HENRY DUONG
Kansas City,MO
Summary
I am a seasoned information security professional with a deep passion for technology and a keen attention to detail. My proven ability to create secure and cohesive digital environments makes me an ideal candidate to join your team. I understand the importance of reducing business impacts and implementing cost-effective risk mitigation strategies, which has resulted in my holistic approach to information security management.
My goal is to offer scalable and robust security strategies that balance IT strategy, user performance improvement, and disaster recovery to ensure the confidentiality, integrity, availability, and security of sensitive business data. With my advanced knowledge of industry regulations, standards, and frameworks, including HIPAA, ISO 27001, CIS 18, NIST 800-53, and SOX, I have the analytical insight to identify and mitigate cyber threats by developing comprehensive security plans.
As a dynamic leader, I am eager to take on new challenges and work towards reducing cyber risk and maintaining the integrity of critical business information. I believe that my expertise can be of great value to your organization and I look forward to discussing how I can contribute to your team.
Overview
18
18
years of professional experience
1
1
Certification
Work History
Global Information Security Manager
Seaboard Overseas & Trading Group
Merriam, KS
04.2023 - Current
- Paid attention to detail while completing assignments.
- Worked effectively in fast-paced environments.
- Exercised leadership capabilities by successfully motivating and inspiring others.
- Used critical thinking to break down problems, evaluate solutions and make decisions.
- Cultivated interpersonal skills by building positive relationships with others.
- Proven ability to learn quickly and adapt to new situations.
- Skilled at working independently and collaboratively in a team environment.
- Developed strong communication and organizational skills through working on group projects.
- Managed time efficiently in order to complete all tasks within deadlines.
- Demonstrated strong organizational and time management skills while managing multiple projects.
- Developed and maintained courteous and effective working relationships.
- Excellent communication skills, both verbal and written.
- Worked well in a team setting, providing support and guidance.
- Assisted with day-to-day operations, working efficiently and productively with all team members.
- Learned and adapted quickly to new technology and software applications.
- Provided professional services and support in a dynamic work environment.
Director of Information Security
Dairy Farmers Of America, Inc
07.2019 - 04.2023
- Bring a comprehensive approach to managing full-cycle security operations and developing tactical strategies across eight security domains.
- Provide management expertise and strategies, including conducting security audits, endpoint security, managing vulnerabilities, and executing cloud security and incident response using Security Incident and Response Management system
- Ensuring security and privacy of all contracts and collaborating closely with Information
- Technology teams to integrate security into early stages of Azure and AWS projects
- Continuous improvement advocate to drive performance improvement initiatives to provide security guidance for team and other Dairy Farmers of America groups
- Proactive leader, responsible for establishing goals for Security Engineers and teams to facilitate their growth and development, and capable of strategically representing the CISO in meetings and providing comprehensive security documentation and reports with metrics and KPIs to show ROI of the security program
- Effectively utilize and execute different security technologies in DNS security, Endpoint Security, Threat Response, Threat Intelligence, Cloud & On-prem Security, and various other strategic security solutions
- Develop standards, processes, and procedures that align with company policies, with a proven track record of successful project management for all information security projects
- As a trusted advisor, offering guidance on security management to information technology teams and projects to ensure integrity of sensitive business data and minimize risk of cyber breaches
- Reviewed and assessed architecture design, implementation, testing, and deployment needs to identify project requirements and costs
- Communicated regularly with customers concerning data exchange and technology integration
- Worked closely with management teams to plan, develop and execute technical strategies aligned with client's vision
- Analyzed network security and current infrastructure to assess areas in need of improvement and develop solutions
- Played key role in ongoing network security design, reevaluation, and optimization to keep pace with company growth
- Passionate about learning and committed to continual improvement
- Demonstrated creativity and resourcefulness through development of innovative security solutions
- Exercised leadership capabilities by successfully motivating and inspiring others
- Developed strong communication and organizational skills through working on group projects
- Proven ability to develop and implement creative security solutions to complex problems
- Strengthened communication skills through regular interactions with others.
