Information Security Internal Audit
Resume:
KYUL HAN
**********@*****.***
Skill Set
18+ years with security operations, audit and compliance experience on framework (such as ISO 27001, ISMS, SOX and ITIL) and SOC1 Type II controls.
Strong leadership, organization, coordination and communication skills between auditors and internal departments.
Professional Experience
IT GRC Analyst Nov 2021 - Present
Raymond James Limited, Toronto, Canada
Establish and Implement GRC
Manage GRC Exceptions
Maintain SharePoint for Technology Risk and Assurance
Establish and Implement Security Awareness
Gather evidences and highlight exception/issues to assist IT Audit (SOX, FFIEC and Internal and External)
Cooperation with stakeholders (such as Headquarter, Other branches, External/Internal Audit, IT and HR)
Vulnerability Scan using Kali-Linux for the branches
Information Security Specialist May 2016 – Nov 2021
Equitable Bank, Toronto, Canada
Establish and Implement GRC using RSA Archer
Prepare Security Metrics/Reports for the management on various aspects of Risk Management
Gather evidences and highlight exception/issues to assist IT Audit
Manage IT Vendor Deliverables
Conduct OSFI Cyber Security Self-Assessment
Prepare for Cloud Security Assessment
Liaison with stakeholders (such as Risk, External/Internal Audit, IT and HR)
Performed Privileged Access Review
Managed/Created/Removed/Updated Accounts through M/S Azure and Local AD in Win Server 2016
Reporting using McAfee SIEM
Vulnerability Scan using Qualys
Network Security Analyst (Intern) Feb 2016 - Apr 2016
Secure Links, Toronto, Canada
Analyze Network Security Traffic by using Fortinet
Operate EventTracker SIEM
Information Security Assistant Manager Apr 2006 - Dec 2015
LG Electronics, Seoul, Korea
Administrative Security
-Manage a team of 4 Security Analysts and relationships with Internal and External Auditors
-Design, develop, implement and coordinate IT Security Policies, Standards and Procedures
-Oversee and determine timeframes for IT Security Audits and Projects
-Develop Information Security Management System(ISMS) based on ISO27001 (Information Security Standards) and Private Information Management System(PIMS) through Team Security Score(TSS) Process
-Audit Privacy Information Systems; Gap Analysis, Risk Assessment (www.lgcodechallenger.com) and Identity Access Management (lgpatent.lge.com)
-Improve Security & Privacy Policy, Standard, Procedure and Incident Response Process
-Investigate potential or actual security violations or incidents in an effort to identify issues
-Train over 4,000 employees on information policies and procedures and security awareness
Technical Security
-Operate Network/Endpoint DLP(Data Loss Prevention), LG SIEM
-Monitor security of critical systems (Private Information Web Servers) and changed to highly sensitive computer security controls to ensure appropriate system administrative actions
Sergeant Dec 2002 - Jan 2005
Korea Marine Corps, Korea
Education
Master in Electrical and Electronic Engineering GACHON University 2011 - 2013
Bachelor in Electronic Engineering GACHON University 2009 - 2011
Bachelor in Computer Science Engineering HANYANG Cyber University 2007 - 2009
Associate in Digital IT Electronics DONG SEOUL College 2002 - 2006
Certification
CIA (Certified Internal Auditor)/Certification Number: 169367 Mar 2019
CRISC (Certified in Risk and Information Systems Control) /Certification Number: 1722596 Aug 2017
PMP (Project Management Professional) /Certification Number: 1936692 Jun 2016
CCNA (Cisco Certified Network Associate)/Certification Number: CSCO12707579 Sep 2015
CISM (Certified Information Systems Manager)/ /Certification Number: 1528258 Sep 2013
CISA (Certified Information Systems Auditor)/ /Certification Number: 1310772 Dec 2012
CISSP (Certified Information Systems Security Professional)/Certification Number: 431992 Sep 2012
CPPG (Certified Privacy Protection General)/Certification Number: G12-008-05-00340 May 2012
Volunteer Experience
IT Help Desk in St. Felix Centre Sep 2015 - Present
Preparing workshops in AEIP SUCCESS (46 hours) Oct 2014 - Aug 2015
Supporting children in Social Welfare Volunteer Organization (44 hours) Oct 2013 - Dec 2014
Blood donation (11 times) Dec 2002 - July 2015
Contact this candidate