Security Manager Information

Raymond Ito **** Quail Hawk Dr., Houston TX, *****

CISM, Security+ P: 832-***-**** E: *******@*****.***

CYBERSECURITY CONSULTANT

7+ years in information security management, IT security, cybersecurity / enterprise IT architecture. Experience in developing comprehensive security programs utilizing frameworks including NIST 800-Series, SOC Mgt, ISO 27001, HIPAA, PCI, SOX, IAM and GRC compliance. Excellent leadership skills, and appreciation for working in diverse capacities. Ability to build teams and partnerships through effective communication and collaborations, and grasping emerging technologies.

Skills

Excellent oral/written communication, multi-task, and proactive

Strategy and Information security program development

Executive Team key member in security decision making

Report to the board and senior management and ensure security goals are understood

Triage security breaches and incidents according to severity and business impact

Identity and Access Management (IAM), Defense In-Depth solutions, and Zero Trust

Strong strategic and tactical planning skills

Identify and communicate gaps, develop strategies, and ensure adherence to SLAs

Direct disaster recovery planning (DRP)/Business continuity planning (BCP)

Adapt to rapidly-changing business/technological environments

Build strong relationships across organization & oversee SOC teams

Good understanding of ITIL, Agile methodologies (ISO 27001, NIST), etc.

Ensure that corporate networks, and business systems are secure and resilient

Compliance with privacy regs such as GDPR, California, and Virginia Privacy regulations

Accomplishments

Leadership

Developed organizational security program and initiatives built on globally-recognized frameworks of NIST 800 – 53 best practices, ISACA COBIT, and ISO/IEC 27001/2.

Regularly coordinated and presented before senior management and board on issues relating to business and regulatory compliance, security posture, and strategic alignment with business goals and objectives.

Provided leadership, guidance, and direction in assessing information security posture, monitor compliance with security standards, and developed appropriate controls and policies.

Developed a proactive culture of continuous improvement and continuous integration due to the ever-evolving and sophistication of threats.

Implementations

Established Mobile Device Management (MDM) and Bring Your Own Device (BYOD) policies for 2,500 users, and trained employees on emerging technologies.

continued…

Raymond Ito Page 2

Initiated periodic audit for all security infrastructure, and developed mandatory security awareness training for all users.

Collaborations

Collaborated with the board, senior management, employees, and key stakeholders to foster organization-wide security culture by embedding security into all projects’ life-cycles.

Documented and communicated the status of projects, goals and objectives, lessons learned, and implement controls when necessary.

Driven and Tenacious

A humble beginning ignited a hunger and passion to cross industries, cultures, and build career into executive roles in information systems security, strategic planning, and organizational leadership. A high appreciation for diversity, due to being widely travelled in keeping with security trends globally.

Work Experience

Information Security Manager 05/2020 to Present

Glotef Houston, TX

Oversight overall strategic enterprise IS/IT security program development and implementation to optimize efficiency. Develop security strategy, effective disaster recovery plan, and ensure compliance with business and regulatory requirements and oversee information risk management.

Developed enterprise-wide policy, standards, and procedures utilizing governance, risk, and compliance based on ISO 27002 framework.

Reviewed information over 50 security gaps and developed an effective security program.

Performed periodic audits of third-party contracts to ensure requirements and expectations in Service Level Agreements (SLAs) are adhered to.

Directed security awareness training to over 50 regular employees, and 600 temporary employees and contractors.

Developed and presented periodic reports with metrics to senior management on alignment with business goals and objectives.

Advised senior management on the implementation of BYOD policy, associated risks, implementing MDM strategies and security controls.

Directed the effective and efficient information system security resource utilization.

Leveraged technology to create business value and managed emerging technologies.

Continued…

Raymond Ito Page 3

Cybersecurity Consultant 02/2015 to 08/2019 Houston Taxi Houston, TX

Overall responsibility for the security and protection of information systems (IS) and information technology (IT) assets. Direct Information Security, Governance, Risk Management, and Compliance (GDC) efforts. Oversee IT architecture and acquisition budgets.

Reviewed and assessed security posture and developed organization-wide Security Program that includes a fleet of over 2,500 drivers.

Developed a risk-based approach to reinvent taxicab industry in a very competitive market in Houston, Texas that increased revenue by 40 percent.

Delivered over 100 reports to the board and senior management on security posture and project status to ensure that all stakeholders are in alignment with management’s intent and direction.

Implemented Transport Layer Security (TLS) protocols to ensure that daily processing of over 2,000 customers credit card transactions ($200,000 - $300,000 daily) is secure via VPN protocols - a monthly range of $6 - $9 millions credit card transactions processing.

Worked with the Mayor of Houston’s Office and the Administrative and Regulatory Affairs Department (ARA) to ensure that 2,400 independent contractor drivers obtain permits and are in compliance with the City Council’s regulations and industry requirements.

Managed the taxi component of the Houston Airport Systems (HAS) $16 million Ground Transportation Project to integrate secure and seamless dispatch operations of 2,500 users.

Developed and disseminated over 1,500 IS/IT security standards manuals that contain necessary information on meeting security requirements and industry best practices

Developed and implemented mandatory security awareness training for over 2,500 independent contractor drivers to be abreast with the constantly changing threat landscape.

Advised on compliance with security regulations such as the Payment Card Industry Data Security Standard (PCI DSS), and SOX.

Certifications / Education

Certified Information Security Manager (CISM) (2020)

Security+ (2017)

Masters - Information Systems

University of Maryland Global Campus Adelphi, MD, United States

Bachelors - Communications Studies

University of Maryland Global Campus Adelphi, MD, United States

Raymond Ito Page 4

Contact this candidate