LiveCareer-Resume

information security analyst resume example with 3+ years of experience

Jessica Claire
  • , , 609 Johnson Ave., 49204, Tulsa, OK 100 Montgomery St. 10th Floor
  • Home: (555) 432-1000
  • Cell:
  • resumesample@example.com
Summary

Experienced GRC professional with a strong background in implementing and managing policies and procedures to ensure compliance with relevant laws and regulations, and to identify and mitigate risks. Proven track record of success in leading GRC initiatives in a variety of industries, including finance, healthcare, and technology. Experienced with industry-based information security and control frameworks such as ISO 27001, PCI-DSS, Cloud Security Alliance (CSA), NIST RMF 800-53, ISO 27001&2, SOC 2, and FedRAMP.

Skills
  • Governance, risk, and compliance (GRC)
  • Policy development and implementation
  • Risk assessment and management
  • Compliance monitoring and reporting
  • Auditing and reporting
  • Process improvement
  • Stakeholder management
  • SharePoint
  • Jira & Confluence
  • RSA Archer
  • ISO 27001/2
  • PCI-DSS
  • FFIEC
  • NCUA
  • FedRAMP
  • FISMA Compliance
Experience
Information Security Analyst, 07/2022 to Current
Boston Private Financial HoldingsSan Mateo, CA,
  • Lead internal audits to assess the effectiveness of GRC processes and identify areas for improvement for ISO 27001, PCI-DSS, GLBA, FFIEC and NCUA.
  • Monitor compliance with GRC policies and procedures, and report on findings to senior management. Also perform gap analysis to improve policy and procedures compliance.
  • Conduct risk assessments to identify and prioritize risks, and implement measures to mitigate those risks.
  • Responsible for performing all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
  • Track enterprise compliance across multiple security frameworks including ISO 27001, PCI-DSS, FFIEC and NCUA and maintain up-to-date records of requirements and corresponding mitigating controls.
  • Participate in the development of security and privacy awareness training in conjunction with other members of the Security Compliance group.
  • Create Security related reports and metrics to convey cyber-related risks around Governance, Risk and Compliance.
  • Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.
  • Support development and review of security processes and procedures and support service-level agreements to ensure that security controls are managed and maintained.
  • Perform vendor due diligence reviews to ensure vendors continues to meet contract requirements.
Senior Compliance Analyst (Remote), 10/2021 to 07/2022
Iron MountainCity, STATE,
  • Liaised with external auditors and internal control owners to support various internal and external audits/assessments such as FISMA Audit, ISO 27001, NIST RMF 800-53, and FedRAMP. Coordinated with internal stakeholders during audit period by collecting evidence.
  • Developed, Implemented, and reviewed organization and information systems policies, procedures, standards, and guidelines per applicable regulations including ISO 27001, NIST RMF 800-53, and HIPAA and to verify that they address the organizations internal and external requirement.
  • Managed the risk GRC register platform by assigning ownership, tracking risk items, and prioritizing risks - Perform risk monitoring, managing the risk remediation process, ensuring risk treatment plans are executed effectively.
  • Performed continuous monitoring and periodic vendor risk assessment to make sure vendor controls are properly implemented to ensure confidentiality, integrity, availability, and privacy throughout the contract.
  • Identified and assessed control effectiveness and/or gaps through the review of key vendor-provided documentation such as, SOC 2 Type II, Vulnerability Scans, Penetration Tests, Policies and Procedures.
  • Responsible for Information Systems self-assessments to ensure systems and applications are complying with policies, applicable regulatory and legal requirements, and leading industry practices.
  • Managed remediation activities with stakeholders, partner with technical teams including developing remediation plans, tracking, and reporting remediation progress.
IT Audit Analyst (Remote), 05/2019 to 10/2021
Moreland Altobelli Associates Inc.City, STATE,
  • Executed audit assignments with the emphasis on IT, draft audit issues for review by audit management, facilitate issue tracking and validate closure of issues.
  • Part of the internal IT audit team that supported all compliance related audit and ensuring that the organization maintains its compliance certifications.
  • Completed all work assigned on timely basis and including ad hoc projects.
  • Utilized internal audit best practice tools and processes to evaluate compliance with all applicable laws, regulations, and standards.
  • Evaluated test results by identifying symptoms, root cause, problems, and identifying alternative controls.
  • Conducted timely follow-ups to ensure that management has taken appropriate actions regarding audit findings.
  • Performed internal audit testing of organization security controls to identify and prioritize remediation activities ahead of external audit.
  • Prepared monthly status report to leadership on risk overview and status.
  • Ensured all documentation steps were followed for security auditing purposes.
  • Effectively communicated the results of audit work.
Education and Training
Associate of Arts: Business Administration, Expected in 01/2018
Georgia Perimeter College - Decatur, GA
GPA:
Certifications
  • CompTIA Security+ CE

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • Georgia Perimeter College

Job Titles Held:

  • Information Security Analyst
  • Senior Compliance Analyst (Remote)
  • IT Audit Analyst (Remote)

Degrees

  • Associate of Arts

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: