Rhema Group Consulting (RGC), LLC.                                                              01/2020  - to date

    Third Party Risk Analyst

 

    • Work closely with functional area specialists, cloud architects, and security specialists to design, configure and/or develop clients’ security solutions.
    • Perform enterprise-wide vulnerability scans, research and analyze vulnerabilities, identify relevant threats, implement corrective action and recommendations, monitor and track performance metrics, summarizing and reporting results.
    • Effectively manage the planning, communication and coordination between a wide range of stakeholders including external vendors, Messaging and Information Security teams.
    • Successfully manage the physical installation, connectivity and integration of all appliances with the Qualys cloud management platform.
  • Planned and executed onsite security/risk assessments for the third-party vendors.
  • Assessed completed questionnaire and supporting documentation to validate vendor appropriate implementation of the information security controls.
  • Maintained, tracked and reported on the third-party risk to the appropriate stakeholders, Evaluate third-party products/services by reviewing responses to standardized questionnaires (SIG), evidencing their internal controls
    • Communicated vendor information security issues to stakeholders, ensuing their understanding of associated risks and the actions needed to remediate those risks.

 

 

Beatronics Inc.                                                                                                       04/2018 – 12/2019

System Security Analyst

 

  • Oversees the day-to-day monitoring of network traffic for security events and perform first tier analysis
  • Manages corporate security information and event management system (SIEM), including responding to all alerts and investigations
  • Installing firewall and encryption tools, reporting breaches or weak spots.
  • Analyze both raw and processed security event data to identify potential security incidents, threats and vulnerabilities
  • \Compose reports, assessments, and other documents to provide decision support on information security risks and controls for executives, project managers, system owners, business unit managers
  • Conduct regularly scheduled social engineering exercises to test effectiveness of security awareness training

 

Kimetro Enterprise Limited                                                                                     06/2017 – 03/2018   

Security Control Assessor

 

  • Assisted in identifying resource constraints, risks and issues and support mitigating risks by effective communications and reporting project progress to all stakeholders.
  • Develop and support tools and processes to assist with collection and analysis of intelligence information
  • Acted as remediation analyst to work with vendors in remediating findings discovered during the assessment.
  • Utilize and maintain systems and procedures to effectively assess the information risk
  • Conduct security reviews of customers solutions where needed to encourage best practice and mitigate security risks.

 

Riteway Inc.                                                                                                             09/2012 – 08/2016

Cyber Security Specialist

 

  • Tested programs and databases and made necessary modifications, Planned and implemented security measures to safeguard data
  • Configure antivirus systems and consoles and take care of day-to-day operations and data structures
  • Design and develop security features and procedures, Integrate and deploy security software solutions
  • Support the continuous improvement of Information Security Policies, Standards, Processes, and Procedures.
  • Conduct threat and risk analysis and provide viable solutions for them, Collect and analyze data to eliminate risk, performance and capacity issues