Haven't had eyes other than headhunters on my resume in awhile (review request)

My resume was over a year out of date and I had reason to update recently, so figured why not get some other eyes on it

Professional Profile:
Information Security Professional with eighteen years of IT experience. Areas of expertise include Threat Intelligence, Governance and Compliance, Business Continuity / Disaster Recovery, Risk Management, Incident, Problem and Change Management, People Management, Client Relationship Management, SOW and SLA Development, Service Desk Management, RSA Archer Smart Suite Development and Administration, and Outsourcing (specifically India).

Employment History

2015 – Current
Company A Anytown, USA
Senior Threat Intelligence Analyst

Develop, gather, maintain and continuously evaluate cyber, brand & threat intelligence/data sources (technical & non-technical) to increase effectiveness cyber threat information in managing business risks and integrate them into a threat framework.

Produce, edit and distribute concise and actionable threat analysis and reports to audiences that range from C-Level executives to security analysts, relationship management, fraud analysts, and sales teams.

Analyze daily threat landscape via open source intelligence (OSINT) and publish daily threat landscape report across all lines of business within the company.

Maintain subject matter expert (SME) level of knowledge of payment card, mobile wallet, and payments fraud threats affecting industry

2011 -2015
Company A Anytown, USA
Lead ITIL/Governance Advisor

Manage the development of policy, standards, processes, procedures and guidelines for testing to be performed, ensuring that it is commensurate with the risk of the change being introduced.

Perform security assessments of offshore and domestic vendors to ensure compliance to contractual obligations as well as applicable regulations, control standards, and industry best practices. Draft and issue memos documenting any findings and remediation recommendations to senior management upon completion of assessments.

Manage the policy exception/risk acceptance process end to end. From working with IT resources to draft the request and validating the information in each request is accurate and complete to following up with IT and Business owners to ensure that expiring requests are either remediated or renewed as needed. Additionally, provide senior leadership with regular reporting of status of all active requests as part of this process.

Support and enforce compliance with applicable regulations and control standards, which include, but are not limited to the following: PCI DSS, FFIEC,SSAE-16

Support the integration of IT Risk Management practices into key Information Technology and business areas, ensuring that key IT risks are being adequately addressed.

Build and maintain custom Archer eGRC applications, solutions, reports and notifications in the Risk, Business Continuity, Policy, Policy Management, Compliance, Vendor Management and Enterprise modules to support all GRC activities. Perform additional administrator functions within Archer eGRC to include access management and integration into other Enterprise tools.

2010 – 2011
IT Systems Incident Manager
Company A's previous name Close to Anytown, USA

Lead the service restoration process by managing incident conference calls. Redesigned Incident Management policy and developed procedures with focus on service restoration while ensuring network integrity.

Refined and continuously improved Incident Management process for IT Command Center usage.

Developed and maintained Business Continuity/Disaster Recovery Plan for the data center.

Represented the Network Operations Center (NOC) in local and Enterprise Change Advisory Board meetings.

1998 – 2009
Production Environment Manager/Client Services Representative (Business Service Analyst)
In Same Building almost 12 years, Name changed 4 times (M&A paradise) Some Other Town, USA

Served as single point of accountability for production support in global Service Desk /Contact Center environments, tasked with end to end responsibility for Problem, Change and Incident Management for fifty-nine global contact centers.

Served as Change Manager for data and voice delivery network for the BPO Platform. Ensured all changes were thoroughly tested, reviewed and approved before implementation. Facilitated problem management reviews of all failed changes while producing and delivering routine reports of change metrics to leadership

Engaged for all client impacting incidents (Severity 1 and 2), managed the incident conference call by ensuring that the appropriate resources were engaged from support organizations, escalated as required, kept the restoration efforts focused on restoration, and sent notifications to leadership. Created, documented, and maintained the support procedures for all clients. Ensured the documentation was in place to support new business implementations, transitions, and enhancements.

Managed daily operations of a leveraged service desk, providing global support for over three hundred applicationsand a staff of 56 personnel. Ensured adequate staffing was present on a daily basis to meet contractual metrics. Addressed personnel issues, including: coaching and development, salary planning, issuing corrective action, hiring as well as terminating employees

Acted as project manager for global work initiatives into and out of the site.Served as member of build out team for first contact center in Mumbai, India. Provided training on location for Indian resources, including management.

