KYUL HAN

Toronto, ON M*N *T*

(***) *** - ****

ad1nkk@r.postjobfree.com

Skill Set

18+ years with security operations, audit and compliance experience on framework (such as ISO 27001, ISMS, SOX and ITIL) and SOC1 Type II controls.

Strong leadership, organization, coordination and communication skills between auditors and internal departments.

Professional Experience

IT GRC Analyst Nov 2021 - Present

Raymond James Limited, Toronto, Canada

Establish and Implement GRC

Manage GRC Exceptions

Maintain SharePoint for Technology Risk and Assurance

Establish and Implement Security Awareness

Gather evidences and highlight exception/issues to assist IT Audit (SOX, FFIEC and Internal and External)

Cooperation with stakeholders (such as Headquarter, Other branches, External/Internal Audit, IT and HR)

Vulnerability Scan using Kali-Linux for the branches

Information Security Specialist May 2016 – Nov 2021

Equitable Bank, Toronto, Canada

Establish and Implement GRC using RSA Archer

Prepare Security Metrics/Reports for the management on various aspects of Risk Management

Gather evidences and highlight exception/issues to assist IT Audit

Manage IT Vendor Deliverables

Conduct OSFI Cyber Security Self-Assessment

Prepare for Cloud Security Assessment

Liaison with stakeholders (such as Risk, External/Internal Audit, IT and HR)

Performed Privileged Access Review

Managed/Created/Removed/Updated Accounts through M/S Azure and Local AD in Win Server 2016

Reporting using McAfee SIEM

Vulnerability Scan using Qualys

Network Security Analyst (Intern) Feb 2016 - Apr 2016

Secure Links, Toronto, Canada

Analyze Network Security Traffic by using Fortinet

Operate EventTracker SIEM

Information Security Assistant Manager Apr 2006 - Dec 2015

LG Electronics, Seoul, Korea

Administrative Security

-Manage a team of 4 Security Analysts and relationships with Internal and External Auditors

-Design, develop, implement and coordinate IT Security Policies, Standards and Procedures

-Oversee and determine timeframes for IT Security Audits and Projects

-Develop Information Security Management System(ISMS) based on ISO27001 (Information Security Standards) and Private Information Management System(PIMS) through Team Security Score(TSS) Process

-Audit Privacy Information Systems; Gap Analysis, Risk Assessment (www.lgcodechallenger.com) and Identity Access Management (lgpatent.lge.com)

-Improve Security & Privacy Policy, Standard, Procedure and Incident Response Process

-Investigate potential or actual security violations or incidents in an effort to identify issues

-Train over 4,000 employees on information policies and procedures and security awareness

Technical Security

-Operate Network/Endpoint DLP(Data Loss Prevention), LG SIEM

-Monitor security of critical systems (Private Information Web Servers) and changed to highly sensitive computer security controls to ensure appropriate system administrative actions

Sergeant Dec 2002 - Jan 2005

Korea Marine Corps, Korea

Education

Master in Electrical and Electronic Engineering GACHON University 2011 - 2013

Bachelor in Electronic Engineering GACHON University 2009 - 2011

Bachelor in Computer Science Engineering HANYANG Cyber University 2007 - 2009

Associate in Digital IT Electronics DONG SEOUL College 2002 - 2006

Certification

CIA (Certified Internal Auditor)/Certification Number: 169367 Mar 2019

CRISC (Certified in Risk and Information Systems Control) /Certification Number: 1722596 Aug 2017

PMP (Project Management Professional) /Certification Number: 1936692 Jun 2016

CCNA (Cisco Certified Network Associate)/Certification Number: CSCO12707579 Sep 2015

CISM (Certified Information Systems Manager)/ /Certification Number: 1528258 Sep 2013

CISA (Certified Information Systems Auditor)/ /Certification Number: 1310772 Dec 2012

CISSP (Certified Information Systems Security Professional)/Certification Number: 431992 Sep 2012

CPPG (Certified Privacy Protection General)/Certification Number: G12-008-05-00340 May 2012

Volunteer Experience

IT Help Desk in St. Felix Centre Sep 2015 - Present

Preparing workshops in AEIP SUCCESS (46 hours) Oct 2014 - Aug 2015

Supporting children in Social Welfare Volunteer Organization (44 hours) Oct 2013 - Dec 2014

Blood donation (11 times) Dec 2002 - July 2015

Contact this candidate