CHRISTOPHER M. HOANG, CISSP
www.linkedin.com/in/christopherhoang 713-***-**** firstname.lastname@example.org Professional Summary
Seasoned IT Director with over 15 years of experience leading information security, risk, and governance in the financial services industry. Experience in all aspects of IT project leadership for IT security and service management, including team development, risk mitigation, and cost management. Continually exceeds expectations by building valuable relationships and works well with people at all levels of an organization, including stakeholders, senior management, team members, and clients. Skills
Team Management & Development
Strategic Plans & Roadmaps
Legal & Regulatory Compliance
IT Security & Service Management Crisis
Project Planning & Management
Budgeting & Cost Controls
Resource Allocation & Workforce Management
Pivots, Impediments & Risks
Action Plans, Goals, Achievements & Growth
Resource Allocation & Timeline Monitoring
Report & Documentation Creation
Proactive Client Service & Conflict Resolution
Excellent Verbal & Written Communication
Director, Information Security, Risk, and Governance 2016 to Current Advisor Group, Inc – Houston, TX
Leading all information security initiatives and daily operations for the firm by identifying, managing, and reducing information security risk while reporting directly to the Chief Information Security Officer.
Testing or reviewing security controls necessary to maintain compliance with regulatory requirements including SEC, CCPA, NYDFS, and FINRA while leading co-sourced teams charged with enhancing an enterprise SOC as well as security and IT risk management and governance functions.
Providing security risk assessments on vendors, business partners, or newly developed applications to assess suitability related to information security, collaborating with business departments to develop and implement policies and procedures that meet business goals for productivity, profitability, and security.
Partnering with other technology functions to continuously enhance existing operational security controls such as system protection agents, network perimeter defenses, and application level controls.
Providing strategic cyber security risk guidance as well as subject matter expertise for IT projects including the evaluation and recommendation of technical controls and threat analyses.
Advising management on industry developments in business practice, technology, security issues, and legislation that impact the firm's information security posture, managing the security incident response process with investigation, resolution, and mitigation.
Enhancing and managing cyber security awareness programs or initiatives while keeping current on the threat landscape and providing thought leadership internally and via out-reach with customers or in third-party settings.
Developing business-relevant metrics to measure the efficiency and effectiveness of the company's information security management program, forecasting appropriate resource allocation to increase the maturity of the program. Technology Risk Lead/Associate Vice President 2014 to 2016 AIG Global Travel And Services
Led all global IT risk management within AIG's Global Travel & Services line of business, supporting a 24/7 operation with 2 national and 6 international locations, reporting directly to AIG Consumer's Technology Risk Officer with matrix line to BU CIO.
Built strong cross-functional teams, creating or refining operational processes as well as establishing clear standards and expectations as it pertains to Information Security while creating strong working relationships with business partners and various towers across the firm.
Worked with the Technology Risk Office team to identify, assess, respond to, and monitor technology risks while ensuring that risks and their impact on consumer business operations were understood and addressed by the TRO.
Ensured that the strategic technological development and maintenance for Global Travel and Services addressed the appropriate processes and controls to minimize IT Risk, working with executive-level managers, project teams, Technology Risk Office areas, and business unit staff across regions or corporate groups.
Coordinated and supported security audits or assessments to evaluate policy compliance or existing defenses and to identify vulnerabilities as well as advised management on industry developments in business practice, technology, security issues, and legislation that impact the company's security policy.
Developed, documented, and implemented information security procedures to enforce information security standards as well as coordinated the use of external resources involved in the information security management program. Business Information Security Officer 2004 to 2014
(Senior Information Security Architect, Senior Information Security Analyst) AIG Consumer Services, American International Group
Initially came onboard as a Senior Information Security Analyst in 2004 to then being promoted to Senior Information Security Architect in 2009 and advancing to Business Information Security Officer in 2011.
Collaborated with senior leadership to ensure communication of risks and reporting directly to AIG Consumer's Chief Information Security Officer of IT Security Risk and Compliance and matrix line to BU CIO.
Led the implementation and execution of information security and risk programs across multiple lines of business across AIG Consumer and served as a voting member on the CIO IT Steering Committee to advocate information security risks.
Drove communication or execution of IT Security, Risk and Compliance frameworks, establishment of policies, standards, or procedures, management of operations, engineering, cyber threat analyses, cyber monitoring and response.
Provided strategic and tactical security guidance to IT and business management across a broad range of information security or IT governance best practices including ISO 27001, COBIT, ITIL, and SOX.
Managed the InfoSec Risk Assessment process with external business partners and internal business units including third- party security assessments, software security assessments, security risk exceptions, firewall change reviews, and application vulnerability testing.
Previous Work History
Security Systems Analyst – Element Services/Hewlett Packard Company – 2003 to 2004 IT Support Specialist/IT Help Desk Analyst/Network Security Administrator – Cingular Wireless – 1998 to 2002 Training & Certifications
Certified Ethical Hacker ECC984454 – 2013
Certified Penetration Tester – 2013
Certified Information Systems Security Professional #439127 – 2012
Associate Life Management Institute – 2011
Associate, Customer Service – 2011
University of Texas at Tyler – Master of Business Administration in Cyber Security – Currently Enrolled Capella University – Bachelor of Science in Information Technology/Information Assurance and Security – 2017 Summa Cum Laude - GPA 4.0
Dean's List – Q2 2014, Q3 2014, Q4 2014, Q1 2015
President's List – Q2 2015, Q3 2015, Q4 2015, Q1 2016, Q2 2016, Q3 2016, Q4 2016, Q1 2017 Remington College – Associate of Science in Computer Engineering and Electronics – 2001