CURRICULUM VITAE
Personal Details
Name: Joanne Ness
Date of Birth: 15/09/1970Sex: Female
Nationality: IrishMarital Status: Married
Home Address: Telephone number: - Gleneaston Cresent, Mobile number: -
Leixlip, Email-County Kildare,
Ireland
Educational History (in reverse chronological sequence)
2023Microsoft Cloud Computing
2016Qualified in Azure data fundamentals
2013Practitioner Certifiction in Data Protection (Pc.dp )
2010CISM qualification.
2010 international standards ISO- 1990Accountancy and Business College, Dublin
IATI Accounting Technician Certificate
1981 1988Our Lady of the Assumption Secondary School Walkinstown
Leaving Certificate obtained1988
Intermediate Certificate obtained 1983
Professional Summary
I am an Information Technology Security professional working for AXA Insurance DAC . and am involved in the review of the security standards within the company, writing post review reports and providing consultancy on security risk related matters. I work with both internal and outsourced clients, and work mainly in the area of Third party management making sure our vendors meet AXA’s Security requirements,PCI DSS Standards and Data Protection. I prioritise my workload and allocate my time accordingly. I can communicate concisely and informatively, both written and orally, to a wide variety of users with varied technical knowledge at all levels. I have to interpret contracts, write security policies and procedures and relate them to the various platforms and all areas of the business. I am a conscientious worker, self motivated, and deliver results on time. I enjoy learning new skills and being challenged at work. I have taken several courses to advance my skills in the security arena, including the Certified Information Security Management (CISM) course and obtained accreditation. The Practitioner Certification in Data Protection (Pc.dp) course and obtained accreditation. I have also done a number of technical training courses such as AIX fundamentals, Windows server management, and Lotus Notes administration
My knowledge of various platforms enables me to relate to constraints specific to operating systems and applications and also to assist in suggesting solutions. Although initially trained in Windows systems, I have broadened my skills and have knowledge of the various UNIX operating systems. I have also project managed and resourced an implementation of subsystem security status checking to improve security on multiple platforms and the introduction of a new VOIP phone system. I have been involved with several other projects where I either have the lead or an integral part of the project these included the introduction of Sharepoint and Service Now into AXA Insurance DAC.
During my time working for IBM I have filled a support role for several windows based applications and have taken several courses including Network Basics training, IBM Computer fundamental course, Lotus Notes 4.5 & 5.03 Technical Support Training, Time Management, Making Effective Presentation, Fundamentals of Project Management, Interpersonal & Communication Skills, Personal Effectiveness, Facilitation, Coaching, Better Writing Skills, Team Leader assessment, Team Leader Training, ECDL–Lotus products, Advanced 123 training and Advance Microsoft Office training Excel, Word, PowerPoint. These enabled me to advise on the development of a security database specifically in the area of service introduction and in the management of inventory and software licencing.
Career History (in reverse chronological order)
AXA Insurance Dac.
IT Security Consultant
2016 to date
Domain of Knowledge: Third Party Security Analyst, Payment Card Industry data security standards (PCI DSS) Data Protection, Operations Security, Legal, Regulations. Compliance and Investigations, Physical (Environmental) Security, Access Control. Security and Risk management
As a security consultant within the internal and external arena in AXA I have contributet to providing security awareness, expertise and knowledge to contract management, education of third party vendors, interal staff, technical architecture and operational technical management in security matters. All of my credentials are below which I have adapted to every role I have had in the security arena.
August 2010 to 2016
Easytrip Ireland Services LTD. IT Security & PCI Manager
Domain of Knowledge: Payment Card Industry data security standards (PCI DSS) Data Protection, Operations Security, Legal, Regulations. Compliance and Investigations, Physical (Environmental) Security, Access Control. Security and Risk management
As a security manager within the internal and external arena in Easytrip I am always improving my skills and am studying the various international standards such as ISO 27001 also frameworks such as COBiT. I achieved certification in the practitioner certification in data protection in June 2013. I also achieved certification in the CISM exam in June 2010 and PC.dp exam in June 2013 and have used these skills on a daily basis in my current role. My main responsibilities are,
Key Duties/Responsibilities:
Identification, assessment and mitigation of Information Security risks including cyber risks
Responsibility for ensuring that all information security policies and procedures are up to date,
Perform ongoing information risk assessments and audits to ensure that information systems are adequately protected and meet best practice (ISO27001 and PCIDSS) standards
Produce and issue regular IS status reports to Senior Management
Ensure the ongoing integration of information security with business strategies and requirements
Working closely with managed service provider
Manage the delivery of key operational and strategic IS projects
Delivery of information security awareness and training initiatives across the organisation
Lead any incident response to contain, investigate, and prevent future computer security breaches
Manage and facilitate Data Access requests and act as point for contact for investigations and audits
Serve as the primary consultant/project leader for IT Audit, External Audit,
Risk Assessment or any other third parties reviews
Responsible for Disaster Recovery, define strategy, plan and oversee testing, Update DR materials and documentation
Check compliance to Easytrip’s Security Standards within the technical community
Provide security advice and guidance for Easytrip staff and outsourced customers
Creating and executing compliance tests and a schedule
Creating, scheduling and executing security status checks
Security/configuration management database administrator
Service introduction focal point
Patch management focal point
Annual PCI DSS Certification
Creating and delivering security awareness presentations
Project managing the security aspects of a major project
