- )
- At least two years of prior professional inside sales and/or account management experience in a technology field
- Direct experience managing audits (e.g. SOC2, FISMA/NIST 800-53, PCI-DSS) including coordinating with auditors and internal stakeholders
- Strong understanding of the following compliance regulations: PCI, HIPAA, FERPA, FISMA, ITAR, and NIST Security Compliance
- Experience building web applications or security solutions using Java, PHP, Python or JavaScript
- Experience working with mobile, database and operating system security
- Proficiency in a risk management framework and experience in conducting security risk assessments
- Experience in managing security frameworks, e.g. ISO 27001/27018, SOC 2 Type 2, PCI, HIPAA, FedRAMP, and global data protection and privacy laws
- Technical experience in an IT support-related role
Responsibilities For Security & Compliance Manager Resume
- Handle and analyze data security incidents and correlate them with relevant evidence as and when required
- A total of 5-7 years of experience in field of IT / IT Security tools and technology
- Experience as a team lead to coordinate and drive complex, process improvement initiatives
- Nurturing and growing the compliance team to match the company’s rapid growth
- Providing and delivering schedules, resource allocation, performance measurements, and overall security compliance
Responsibilities For Senior Analyst, Security Compliance Resume
- Overseeing and providing strategic direction for the compliance officer team
- Leading a group of compliance officers
- Arranging for appropriate security education and awareness training to employees supporting public sector accounts
- Understanding and keeping abreast with the development of the various security and compliance standards with relation to the products and services
- Responding to any security or compliance queries with relations to the products and services
- Directly collaborating with our clients regarding the security posture of their systems as well as providing recommendations
- Lead all aspects of the security function including: strategic planning, interface, budget management, staffing, and leadership of all security operations
Responsibilities For Director, Security & Compliance Resume
- Act as liaison between the Security Compliance team and other departments to ensure we are meeting our compliance requirements during times of external audits
- Improve the security of Concur’s information infrastructure and minimize the threat of damage resulting from intrusions
- Provide lead role in managing the company’s PCI-DSS Program and annual assessments with external audit firm
- The main activities within the Daily Operations are the following
- Manage security incidents and investigations in accordance with the Information Security Incident Handling Process and Investigation Framework
- Perform specialized security training for target groups
Responsibilities For AWS Security Compliance Architect Resume
- Security Log Analysis and correlation and taking proper required action
- Serve as information security & network subject matter expert; provide advisory and consulting services as needed to the organization
- Lead the Incident Response Team for both proactive/training sessions as well as actual events
- Partner with IT Management to develop a cross functional IT Security Steering committee
- Develop and maintain an ongoing security awareness program for both corporate and store locations
- Compile data and prepare risks reports including quantified options and recommendations
- Oversight of Authorization & Accreditation efforts, specifically using your knowledge of the Risk Management Framework process
- Develops methods of translating business needs into technical security specifications/requirements for all SAP related systems
- Performs periodic vulnerability assessments, penetration testing, and other security assessments as needed
Responsibilities For Analyst, Security Compliance Resume
- Knowledge and understanding of DoD Special Access Programs
- Accountable for managing security tools as required e.g. IPS, AV, Content Filter, Nessus Scanner, Nipper, TEM, PGP, FIM
- Understand and able to interpret the contractual requirements for reviewing the business needs
- A goal oriented individual who wants to grow with NaviSite professionally and technically while constantly improving their skills with the latest and best of breed technologies
- Languages and platforms include server platforms, Unix shell scripting, Perl, C, C++, Java, Visual Basic, product API’s, WIN NT, Linux, AIX, OS/400, Cisco routers and switches, Domino, MAC OS, relational databases, security products, and network monitoring systems
- Facilitate action across teams and organizational boundaries to enable people to exploit technology’s contribution to business initiatives with appropriate IT security
- Experience with applied cryptography, key management, authentication and authorization systems
Responsibilities For Director, Global Security & Compliance Resume
- Execute on-site data center information security audits as part of Microsoft’s Cloud and Enterprise Compliance team focused on data center compliance
- Develop internal policy and procedure documents to support Document Cloud’s security compliance initiatives
- Anticipate and mitigate risks – by having close involvement with teams’ goals and challenges, applying past experience, and keeping in mind the big picture
- CISSP Certification required (Certified Information Systems Security Professional)
- Familiarity with security engineering – host security, network security, web application security (web applications, web services, service oriented architectures), and encryption technologies
- Knowledge of network defense tools and deployed architectures for perimeter and internal defense
- Create and maintain an enterprise information security strategy
- Become and remain well connected with the information security community, at large, to ensure an up to date understanding of how other retailers are mitigating common security and compliance issues in the industry
Responsibilities For Security Compliance Account Manager Resume
- Ensure that all team members remain well educated and well informed with respect to latest security threats and methods and techniques to safeguard against them
- Develop vendor relationships designed to supplement information security and compliance team resources
- Create an annual Risk Assessment for IT and business leaders describing the company’s security disposition and strategic and tactical steps believed necessary to minimize risks within a reasonable financial expectation
- Work with the business to ensure the development and maintenance of a business continuity plan and manage regularly scheduled disaster recovery test
- Autonomous (works with little direction and supervision)
- Active knowledge of English
- Knowledge of French/Dutch is an asset
Responsibilities For Senior Manager, Security & Compliance Resume
- Oversight of the Company’s Emergency Management Program
- Provide the overall leadership and strategy for the integration of security as a key component of Ascena’s culture
- Create an annual Risk Assessment for IT and business leaders describing the company’s security disposition and strategic and tactical steps believed necessary to minimize risks within a reasonable financial expectation
- Participate in the overall creation and maintenance of AbbVie’s risk, security & compliance policies, standards, guidelines and baselines
- Develop, promote and monitor AbbVie’s Electronic Records Retention program. Work with business units to ensure data is properly classified
Responsibilities For Global Security Compliance Manager Resume
- Maintains a customized process, risk and control framework to improve the organization’s IT risk profile by aligning with the regulatory and quality, industry practices and internal requirements
- Provides advisory services to the other APD’s functions in the assigned compliance areas
- Work in a highly collaborative way with both Stevens’ internal technologists as well as vendors and OEMs
- Identify areas for innovative and improvement in processes and solutions to support Stevens’ mission and goals
- Proactive readiness activities with internal partners and external customers/clients
- Provides security compliance monitoring and reporting services to the organization in coordination with Business Security Officer’s, security risk, and other security functions
- Create and execute security assessments of all aspects of Digital Operations platforms and infrastructure across SBU’s and SBG’s and oversee remediation of issues found
- Professional IT security experience in large scale, global environment with hands on experience in multiple technologies and multiple roles
- Leading IT security and compliance teams across various functions including infrastructure, production operations, application design and development, rollouts with a multi-year roadmap