Lead, Cyber Security Strategy, Grc Resume
5.00/5 (Submit Your Rating)
Atlanta, GA
SUMMARY:
Cyber Security Professional with extensive experience in all aspects of Cloud Security and Compliance, Cyber Security Strategy, Governance Risk and compliance, IT and Cyber Security Audit, Enterprise Cyber Security Risk Management, (Vendor Risk Management) Regulatory Compliance, Change Management. Possess strong analytical skills to solve problems quickly and add value to stakeholder relationships, both internal and external to an organization.
PROFESSIONAL WORK EXPERIENCE:
Confidential, Atlanta, GA
Lead, Cyber Security Strategy, GRC
Responsibilities:
- Serve as a technical subject matter (SME) on cyber security/systems security matters. Interpret and implement security policies requirements to ensure confidentiality, integrity, availability of information system.
- Develop and implement cyber program, and info sec policy, standards, procedure/and guidelines per best practice/Industry Standard
- Lead self - assessment activities against best practice and develop recommendations for remediating, create risk acceptance/Exception & gaps analysis. Conduct and/or coordinate IT security risk assessments for technology and security frameworks such NIST-CSF
- Perform organizations compliance regulatory requirements, such as GDPR, NYDFS, PCI-DSS, SWIFT, CIS etc.
- Lead SunTrust’s Client Share Assessment program-perform vendor assessment, Design and administer 3rd party questionnaire, conducted onsite assessment and answered client request questionnaire enquiring into Confidential security posture
Senior Cybersecurity Analyst
Confidential
Responsibilities:
- Managed and facilitated Self - Annual Assessment (NIST SP A): Performed IT risk assessment to identify system threats, vulnerabilities, and risks. Developed risk assessment reports; identifying threats, and vulnerabilities applicable to the system
- Performed Vulnerability Assessment making sure risks are assessed, evaluated and a proper action taken to limit their impact on the information systems
- Performed patch management as part of remediation process, and applied required security patches within NIST and enterprise guidelines
- Evaluated the likelihood that vulnerabilities would be exploited and assess the impact associated with this threat and vulnerabilities
- Prepared recommendation reports that are made available to system owners to remediate identified vulnerabilities during the risk assessment process
Confidential
IT Auditor, Risk & Assurance.
Responsibilities:
- Performed IT SOX compliance audits for public and private entities as well as SOC 1 Type 2 reviews using COBIT and COSO frameworks
- Audited SME for PCI security compliance, HIPAA testing for regulated entities, DLP, and SSAE 16 SOC1 technology controls
- Participated in patch management and vulnerability remediation process. Such gap analysis, and track deficiencies and review for systemic risk
- Assessed scope of security issues and developed best practice approaches to remediate or mitigate and provide quality assurance to ensure risks are scoped and assessed appropriately
- Performed cyber security risks assessment through remediation & recovery and audit risk assessments leveraging continuous monitoring to assess IT inherent and residual risks
Confidential, Dallas, Texas
Associate Security Engineer
Responsibilities:
- Developed knowledge of Active Directory structures. Managed and troubleshooted all Active Directory s services, events and errors
- Performed access provisioning: IAM, Privileged User Management, Public Key Infrastructure and management
- Provided assistance with application and network Access Control, implemented IDS/IPS Solutions and Authentication solutions
- Implemented technical security controls and technologies (e.g. DLP, IDS, IPS and Application Firewalls, Antivirus and Anti-malware
- Experienced with security Information and Event Management (SIEM) experience configuring, deploying, and maintaining Splunk
Confidential
IT Analyst
Responsibilities:
- Participated in the Information Security strategy, technology control process strategy, security compliance, DLP, and internal ITGCs
- Worked closely with the IT organization as a SME for the protection of client health information and PII to ensure adherence to policies, procedures, and legal/regulatory requirements
- Initiated, facilitated, and promoted activities to raise Information Security awareness within the organization
- Collected and examined records as a part of IT compliance testing strategies to compile evidence of compliance with IT operations standards
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
