Unbeatable Resumes (27 page)
Read Unbeatable Resumes Online
Authors: Tony Beshara
Provide a reverse chronological employment history, including company names, locations, and inclusive dates of employment, emphasizing what types of companies the applicant has worked for
Identify both hands-on work experience and technologies used (i.e., tools, applications)
List all educational institutions, with inclusive dates of attendance and degrees awarded
List additional certifications and/or awards received
You will notice that most of these résumés are longer than two pages; this is not uncommon with IT résumés. They need additional space to communicate not only job function but also technical skills. Particularly, it is important to list technical skills at the beginning of the résumé so the reader can spot them right away. Especially if it is a third-party “screener” reading the résumé, he or she will be instructed to look for certain technical proficiencies and terms. Then, in the body of the résumé, you list where those technical proficiencies were applied.
This résumé works well because the candidate has a good summary of qualifications at the front, referencing his master's degree and Fortune 500 experience, as well as providing a thumbnail sketch of his experience. Additionally, his experience at each company is stated in a concise and understandable way, and his publications and certifications are detailed.
CHRISTOPHER WARD
Address   Cell #   E-mail
SUMMARY OF QUALIFICATIONS
Certified senior-level information security professional, combining a master's degree and solid experience with leading-edge information security systems and network design, analysis, and implementation. Proven track record in building and leading information security organizations, planning and analysis of security architecture, infrastructure and applications, policy, procedure and standards development and training for a wide range of Fortune 500 companies and government agencies. Solid background with front-line security implementations and regulation compliance, including encryption, firewalls, penetration testing, and applications.
EXPERIENCE
Accelerated Products, Dallas, TX
Senior Information Security Consultant | Aug. 2003âPresent |
Managed project, designed, and deployed Symantec Control Compliance Suite (CCS aka Bindview) solution to audit all MS SQL, Oracle, Windows, and Unix servers for PCI, SOX, HIPAA, Gaming Control Board, and corporate policy compliance. Project resulted in significant ROI and reduced FTEs required.
Managed project, designed, and deployed PGP PKI solution with data loss prevention (DLP) and content management servers and software across multi-national enterprise for PCI and privacy compliance. Servers scanned for inappropriate and proprietary data in motion and at rest on the corporate network, automatically encrypting sensitive data and notifying IT staff of potential data leaks.
Managed and consulted on information security strategy, policy, and architecture providing compliance with ISO 17799/27001, Gramm-Leach-Bliley Act (GLBA), SarbanesOxley Act, COBIT, DITSCAP, NIST, HIPAA, and state privacy regulations through matrixed staff at over 70 locations in the US and Mexico.
Responsible for applications, systems, and database audit, vulnerability testing, and analysis (Oracle, DB2, MS SQL, LDAP) for SAS70, SOX, and other audit compliance.
Performed extensive network security penetration testing, systems, and application vulnerability analysis and risk assessments for several national financial corporations, using a variety of tools, including Nessus, SAINT, COPS, nmap, SUS, TCPWrappers, Tripwire, L0phftcrak, Snort, ISS Scanner, and SUS. Architected and implemented enterprise-wide desktop security (VPN, PKI, identity management, anti-virus, anti-spyware, firewalls, centralized updates, patch management, and single sign-on).
Advance PCS, Dallas, TX | Mar. 2002âJul. 2003 |
Director, Information Security
Managed information security strategy, policy, and architecture through a combination of direct and matrixed staff with over $1M budget.
Developed Information Security Policies, Standards and Procedures in compliance with ISO 17799 Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOA), HIPAA, and state privacy regulations.
Developed multimedia information security training program and ongoing security awareness campaign.
Developed and implemented enterprise-wide information security architecture in conjunction with IT organization, resulting in a 24% ROI, regulation compliance, and significantly reduced development time for applications. Account registration turnaround time went from 5 days to 2 hours (Oblix/LDAP/RSA).
Directed team of consultants to effectively implement, integrate, and automate information security throughout the enterprise. This included applications development in C, C++, JAVA, Perl, and other scripting languages, as well as integration of PIX and Checkpoint firewalls.
Led forensic investigation teams for security incidents.