Perform physical security reviews of internal and customer sites
Backup deskside support role
August 2004 to 2010
IBM Ireland, Information Technology Security analyst
Domain of Knowledge: Operations Security, Legal, Regulations. Compliance and Investigations, Physical (Environmental) Security, Access Control. Security and Risk management
As a security analyst within the internal and external arena in IBM I am always improving my skills and am studying the various international standards such as ISO 27001 also frameworks such as COBiT. My main responsibilities are,
Check compliance to IBM’s Security Standards (ITCS104) within the technical community
Document security procedures ,work instructions and user guides
Provide security advice and guidance for IBM staff and outsourced customers
leading and assisting with internal IBM and outsourced customer external audits
Security Representative on the Core Team for various IBM Corporate Audits
Creating and executing compliance tests and a schedule
Creating, scheduling and executing security status checks
Security/configuration management database administrator
Service introduction focal point
Patch management focal point
Liaising with customers both internal and commercial
Creating and delivering security awareness presentations
Project managing the security aspects of a major project
Perform physical security reviews of internal and customer sites
March 2003 to August 2004
IBM Ireland, Customer Service Representative Team Leader
Domain of Knowledge: Operations Security, Legal, Regulations. Compliance and Investigations
My main responsibilities included,
Managing a team of 1520 call center agents
Drive IBM’s Security Standard for Computer Use (ITCS300) within the team
ISO 9000 documentation cocoordinator
Provide on going assistance and guidance to individuals on the team and produce monthly evaluations of individuals ensuring that all centre procedures and processes are followed.
Handle and take responsibility for Critical Situations, e.g. Server outages communicating and working effectively with Problem and Change Management, Product Analysts, Distributed Systems Infrastructure Support and EMEA Service Management
Training staff for Out of Hours responsibilities and reporting any incidents to management.
Compiling reports for first line managers and senior managers
Working on ways to improve overall customer satisfaction
Training members of my team on new applications and services focusing on security
Participation in Conference calls with Distributed Systems Infrastructure Support Group Leaders and identify improvement areas to help the two teams work closer together.
Scheduling shifts and training for out of hours staff
Monitoring call procedures of team members
Monitor team performance to ensure our customer's expectations and Customer Service Centre targets are met whilst also ensure that the team focus’ on meeting the Productivity targets, Average Call Wait, Average Hold Time, and Call Duration.
Attend meetings with managers on how to improve targets
Creating action plans on how to meet the metrics on a daily and weekly basis.
August 2002 to March 2003
IBM Ireland, Customer Service Improvement, CRM Quality Specialist
Domain of Knowledge: Operations Security, Legal, Regulations. Compliance and Investigations
My main responsibilities included providing business support to management within the CRM help Desk.
My other responsibilities are as below role, Qulaity Specialist. However CRM is a higher profile desk and dealt with external customers as well as the IBM internal account for users of Siebel.
October 2000 to August 2002
IBM Ireland, Quality Team, Quality Specialist
Domain of Knowledge: Operations Security, Legal, Regulations. Compliance and Investigations
My main responsibilities included providing business support to management within the call centre; recording and monitoring agent calls; creating and providing security and Data Privacy education for new hires; maintaining security and data privacy training records; database administrator; database development; performing userid management and access control as aligned to agent roles; creating and providing daily and weekly customer satisfaction and call quality reports for management; main contact for expertise on coaching, mentoring and motivating call centre agents; lead contact for award programme for call centre agent performance and publication of data on intranet, newsletters and television.
August 1998 to October 2000
IBM Ireland, Customer Service, Technical Support Specialist
Domain of Knowledge: Operations Security
My main responsibilities included providing technical support to multinational
corporate clients; Microsoft technical consultant for all call centre agents; providing
internal and external support for Lotus Notes technical support across EMEA; rating
and reviewing process for calls handled by other call centre agents; creating and
providing technical and customer service training and ongoing coaching for all call
centre agents and providing hardware building, maintenance, and diagnostics in call
centre lab.
September 1994 to August 1998
Ladbrokes Ireland, Office Manager
Domain of Knowledge: Physical (Environmental) Security
I reported directly to the Senior Management within Ladbrokes and my main responsibilities included staff supervision, employee performance evaluation; delivering security awareness training; ensuring office was following physical security policy, audit of physical and environmental security in different office locations; team building and motivation; customer relations; marketing promotions; expenditure reporting; corporate customer analysis reporting; global financial accounting reports; settlement of all bets and operation of mainframe computer system
In 1995 I was awarded ‘Ladbrokes Ireland Manager of the Year’
September 1988 to August 1994
Ladbrokes Ireland, Cashier
I began my career with Ladbrokes Ireland in September 1988 as a Cashier. I was employed in various offices and carried out all the following duties – receipt of bets, cash handling and balancing, general reports and customer service.
I was given more supervisory responsibility, and had to assist in the training and appraising of new entrants after a few years.
Additional Information & Interests
In the past few years I have been working in demanding positions dealing directly with people where calm, consideration and problem solving and have been some of my strongest interpersonal strengths. I believe that I am a determined hard working, honest person who enjoys challenges and although I excel working on my own initiative I also work well as a team player.
My hobbies include reading, travel, eating out and music.
I have a clean current driving licence and own a car.
