Manager Information Security

HARRY A. KRIMKOWITZ • ********@***.***

* ****** **** ***** ****** Township, NJ 08831 • Cell: 703-***-****

CHIEF INFORMATION SECURITY OFFICER

•More than twelve years plus experience in leading/managing information security teams, developing strategies, execution of information programs/ projects

•Versatile and accomplished in successfully working across organizations in a cross-functional way that yield effective results

•Extensive Leadership and Management experience

•Exceptional oral and written communications skills

•Familiarity and experience with COBIT, ISO 27000, PCI-DSS, SOX, OCTAVE, NIST and ITIL Standards

•Customer Service •Client Relations •Team Leadership & Motivation •Computer Security Incident Response •Risk Management • Project Management •Security Policy Management •Threat and Vulnerability Management •Security Monitoring •Security Awareness and Education

EDUCATION:

MS in Management, Florida Institute of Technology, Melbourne, FL

BA in Economics, Ithaca College, Ithaca NY

CERTIFICATIONS AND TRAINING:

Certified Information Security Manager (CISM)

MIS - Managing an Information Security Program

Computer Security Institute - How to Develop a Winning Security Architecture

CLEARANCE: Top Secret/SSBI (March 2012)

EXPERIENCE:

Client, Server Software Solutions (CSSS.NET) Washington, DC• 2009 – Present

Program Manager

Performs as the Program Manager for an information security Program Management Office (PMO). Responsible for all aspects of financial management to include profit and loss. Responsible for a group of eighteen to twenty security professionals providing information security services for the Internal Revenue Service and the Defense Media Activity. Provides oversight and detailed analysis for cyber security strategy, policy, governance, capital planning and investment control and IT asset management. Provides support for the development of the IRS IT Security Strategic Plan and the IRS Enterprise Vulnerability Management Program Concept of Operations and the Enterprise Vulnerability Management Program Standard Operating Procedures. Supports the update and development of IRS security policies. Provided support to Prometric, Inc. where I mapped ISO 27000 security controls to PCI-DSS and NIST controls. Authored several security policies including system and communication protection, system and information integrity and identification and authentication. In support of the Defense Media Activity developed their information security program that included the development of a strategic plan, security policies, governance framework, and metrics program including a security metric dashboard.

TELESIS CORPORATION, BELTSVILLE, MD• 2007 – 2009

Program Manager

Responsible for a group of ten security professionals providing information security services for the Departments of Transportation. Provided Certification and Accreditation, Verification and Validation, Education Training and Awareness, Privacy Program support. Developed strategic plans and information security policies and procedures. Prepared departmental information security policies and procedures for all NIST SP 800-53 control families. Conducted quarterly information security compliance reviews. Developed and implemented communications and outreach for information security awareness and training. Accountable to the senior management for overall program management contract performance, profits, and client/customer relationships.

ANTEON CORPORATION/GENERAL DYNAMICS INFORMATION TECHNOLOGY, Annandale, VA • 2005-2007

Vice President/Senior Director, Security Services

Responsible for all phases of each supervised program from inception through completion. Established milestones and monitored adherence to master plans and schedules, identified program problems and obtained solutions, such as allocation of resources or changing contractual specifications. Served as the primary customer point of contact for all program activities which included, leading program review sessions with customers to discuss cost, schedule, and technical performance. Coordinated subordinate employee recruitment, selection and training performance assessment, work assignments, salary, and recognition/disciplinary actions. Ensured all project deliverables were on schedule and within budget. Charged with new business development, client and customer relationship building functions, as well as program management of 14 projects valued at $15-$20 million. Provided budget forecasting, as well as prepare high-level project proposals and pricing. Sourced and developed alliances to obtain new business. Primary strategic planner in providing information security and infrastructure security services to critical federal agencies, including the Departments of State, Homeland Security, the Nuclear Regulatory Commission, the U.S. Air Force, and the U.S. House of Representatives. Served as the Program Manager for the US Coast Guard Computer Security Incident Response Team (CSIRT) growing the CSIRT into a 24X7X365 operation.

INTEGRATED MANAGEMENT SERVICES INC., Arlington, VA • 2000-2004

Director Security Services Division

Established security policies and procedures, and orchestrated implementation of recommendations for clients such as the Bureau of Alcohol, Tobacco and Firearms, the Departments of State, Justice, Air Force, and Transportation, as well as the U.S. House of Representatives, and NASA. Responsible for the line management of 15 security projects valued at $15 million. Directed a staff of 75 analysts and technicians in performing all aspects of securing electronic information, from risk assessments and product evaluation to integration and installation, as well as disaster recovery planning, public key infrastructure (PKI) and virtual private network (VPNs) development. Ensured all project deliverables were on schedule and within budget. Primary strategic force in preparing briefings, proposal presentations, and white papers to prospective clients.

COMPUTER SCIENCES CORPORATION, Merrifield VA • 1999-2000

Senior Manager Computer Emergency Response Team (CERT) Operations

Senior Manager focused on providing information security solutions to U.S. military services and Federal agencies while directing a staff of 50 analysts and technicians developing Systems Security functions for security monitoring, event correlation, incident response to technical compromise analyses for 5 projects valued at $5.5 million. Established the Federal Aviation Administration Computer Security Incident Response Team (CSIRT) and directly managed the DoD CERT help desk.

LOGICON/NORTHROP GRUMMAN INC., Herndon, VA • 1999-1999

Project Manager/ Senior Information Security Specialist

Project Manager focused on developing information systems security policies, procedures and documentation for Federal Government clients. Directed 16 certification and accreditation projects and supervised a staff of 20 security analysts.

EXECUTIVE SECURITY & ENGINEERING TECHNOLOGY, INC., Falls Church, VA • 1997-1998

Task Manager/ Senior INFOSEC Analyst

Task Lead in charge of 2 Information Systems Security (INFOSEC) projects valued at $3.5 million. Supervised 8 security analysts and engineers. Recommended INFOSEC solutions to solve customer problems based on an understanding of how products and services interrelate and support the customer mission and operation. Developed a standardized risk assessment methodology for the Defense Logistics Community.

Contact this candidate