Education
Bachelors of Science – Information Technology Security
Western Governors University
Expected Completion: December 2017

Certifications

Certified Information Systems Security Professional (CISSP)
Certified in Risk and Information Systems Controls (CRISC)
RSA Archer Certified Administrator v.5.x
ITIL Foundations V3
Microsoft Certified System Engineer (MCSE) Windows 2000
Microsoft Certified System Administrator (MCSA)
CompTIA eBiz + Certified Professional
CompTIA IT Project + Certified Professional
CompTIA Server + Certified Professional
CompTIA iNet+ Certified Professional
CompTIA Network + Certified Professional
CompTIA A + Certified Professional

/End

Thoughts? Suggestions

Find more posts tagged with

Comments

LeBroke

I'd add a section highlighting your specific skills.

I.e. here's mine:

KEY SKILLS

 Knowledge and experience deploying highly-available environments via AWS stack and

its component technologies (EC2, S3, RDS, VPC, CloudFormation); access management via IAM

 Expert proficiency with Ansible configuration management

 Multiple years administering Red Hat and CentOS Linux

 Experience with Java stack (Tomcat, Glassfish), MySQL

 Infrastructure-as- code deployment via Git version control

 Enterprise scale automated Linux OS PXE deployment via Cobbler

 Server/cloud virtualization via VMware ESXi/vSphere platform

 Experience designing, configuring and managing OSI layer 2 networks via Cisco

hardware

 Python and Bash scripting

BuhRock

I'd lose the Windows 2000 msce.

tmtex

I was went to a resume class from Dell a couple of weeks ago, If its not within recent times, remove it. Ex. MCSE 2K or Novell. Another example is if you have a masters and are applying for a desktop job, do not put it on there. Give you an idea.

Overall looks great and if it was me, I would leave the W2K

DatabaseHead

How about omitting the 2000 from the MCSE like you did for the MCSA.

Production Environment Manager/Client Services Representative (Business Service Analyst) I would consider consolidating this into one job title, your last one and maybe underneath or in a bullet mention you held multiple positions. I read that and it tells a story that you were a massive JOAT and to be honest that doesnt do much for me.

Lead ITIL/Governance Advisor Is that your title? Why add the slash, Lead ITIL Governance Advisor reads better to me personally.

Too many certifications IMO for a resume, only list the ones of relevance in the direction you want to go. Takes away from the good ones, creating to much noise.

I don't see any quantitative information in your resume, SLA's, lowered Risk scores etc.......

The core looks fine to me, resumes ALWAYS can use improvement.

Good luck

shochan

jcundiff wrote: »

My resume was over a year out of date and I had reason to update recently, so figured why not get some other eyes on it

Professional Profile:
Information Security Professional with eighteen years of IT experience. Areas of expertise include Threat Intelligence, Governance and Compliance, Business Continuity / Disaster Recovery, Risk Management, Incident, Problem and Change Management, People Management, Client Relationship Management, SOW and SLA Development, Service Desk Management, RSA Archer Smart Suite Development and Administration, and Outsourcing (specifically India).

Employment History

2015 – Current
Company A Anytown, USA
Senior Threat Intelligence Analyst

Develop, gather, maintain and continuously evaluate cyber, brand & threat intelligence/data sources (technical & non-technical) to increase effectiveness cyber threat information in managing business risks and integrate them into a threat framework.

Produce, edit and distribute concise and actionable threat analysis and reports to audiences that range from C-Level executives to security analysts, relationship management, fraud analysts, and sales teams.

Analyze daily threat landscape via open source intelligence (OSINT) and publish daily threat landscape report across all lines of business within the company.

Maintain subject matter expert (SME) level of knowledge of payment card, mobile wallet, and payments fraud threats affecting industry

2011 -2015
Company A Anytown, USA
Lead ITIL/Governance Advisor

Manage the development of policy, standards, processes, procedures and guidelines for testing to be performed, ensuring that it is commensurate with the risk of the change being introduced.

Perform security assessments of offshore and domestic vendors to ensure compliance to contractual obligations as well as applicable regulations, control standards, and industry best practices. Draft and issue memos documenting any findings and remediation recommendations to senior management upon completion of assessments.

Manage the policy exception/risk acceptance process end to end. From working with IT resources to draft the request and validating the information in each request is accurate and complete to following up with IT and Business owners to ensure that expiring requests are either remediated or renewed as needed. Additionally, provide senior leadership with regular reporting of status of all active requests as part of this process.

Support and enforce compliance with applicable regulations and control standards, which include, but are not limited to the following: PCI DSS, FFIEC,SSAE-16

Support the integration of IT Risk Management practices into key Information Technology and business areas, ensuring that key IT risks are being adequately addressed.

Build and maintain custom Archer eGRC applications, solutions, reports and notifications in the Risk, Business Continuity, Policy, Policy Management, Compliance, Vendor Management and Enterprise modules to support all GRC activities. Perform additional administrator functions within Archer eGRC to include access management and integration into other Enterprise tools.

2010 – 2011
IT Systems Incident Manager
Company A's previous name Close to Anytown, USA

Lead the service restoration process by managing incident conference calls. Redesigned Incident Management policy and developed procedures with focus on service restoration while ensuring network integrity.

Refined and continuously improved Incident Management process for IT Command Center usage.

Developed and maintained Business Continuity/Disaster Recovery Plan for the data center.

Represented the Network Operations Center (NOC) in local and Enterprise Change Advisory Board meetings.

1998 – 2009
Production Environment Manager/Client Services Representative (Business Service Analyst)
In Same Building almost 12 years, Name changed 4 times (M&A paradise) Some Other Town, USA

Served as single point of accountability for production support in global Service Desk /Contact Center environments, tasked with end to end responsibility for Problem, Change and Incident Management for fifty-nine global contact centers.

Served as Change Manager for data and voice delivery network for the BPO Platform. Ensured all changes were thoroughly tested, reviewed and approved before implementation. Facilitated problem management reviews of all failed changes while producing and delivering routine reports of change metrics to leadership

Engaged for all client impacting incidents (Severity 1 and 2), managed the incident conference call by ensuring that the appropriate resources were engaged from support organizations, escalated as required, kept the restoration efforts focused on restoration, and sent notifications to leadership. Created, documented, and maintained the support procedures for all clients. Ensured the documentation was in place to support new business implementations, transitions, and enhancements.

Managed daily operations of a leveraged service desk, providing global support for over three hundred applicationsand a staff of 56 personnel. Ensured adequate staffing was present on a daily basis to meet contractual metrics. Addressed personnel issues, including: coaching and development, salary planning, issuing corrective action, hiring as well as terminating employees

Acted as project manager for global work initiatives into and out of the site.Served as member of build out team for first contact center in Mumbai, India. Provided training on location for Indian resources, including management.

Education
Bachelors of Science – Information Technology Security
Western Governors University
Expected Completion: December 2017

Certifications

Certified Information Systems Security Professional (CISSP)
Certified in Risk and Information Systems Controls (CRISC)
RSA Archer Certified Administrator v.5.x
ITIL Foundations V3
Microsoft Certified System Engineer (MCSE) Windows 2000
Microsoft Certified System Administrator (MCSA)
CompTIA eBiz + Certified Professional
CompTIA IT Project + Certified Professional
CompTIA Server + Certified Professional
CompTIA iNet+ Certified Professional
CompTIA Network + Certified Professional
CompTIA A + Certified Professional

/End

Thoughts? Suggestions

I would try to simplify your resume, is this a 3pg resume? I would condense it to 2pg, maybe even 1pg. Recruiters want a SIMPLE resume w/keywords.

Change up "Professional Profile" maybe to "Career Objective"...this needs to be something in your own words of what specific desires you want in a job, listing yrs of experience is great...Indicate if you are a team player and/or work well independently...List some personality traits that you possess definitely helps too.

If you are looking for a new position, I would update your resume monthly on your favorite job posting websites. I tend to get more views/calls/emails about new jobs doing this method.

I would continue to list ALL certifications regardless of how old they are. You put in the work and effort to achieve these, so put them on display on your resume. They may not be relevant to the new position you are applying for, but it does account for something. Maybe indicate WHEN you passed them (month/year).

Another thing I did was indicate how many hours I completed with my degree. (specifics are key with recruiters)

Hope this helps some...CHEERS! Best of luck on your new endeavors!

atippett

On your 2011-2015 job, change your verbs to past tense. It may not seem like a big deal, but it is.