OSIOKE OJIOR, CISSP, CISM
Atlanta, GA *****
abnv2f@r.postjobfree.com +1-404-***-****
Information Security Governance, Risk, & Compliance Leader
Subject Matter Expert in business focused information security, IT Risk, and IT Infrastructure leadership at
strategic, tactical, and operational levels for over 12 years; aligning business processes and IT services with
enterprise security architecture to attain service levels for large business organizations and multi-nationals.
CORE COMPETENCIES
Information Security Management & Operations IT Service Management & Strategic Planning
Stakeholder & Vendor Relationship Management Global Perspective & Thought Leadership
IT Risk Management & Regulatory Compliance Architectural Design & Implementation
Knowledge & Project Lifecycle Management Team Development & Leadership
EDUCATION & CREDENTIALS
Leadership Certificate, Yale School of Management - Yale University
Bachelor of Science in Communication, Kennesaw State University
CISSP (22367), CISM (0808891), CISA (0863827), NSA IAM, ITIL
PROFESSIONAL EXPERIENCE
Manager, Technology Architect - Information Security & IT Risk Services
BearingPoint, Inc., Atlanta, GA, U.S. 2/2007 – PRESENTLY
Providing strategic leadership for global consulting firm, managing dispersed senior consultants delivering IT
Risk Management, IT security, and privacy services to healthcare, government, and financial services clients.
- Supported $1.3 million in revenue, collaborated actively in decision making with engagement senior
management and client executive leadership (CISO, CIO, CTO) on strategy and execution.
- Chief Security Officer/Lead on numerous winning proposals including control & assessment solutions
for FISMA, HIPAA, PCI, SOX, ITIL, & GLBA compliance; attained 100% on target metrics.
- Led architecture, design, and implementation of ISMS for BCP/DRP, IAM, SAP, and SOA solutions,
advised major clients with ISO 27001, NIST, COBIT, and other governance/compliance mandates.
- Provided security awareness & training to senior stakeholders, and enhanced client security-ROI.
Managing Consultant – Infrastructure & Security Architecture
Edwards & Ervin Group, Atlanta, GA 4/2004 – 2/2007
Partnership; managed cross-functional client relationships, maintained working relationships with technology
vendors; on-time delivery 100% of engagements, exceeded target metrics for revenue and utilization.
Principal Security Architect for Kunim Integrated Services
Led senior security consultants in EMEA providing IT risk and security services (6/2006 – 1/2007):
- Developed architectural design, engineering implementation, and production support services;
led service delivery for clients in petroleum, financial services, and travel industries.
- Conducted security awareness training for over 500 users, and developed security program
compliant with ISO 27001, and NIST 800-53 guidelines.
2
OSIOKE OJIOR
Senior Business Advisor for ARISNET Telecommunication Services
Guided new secure telecommunication service from development to deployment (4/2004 – 6/2005):
- Developed business plan & technical proposals, enabled new consumer IP VSAT service.
- Managed vendor relationships and business development for telecommunications and security
services; led the engagement management for financial services and telecommunication clients.
- Developed framework for regulatory compliance, applied ISO 17799, COBIT, Sarbanes-Oxley,
and PCI DSS.
Global Network Security Architect for Infrastructure Services
DHL/Deutsche Post World Net (DPWN) (AG), Scottsdale, AZ, U.S. 7/2005 – 5/2006
Provided architecture leadership for network security solutions and operations teams at IT Service Centers in
Europe, Americas, and Asia Pacific; member of Global Infrastructure Services group managing over €1
million budget for security services, collaborated with global program management.
- Developed security operations architecture for network security solutions, served over 5,000 offices
and 400 business critical locations in 200 countries.
- Applied regulatory requirements and control frameworks (PCI DSS, ISO 17799, NIST 800-53, EU
DPD, and ITIL) to network security architecture.
- Collaborated with Global Service Level Management and PMO to develop RFI and RFP; re-
engineered product evaluation & vendor selection process to optimize IT investments.
- Developed infrastructure security strategy and design for MPLS integration, network IPS, and IP
Telephony/VoIP convergence, supported new business acquisitions and data center consolidations.
Developed Security Technology Standards (design and implementation), led IT Service Management
-
for network and application security services: IPS, SSO, PKI, VPN, SIEM, APP/DB Firewall.
Senior Information Security Engineer - Worldwide Audit & Security Services
Worldspan L.P., Atlanta, GA, U.S 4/2000 – 4/2004
Recruited to operate risk management framework for 24/7/365 technical operations of mission critical Global
Distribution System (GDS) in Europe and Americas providing travel information distribution, e-Commerce,
and Internet connectivity for 11,000 travel agencies, service providers, and corporations across 60 countries.
- Implemented Information Security Program and established audit compliance (ISO/IEC 17799,
COBIT, UK DPA/EU DPD, ITIL, and HIPAA) for pre-IPO readiness.
- Formulated business continuity strategy (DRP), standardized security technology, secure
configuration, and operations; supported all enterprise ICT applications, systems, & networks.
- Developed VMware virtualization laboratory to simulate production environment for security testing;
reducing prior security impact by 98%, and realized time to market security services by 45%.
- Member of the Security Council, strategic decision making partnership with executive leadership; and
Security Working Group, tactical delivery partnership with IT (dev, engineering, and, administration).
- Developed tactical solutions aligned to strategic business needs: product & provider evaluation,
Identity & Access Management, Directory service & PKI/PKC, and Intrusion Detection Systems.
- Provided security and privacy awareness training to employees globally; enhanced adherence to
corporate security policies and security in-depth through the full system development lifecycle.
- Developed Incident Management process & led cross-functional Incident Response Team, managed
Early Warning System and coordinated UK/US CSIRT; enhanced control, clarity, and recovery.
- Managed Risk & Vulnerability Assessments initiatives, provided security consulting to e-Business
Architecture and Product Development teams, served as e-Commerce Security Analyst.
3
OSIOKE OJIOR
Manager of Information Technology
GE Capital Consulting, Norcross, GA, U.S. 1998 – 3/2000
Reported to regional Vice President, led technology infrastructure for collaborative computing and application
development services, managed numerous contractor & vendor relationships, and served as CIO delegate.
Designed and managed implementation of new Data Center IT infrastructure (development and
-
production), and IT Service Continuity (BCP/DRP).
Consolidated the IT infrastructure for ERP consulting, sales and marketing automation services, and
-
electronic data management to new data center facility, reducing IT operations cost by 45%.
Negotiated service contracts with telecommunication and IT vendors, and sub-contractors.
-
Managed the re-engineering and implementation of collaboration infrastructure (unified
-
messaging/communication), for major global telecommunications provider.
PROFESSIONAL AFFILIATIONS
IT Service Management Forum (itSMF) Information Systems Audit Control Associations (ISACA)
-
Computer Security Institute (CSI) Information Systems Security Association (ISSA) PMI IEEE
-