- Used critical thinking to break down problems, evaluate solutions and make decisions
Infrastructure Security Manager
The University Of Kansas Health Systems
02.2015 - 07.2019
- Led the direction of the health system-wide security system, aligning with health system strategies across departments and levels of the university while chairing the Security and Policy Committee
- Implemented Microsoft Operation Framework (ITIL) for thesecurity team and provided mentorship to Security and IAM Architects, Engineers, and information technology departments
- Contributed to technology and product planning with Hospital Information Technology management and health system departments
- Minimized delay time from compromise to mitigation to prevent breaches
- Developed security metrics and an executive dashboard to monitor and align security tasks, goals, and objectives with priorities and needs
- Established programs including Cybersecurity Incident Response, Business Continuity and Disaster Recovery, Security Risk Management, Vulnerability and Patch Management, Malware Analysis, Identity & Access Management, and Security Infrastructure and Information Security
- Designed and implemented tactical security strategies and infrastructure networks to secure the health system
- Aligned Information Security with the organization's mission statement, values, and commitment to patient care
- Coordinated with Project Management Office to ensure security lifecycle is integrated into all projects, maintaining continuous compliance with HIPAA Privacy and Security Rules, Joint Commission, PCI DSS, and CMS security standards
- Built strong relationships with health system executives, doctors, vendors, and team members to promote a security culture
- Advised Systems Director of HITS, CIO, CMIO, and other senior leadership on security gaps and risks
- Delivered regular security awareness programs to educate personnel on security measures and protocols
- Evaluated security systems and procedures to identify areas for improvement
- Created and implemented security network framework across 70,000 devices
- Worked in fast-paced and high-risk environments while maintaining exceptional standards of excellence for security programs, strategies, and plans
- Determined security budgets and identify opportunities to optimize resource utilization.
- Controlled multimillion-dollar security budgets, controlling costs, and staying within budget each year
- Oversaw teams of security engineers and analysts and managed scheduling and performance evaluations
- Collaborated with senior management to develop and implement strategies to mitigate security risks.
- Optimized security programs, administrative functions, business management, and inventory control by enhancing planning and allocation of resources.
- Outlined and maintained security patching schedule to efficiently address ongoing system issues.
- Conducted regular security audits and assessments to identify potential security risks and vulnerabilities.
- Managed security policies and procedures to promote safety and security of personnel and assets.
- Coordinated with IT personnel regarding security of digital assets and information systems.
- Verified excellence in regard to security programs, strategies, and plans within fast-paced and high-risk environments
Information Security Supervisor & Security Officer
Shook, Hardy And Bacon, L.L.P.
02.2005 - 01.2015
- Demonstrated expertise in managing the full spectrum of security functions and budgets, including experience with ISO 27001 audit process and certification requirements
- Prepared and submitted reports to keep management informed of security activities and developments
- Successfully achieved ISO 27001 certification for the company in September 2014 and continuously reviewed ISO 27001 Information Security Management System (ISMS), Statement of Applicability (SOA), Scope, and meeting minutes to ensure compliance with certification obligations
- Provided insightful recommendations to the Chief Information Officer (CIO) on privacy and security considerations about HIPAA, ISO 27001, SOX, and client contractual security obligations
- Implemented security controls and standards following ISO 27001 (using the ISO 27002 control framework), HIPAA, and client security mandates
- Responded to security-related questions on potential client Requests for Proposal (RFP) and conducted third-party/vendor security risk assessments as part of Risk Management program and oversight of Risk Treatment plans
- Actively participated in Information Governance Board and played a critical role in evaluating, securing, and maintaining proof of concept for cloud storage
Education
Bachelor of Science Degree - Computer Information Systems
Friends University
Wichita05.2001
Skills
- Management skills
- Time Management
- Critical Thinking
- Strategic Planning
- Risk Management Framework
- Metrics & KPIs
- Development & Application Security Operations
- Audit & Compliance
- OT and IoT Security
- Threat Analysis & Incident Handling
- Cloud Security
- Vulnerability Management
- Identity & Access Management
- Developing Security Strategies
- Active Listening
- Complex Problem-Solving
- Change Management Process
- Stakeholder Communications
- Network & Operation Security Architecture Design
- ISO 27001, CIS 18, & NIST Security Standards
Certification
PCI Standard Security Council - Internal Security Auditor
Timeline
Global Information Security Manager
Seaboard Overseas & Trading Group
04.2023 - Current
Director of Information Security
Dairy Farmers Of America, Inc
07.2019 - 04.2023
Infrastructure Security Manager
The University Of Kansas Health Systems
02.2015 - 07.2019
Information Security Supervisor & Security Officer
Shook, Hardy And Bacon, L.L.P.
02.2005 - 01.2015
Bachelor of Science Degree - Computer Information Systems
Friends University
Similar Profiles
Brian ChibaleBrian Chibale
Regional IT Manager - Africa at Seaboard Overseas & Trading GroupRegional IT Manager - Africa at Seaboard Overseas & Trading Group
Mark BlandMark Bland
VICE PRESIDENT OF INFORMATION SYSTEMS at Seaboard Overseas GroupVICE PRESIDENT OF INFORMATION SYSTEMS at Seaboard Overseas Group
Hamza Nasri BakeerHamza Nasri Bakeer
Senior Business Development at AL-Behar Overseas Co. for Industrial & TradingSenior Business Development at AL-Behar Overseas Co. for Industrial & Trading