I'm in security & compliance. I WANT my Palm (Blackberry, bah!).. it's like my air raid siren.
Cool. IT security and compliance?
A weird hybrid position you find in large retailers handling PII or cedit card data in large volumes.
I'm 1/3 Information Privacy Officer, 1/3 IT Security, and 1/3 Program / Progect Manager.
Do you have to undergo a federal background check to get work such as that?
Also, if you were Mr. Floppy, you probably would have said, "I'm 1/3 Information Privacy Officer, 1/3 IT Security, and 1/3 Program / Progect Manager, but I'm all bunny."
Typically you undergo a background and credit check. If you fill an information privacy role for the government you'll typically require a security clearance and a CIPP/G certification. I have a CIPP (Certified Information Privacy Professional) certification (/g is for government), and am about to take my CISSP (Certified Information Systems Security Professional), since you need 5 years experience to even apply for the exam.
My boss wants me to certify as a project manager as well.
I'll post a redacted version of my resume so you can get a feel for my background. Please excuse the formatting errors that will happen.
SUMMARY:
Versatile leader with experience in Departmental Management, Information Technology, Project Management, Data Center Operations, Information Security, Application Support, Change Management and Cost Center Management. Excellent leadership and people management skills. Solid track record of delivering results by motivating staff to find resolutions to complex challenges. Possesses the combination of education, practical experience and quantifiable results necessary to lead an IT group in a successful partnership with the core business.
PROFESSIONAL EXPERIENCE:
Fortune 100 Oil Company, 2007 - Present
Information Compliance and Security Manager
Responsible for all aspects of security and compliance for retail payment environment conducting $4.6B in transactions annually
Responsible for maintaining security best practices, PCI Compliance Program, and safeguarding of personally identifiable information.
Responsible for encryption key management process design and program oversight.
Triage of all credit card fraud incidents to identify violations of PCI, as well as violations of state laws regarding identity theft.
Design all response protocols.
Manage the investigation, remediation, and notifications required by PCI, as well as various state and local statutes.
Perform field compliance audits to ensure personnel and systems maintain PCI compliancy. Audit PIN devices for compliance with industry regulations
Project manager for Sarbanes-Oxley and SAS-70 audit of Retail Payment Technology application development group. Document financial environment and diagram financial systems workflows following currency from cash register, to settlement provider, to general ledger.
IT Pimps R' Us 2004 - 2007
Project Manager
Project Manager and security consultant to bring PCI Level 1 retail merchant with 5,000 locations and over 1 million financial transactions per day into compliance with PCI requirements.
Responsible for several ongoing projects to bring retail and mainframe financial settlement systems, applications, and processes into compliance with Sarbanes-Oxley requirements and Payment Card Industry (PCI) standards for credit card security. Developed compliant work processes and incident response protocols.
Project includes an initial audit of all related platforms, scope definition, all pre-audits of involved IT systems, and managing all projects and sub-projects to correct deficiencies. Efforts include replacing or augmenting work processes, application and hardware modifications, and documenting and auditing results. Combined budget responsibility of $1.5 million.
Telecom Were Us (Until we filed Chapter 11) Tulsa, OK 1999 – 2003
Supervisor, Network Maintenance Engineering
Manage 11 employees responsible for the hardware, operating systems, databases, security, and applications monitoring North America’s largest next-generation fiber network. Systems included corporate financial and human resource systems (Peoplesoft), Livelink, and dozens of minor applications running on Unix and Windows NT platforms. Managed employees in remote offices. Managed $1M cost center. Provided project management for all non-capital projects.
Responsible for security configurations and access controls for HP-UX, NT 4.0, and Sun Solaris environments.
Supervisor of Information Technology
Managed 12 employees providing systems support for real-time backbone broadcast network in a 24x7 mission critical video broadcasting environment for major cable news outlets. Managed remote employees in Toronto office. Participated in massive reorganizations on a near-quarterly basis. Responsible for all aspects of employee management as well as providing budgetary forecasting and expense reconciliation for $1.2M cost center. Responsible for systems integrity and security configurations.
Supervisor, Network Operating Systems
Managed $4.5M department consisting of 12 employees responsible for back office, file and print and email services for enterprise of 12,000 end-users. Responsible for implementation of security standards and configurations for back-office environment.
Managed remote employees in Oklahoma, Colorado, Illinois, New Jersey, Virginia, Missouri, Texas, Alberta and Ontario. Developed and implemented plans to consolidate regional administration teams into enterprise group, with common standards and processes. Guided the development of new enterprise processes.
Big PetroChemical Company, Clear Lake, TX 1996 - 1999
Change Manager
Assisted in the development, refinement and implementation of change control processes and security change reviews for first North American petrochemical rollout of 5 SAP-R3 modules. $900M project included new infrastructure, application and database environments with 12,000 roaming desktop workstations and back office systems.
IT Analyst
Performed server configuration management in environment of 100 Windows NT servers, 25 Exchange Servers, 12 SMS servers and various miscellaneous application platforms. Duties included creating software distribution packages, implementing security standards, providing access control, building hardware configurations, and performing work on capital projects.
IT Pimps R Us v. 1.0, Houston, TX 1994 - 1996
Server Administrator
Provided server administration, system architecture, security configurations, access control, and migration services for various clients performing upgrades to Windows NT or Windows 95 systems. Assembled and installed Compaq servers and workstations, provided help desk support and functioned as team technical lead for 9 installers.
Cumberland County Sheriff’s Dept, Fayetteville NC 1986 - 1990
Deputy Sheriff
Enforced laws and regulations, investigated crimes, and testified at trial.
EDUCATION:
University of Phoenix, Tulsa, OK
B.S., Business Management (With Honors),
Training & Certifications
• CISSP Core Cirriculum
• Certified Information Privacy Professional
• The Big Pipeline Company Leadership Program, Management Curriculum
• Introduction to SAP-R3
• Microsoft Certified Trainer, Windows NT 4.0
• Microsoft Product Specialist, Windows NT 4.0
• United States Army Physical Security School
Topic: Workplaces to see more spats over after-hours (Read 5054 times)