Information Security Director

JON M. GARZA

CISSP, Master’s in Security Management

***** ********* **** **. ******, Tx · 713-***-**** ***********@*****.*** · https://www.linkedin.com/in/jon-garza-8612984 Director Inform. Security & IT Compliance IT Security Manager Information Security Officer A strategic and business-oriented security leader with over 22 years of enterprise technology experience including 8 year’s experience in an information security leadership role my skills are tailored for achieving business objectives while ensuring company systems, infrastructure and processes are secured. With a sound understanding of business management and deep knowledge of implementing security technologies in corporate networks, my talents will perfectly align with the company objectives. My extensive background serving as the subject matter expert for all global cybersecurity and IT compliance issues of an organization match the requirements of the Director of IT Security position.

EXPERIENCE

DECEMBER 2017 – PRESENT

DIRECTOR OF IT SECURITY CORE LABORATORIES, N.V. INC. WWW.CORELAB.COM Core Laboratories N.V. Inc. is one of the largest service providers worldwide of core and fluid analysis in the petroleum industry.

Subject Matter Expert and leader on all global cybersecurity issues and concerns

Established an information security governance structure

Regularly reports on the status of the information security program to executive management

Manages a security awareness training program for all employees and contractors

Develops and maintains company requirements for monitoring security events, responding to intrusion attempts and compromises, and deploying security updates to enterprise systems and end points.

Current member of local Houston Infragard Chapter

Manages the budget for information security function within the company

Develops the global information security vision and strategy while being aligned with business objectives

Develops and maintains up to date security policy and standards for all enterprise systems.

Creation of corporate 3

rd

party vendor security program

Creation of corporate application security program

Leads the security evaluation of new and existing technologies and standardize enterprise system security configuration.

Facilitates enterprise security assessments and pen test to identify risk and gaps.

Provides input for risk mitigation and process improvement opportunities.

Manage and improve on methodologies over enterprise risk management, vendor risk management, and exception management.

Responsible for building internal networks with business executives, such as legal and HR

Leads all cybersecurity investigations and incident response matters

Responsible for selecting and recommending all cybersecurity solutions

Collaborates with key security vendors to resolve issues and identify root cause for security incidents and events.

Leads and oversees security compliance initiatives such as ISO 27001, GDPR, CIS Top 20 Critical Security Controls and SOX

Serves as project manager of all cybersecurity initiatives 2012 – 2017

DIRECTOR OF IT SECURITY & COMPLIANCE UNIVERSITY OF HOUSTON- DOWNTOWN WWW.UHD.EDU

The University of Houston-Downtown is a comprehensive four-year university offering bachelor's and master's degree programs aimed at career preparation with over 14,000 students.

Serves as Subject Matter Expert (SME) for all information security related items including authentication of systems

Serves as Primary Contact for all Information Security Audits and IT Compliance investigations.

Manages IT Security team

Member of Statewide Subcommittee on Risk Assessment reporting to the Texas Statewide Information Security Advisory Committee

Oversees the security and data integrity of all UHD information systems and technical environments

Implements security policy and strategy with industry best practices and as recommended by TAC 202 guidelines, NIST 800-53, 800-171 and Top 20 Critical Security Controls.

Current member of local Houston Infragard Chapter

Coordinates all project management of information security related projects

Works with internal IT teams to security best practices are used in developing, enhancing and maintaining throughout the SDLC

Evaluates, designs and implementation of information security software and toolsets including event information management for the university

Responsible for managing UHD’s Information security program

Coordinates and submits reports required by the State, DIR, UH System and UH

Serves as point of contact for all information security related inquiries and investigations

Coordinates and develops disaster recovery plans for all critical IT Systems.

Coordinates with department heads to ensure security compliance on security best practices

Manage the budget for information security office

Coordinates data gathering for compliance reports

Manage and support university’s emergency notification management system

(Everbridge)

2007 – 2012

SYSTEMS ADMINISTRATOR UNIVERSITY OF HOUSTON-DOWNTOWN WWW.UHD.EDU

Manage server environment of over 200 physical/virtual servers

Perform Server Upgrades and Scheduled Maintenance

Measure Server Performance and Monitoring

Project management of Technology related projects

Perform as key player in Security Incidents

Generate several technical security reports for state reporting

Represent UHD at State and UHS Security events

Architect technology related solutions for other university departments

Research and recommend new technologies

2006 – 2007

NETWORK ADMINISTRATOR, CONTINENTAL VISTA BROADCASTING GROUP, LLC

Manage day to day network operations of company

Perform scheduled maintenance on Servers

Perform scheduled maintenance on Routers/Switches/Wireless 2001 – 2006

NETWORK ADMINISTRATOR UNIVERSITY OF HOUSTON-DOWNTOWN WWW.UHD.EDU

Manage day to day operations of university network of over 3,000 nodes

Perform Network Upgrades and Scheduled Maintenance

Measure Network Performance and monitoring

Project management of Network related Projects

Configure, manage and monitor 802.11b/g wireless network of over 100 Cisco access points

Configure, manage and monitor Cisco switches, Cisco routers and Cisco PIX firewalls

Configure, manage and monitor servers running network applications EDUCATION

DECEMBER 2018

MASTER’S SECURITY MANAGEMENT UNIVERSITY OF HOUSTON-DOWNTOWN GPA 3.95

DECEMBER 2017

GRADUATE CERTIFICATE-CYBERSECURITY UNIVERSITY OF HOUSTON- DOWNTOWN

AUGUST 2006

BACHELOR’S DEGREE, BBA FINANCE UNIVERSITY OF HOUSTON-DOWNTOWN CERTIFICATIONS

• CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL (CISSP) – FEBRUARY 2020

SKILLS

• Cybersecurity Program Management

• Project Management

• CISSP Training

• Network Security

• Relationship Building

• Threat and Incident Management

• Vulnerability Management

• Policy Compliance

• Experience implementing NIST CSF

• Advanced experience working with IT security

tools, such as IDS/IPS, DLP, SIEM, CASB, AV,

Firewall and Web and E-mail proxy filtering

systems and vulnerability scanning

• Supports security audits and assessments

• Information Asset Protection

• Forensic Investigations

• Cybersecurity Management

• Security Awareness

• CIS Critical Security Controls

• Security Assessments

• Vendor Management

• Experience implementing ISO 27001

• Advanced experience in cyber security and

security operations including security tool

implementation and troubleshooting within

an enterprise environment

Contact this candidate