OSIOKE OJIOR, CISSP, CISM

Atlanta, GA *****

abnv2f@r.postjobfree.com +1-404-***-****

Information Security Governance, Risk, & Compliance Leader

Subject Matter Expert in business focused information security, IT Risk, and IT Infrastructure leadership at

strategic, tactical, and operational levels for over 12 years; aligning business processes and IT services with

enterprise security architecture to attain service levels for large business organizations and multi-nationals.

CORE COMPETENCIES

Information Security Management & Operations IT Service Management & Strategic Planning

Stakeholder & Vendor Relationship Management Global Perspective & Thought Leadership

IT Risk Management & Regulatory Compliance Architectural Design & Implementation

Knowledge & Project Lifecycle Management Team Development & Leadership

EDUCATION & CREDENTIALS

Leadership Certificate, Yale School of Management - Yale University

Bachelor of Science in Communication, Kennesaw State University

CISSP (22367), CISM (0808891), CISA (0863827), NSA IAM, ITIL

PROFESSIONAL EXPERIENCE

Manager, Technology Architect - Information Security & IT Risk Services

BearingPoint, Inc., Atlanta, GA, U.S. 2/2007 – PRESENTLY

Providing strategic leadership for global consulting firm, managing dispersed senior consultants delivering IT

Risk Management, IT security, and privacy services to healthcare, government, and financial services clients.

- Supported $1.3 million in revenue, collaborated actively in decision making with engagement senior

management and client executive leadership (CISO, CIO, CTO) on strategy and execution.

- Chief Security Officer/Lead on numerous winning proposals including control & assessment solutions

for FISMA, HIPAA, PCI, SOX, ITIL, & GLBA compliance; attained 100% on target metrics.

- Led architecture, design, and implementation of ISMS for BCP/DRP, IAM, SAP, and SOA solutions,

advised major clients with ISO 27001, NIST, COBIT, and other governance/compliance mandates.

- Provided security awareness & training to senior stakeholders, and enhanced client security-ROI.

Managing Consultant – Infrastructure & Security Architecture

Edwards & Ervin Group, Atlanta, GA 4/2004 – 2/2007

Partnership; managed cross-functional client relationships, maintained working relationships with technology

vendors; on-time delivery 100% of engagements, exceeded target metrics for revenue and utilization.

Principal Security Architect for Kunim Integrated Services

Led senior security consultants in EMEA providing IT risk and security services (6/2006 – 1/2007):

- Developed architectural design, engineering implementation, and production support services;

led service delivery for clients in petroleum, financial services, and travel industries.

- Conducted security awareness training for over 500 users, and developed security program

compliant with ISO 27001, and NIST 800-53 guidelines.

2

OSIOKE OJIOR

Senior Business Advisor for ARISNET Telecommunication Services

Guided new secure telecommunication service from development to deployment (4/2004 – 6/2005):

- Developed business plan & technical proposals, enabled new consumer IP VSAT service.

- Managed vendor relationships and business development for telecommunications and security

services; led the engagement management for financial services and telecommunication clients.

- Developed framework for regulatory compliance, applied ISO 17799, COBIT, Sarbanes-Oxley,

and PCI DSS.

Global Network Security Architect for Infrastructure Services

DHL/Deutsche Post World Net (DPWN) (AG), Scottsdale, AZ, U.S. 7/2005 – 5/2006

Provided architecture leadership for network security solutions and operations teams at IT Service Centers in

Europe, Americas, and Asia Pacific; member of Global Infrastructure Services group managing over €1

million budget for security services, collaborated with global program management.

- Developed security operations architecture for network security solutions, served over 5,000 offices

and 400 business critical locations in 200 countries.

- Applied regulatory requirements and control frameworks (PCI DSS, ISO 17799, NIST 800-53, EU

DPD, and ITIL) to network security architecture.

- Collaborated with Global Service Level Management and PMO to develop RFI and RFP; re-

engineered product evaluation & vendor selection process to optimize IT investments.

- Developed infrastructure security strategy and design for MPLS integration, network IPS, and IP

Telephony/VoIP convergence, supported new business acquisitions and data center consolidations.

Developed Security Technology Standards (design and implementation), led IT Service Management

-

for network and application security services: IPS, SSO, PKI, VPN, SIEM, APP/DB Firewall.

Senior Information Security Engineer - Worldwide Audit & Security Services

Worldspan L.P., Atlanta, GA, U.S 4/2000 – 4/2004

Recruited to operate risk management framework for 24/7/365 technical operations of mission critical Global

Distribution System (GDS) in Europe and Americas providing travel information distribution, e-Commerce,

and Internet connectivity for 11,000 travel agencies, service providers, and corporations across 60 countries.

- Implemented Information Security Program and established audit compliance (ISO/IEC 17799,

COBIT, UK DPA/EU DPD, ITIL, and HIPAA) for pre-IPO readiness.

- Formulated business continuity strategy (DRP), standardized security technology, secure

configuration, and operations; supported all enterprise ICT applications, systems, & networks.

- Developed VMware virtualization laboratory to simulate production environment for security testing;

reducing prior security impact by 98%, and realized time to market security services by 45%.

- Member of the Security Council, strategic decision making partnership with executive leadership; and

Security Working Group, tactical delivery partnership with IT (dev, engineering, and, administration).

- Developed tactical solutions aligned to strategic business needs: product & provider evaluation,

Identity & Access Management, Directory service & PKI/PKC, and Intrusion Detection Systems.

- Provided security and privacy awareness training to employees globally; enhanced adherence to

corporate security policies and security in-depth through the full system development lifecycle.

- Developed Incident Management process & led cross-functional Incident Response Team, managed

Early Warning System and coordinated UK/US CSIRT; enhanced control, clarity, and recovery.

- Managed Risk & Vulnerability Assessments initiatives, provided security consulting to e-Business

Architecture and Product Development teams, served as e-Commerce Security Analyst.

3

OSIOKE OJIOR

Manager of Information Technology

GE Capital Consulting, Norcross, GA, U.S. 1998 – 3/2000

Reported to regional Vice President, led technology infrastructure for collaborative computing and application

development services, managed numerous contractor & vendor relationships, and served as CIO delegate.

Designed and managed implementation of new Data Center IT infrastructure (development and

-

production), and IT Service Continuity (BCP/DRP).

Consolidated the IT infrastructure for ERP consulting, sales and marketing automation services, and

-

electronic data management to new data center facility, reducing IT operations cost by 45%.

Negotiated service contracts with telecommunication and IT vendors, and sub-contractors.

-

Managed the re-engineering and implementation of collaboration infrastructure (unified

-

messaging/communication), for major global telecommunications provider.

PROFESSIONAL AFFILIATIONS

IT Service Management Forum (itSMF) Information Systems Audit Control Associations (ISACA)

-

Computer Security Institute (CSI) Information Systems Security Association (ISSA) PMI IEEE

-

Contact this candidate