JON M. GARZA
CISSP, Master’s in Security Management
***** ********* **** **. ******, Tx · 713-***-**** email@example.com · https://www.linkedin.com/in/jon-garza-8612984 Director Inform. Security & IT Compliance IT Security Manager Information Security Officer A strategic and business-oriented security leader with over 22 years of enterprise technology experience including 8 year’s experience in an information security leadership role my skills are tailored for achieving business objectives while ensuring company systems, infrastructure and processes are secured. With a sound understanding of business management and deep knowledge of implementing security technologies in corporate networks, my talents will perfectly align with the company objectives. My extensive background serving as the subject matter expert for all global cybersecurity and IT compliance issues of an organization match the requirements of the Director of IT Security position.
DECEMBER 2017 – PRESENT
DIRECTOR OF IT SECURITY CORE LABORATORIES, N.V. INC. WWW.CORELAB.COM Core Laboratories N.V. Inc. is one of the largest service providers worldwide of core and fluid analysis in the petroleum industry.
Subject Matter Expert and leader on all global cybersecurity issues and concerns
Established an information security governance structure
Regularly reports on the status of the information security program to executive management
Manages a security awareness training program for all employees and contractors
Develops and maintains company requirements for monitoring security events, responding to intrusion attempts and compromises, and deploying security updates to enterprise systems and end points.
Current member of local Houston Infragard Chapter
Manages the budget for information security function within the company
Develops the global information security vision and strategy while being aligned with business objectives
Develops and maintains up to date security policy and standards for all enterprise systems.
Creation of corporate 3
party vendor security program
Creation of corporate application security program
Leads the security evaluation of new and existing technologies and standardize enterprise system security configuration.
Facilitates enterprise security assessments and pen test to identify risk and gaps.
Provides input for risk mitigation and process improvement opportunities.
Manage and improve on methodologies over enterprise risk management, vendor risk management, and exception management.
Responsible for building internal networks with business executives, such as legal and HR
Leads all cybersecurity investigations and incident response matters
Responsible for selecting and recommending all cybersecurity solutions
Collaborates with key security vendors to resolve issues and identify root cause for security incidents and events.
Leads and oversees security compliance initiatives such as ISO 27001, GDPR, CIS Top 20 Critical Security Controls and SOX
Serves as project manager of all cybersecurity initiatives 2012 – 2017
DIRECTOR OF IT SECURITY & COMPLIANCE UNIVERSITY OF HOUSTON- DOWNTOWN WWW.UHD.EDU
The University of Houston-Downtown is a comprehensive four-year university offering bachelor's and master's degree programs aimed at career preparation with over 14,000 students.
Serves as Subject Matter Expert (SME) for all information security related items including authentication of systems
Serves as Primary Contact for all Information Security Audits and IT Compliance investigations.
Manages IT Security team
Member of Statewide Subcommittee on Risk Assessment reporting to the Texas Statewide Information Security Advisory Committee
Oversees the security and data integrity of all UHD information systems and technical environments
Implements security policy and strategy with industry best practices and as recommended by TAC 202 guidelines, NIST 800-53, 800-171 and Top 20 Critical Security Controls.
Current member of local Houston Infragard Chapter
Coordinates all project management of information security related projects
Works with internal IT teams to security best practices are used in developing, enhancing and maintaining throughout the SDLC
Evaluates, designs and implementation of information security software and toolsets including event information management for the university
Responsible for managing UHD’s Information security program
Coordinates and submits reports required by the State, DIR, UH System and UH
Serves as point of contact for all information security related inquiries and investigations
Coordinates and develops disaster recovery plans for all critical IT Systems.
Coordinates with department heads to ensure security compliance on security best practices
Manage the budget for information security office
Coordinates data gathering for compliance reports
Manage and support university’s emergency notification management system
2007 – 2012
SYSTEMS ADMINISTRATOR UNIVERSITY OF HOUSTON-DOWNTOWN WWW.UHD.EDU
Manage server environment of over 200 physical/virtual servers
Perform Server Upgrades and Scheduled Maintenance
Measure Server Performance and Monitoring
Project management of Technology related projects
Perform as key player in Security Incidents
Generate several technical security reports for state reporting
Represent UHD at State and UHS Security events
Architect technology related solutions for other university departments
Research and recommend new technologies
2006 – 2007
NETWORK ADMINISTRATOR, CONTINENTAL VISTA BROADCASTING GROUP, LLC
Manage day to day network operations of company
Perform scheduled maintenance on Servers
Perform scheduled maintenance on Routers/Switches/Wireless 2001 – 2006
NETWORK ADMINISTRATOR UNIVERSITY OF HOUSTON-DOWNTOWN WWW.UHD.EDU
Manage day to day operations of university network of over 3,000 nodes
Perform Network Upgrades and Scheduled Maintenance
Measure Network Performance and monitoring
Project management of Network related Projects
Configure, manage and monitor 802.11b/g wireless network of over 100 Cisco access points
Configure, manage and monitor Cisco switches, Cisco routers and Cisco PIX firewalls
Configure, manage and monitor servers running network applications EDUCATION
MASTER’S SECURITY MANAGEMENT UNIVERSITY OF HOUSTON-DOWNTOWN GPA 3.95
GRADUATE CERTIFICATE-CYBERSECURITY UNIVERSITY OF HOUSTON- DOWNTOWN
BACHELOR’S DEGREE, BBA FINANCE UNIVERSITY OF HOUSTON-DOWNTOWN CERTIFICATIONS
• CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL (CISSP) – FEBRUARY 2020
• Cybersecurity Program Management
• Project Management
• CISSP Training
• Network Security
• Relationship Building
• Threat and Incident Management
• Vulnerability Management
• Policy Compliance
• Experience implementing NIST CSF
• Advanced experience working with IT security
tools, such as IDS/IPS, DLP, SIEM, CASB, AV,
Firewall and Web and E-mail proxy filtering
systems and vulnerability scanning
• Supports security audits and assessments
• Information Asset Protection
• Forensic Investigations
• Cybersecurity Management
• Security Awareness
• CIS Critical Security Controls
• Security Assessments
• Vendor Management
• Experience implementing ISO 27001
• Advanced experience in cyber security and
security operations including security tool
implementation and troubleshooting within
an enterprise environment