Information Security Risk Analyst resume example with 16 years of experience

Jessica Claire
Montgomery Street, San Francisco, CA 94105 609 Johnson Ave., 49204, Tulsa, OK
Home: (555) 432-1000 - Cell: - - -
Professional Summary

To seek an IT Security Analyst opportunity in an organization with focus on Information Assurance, Risk Assessments, Certification and Accreditation (C&A), HIPPA Compliance Assessments and in Internal Control Audit engagements. I have more than five (5) years of experience in Information Security system assessment, C&A and Risk Assessment of General Support Systems (GSS) and Major Applications


IT risk assessments, Certification and Accreditation (C&A), 3rd party/Vendor security control assessment and IT Auditing. HIPAA, SOX, GLBA, ISO and FISMA. Physical Security, General Computer Controls, Application control, Testing, Compliance Testing, Change Management, Configuration Management, Security Maintenance, Contingency Planning; Policies and Procedures, Implementation, Incident Response, Media Protection, NIST

Work History
06/2020 to Current
Information Security Risk Analyst Adobe Systems Incorporated Emeryville, CA,
  • Perform Third Party Risk Assessment to assess the effectiveness of vendor's controls against ISO 27001, HIPAA, HITECH, and Meaningful Use requirements through the use of GRC tool
  • Perform security risk assessments with a focus on existing and new systems, against the HIPAA, HITECH, and Meaningful Use requirements
  • Complete risk assessments, security requirements analysis, and security testing
  • Create assessment reports and track remediation activities
  • Monitor all in-place security solutions for efficient and appropriate operations
  • Review and Analyze SSAE16 reports of third parties and Data Center
  • Engaged in Regulatory Security Risk Assessments and audits
  • Engaged in tracking security incidents and conducting risk assessment on service request
  • Assist with the documentation of policies, standards, and operational processes
  • Keep up-to-date on related regulations and industry best practices.
06/2014 to 05/2020
IT Security Analyst Aeg Worldwide Nashville, TN,
  • Conducted IT controls risk assessments that included reviewing organizational policies, standards, procedures and guidelines
  • Conducted security control assessment to assess adequacy of management, operational, and technical security controls implemented
  • Assisted in development of Information Security Continuous Monitoring Strategy (Ensure continued effectiveness of all security controls), vulnerabilities, and threats to support organizational risk management decisions
  • Developed system security plan (SSP) to provide overview of federal information system security requirements (FISMA) and describe controls in place
  • Conducted meetings with IT client team to gather evidence, developed test plans, testing procedures and documented test results and exceptions
  • Conducted walk throughs, formulated test plans, documented gaps, test results, and exceptions; and developed remediation plans for each area of testing
  • Performed IT operating effectiveness tests in areas of security, operations, change management, and email authentication
  • Developed audit plan and performed General Computer Controls testing, identified gaps, developed remediation plans, and presented final results to IT Management team
  • Conduct IT general controls risk assessments as well as risk auditing with frameworks like HIPAA, PCI and ISO 27001
  • Developed security control test plans and conducted in-depth security assessments of information systems that evaluate compliance of administrative, physical, technical, organizational and polices safeguards in order to maintain HIPAA compliance base on NIST SP 800-66 Rev1 and security controls (NIST SP 800-53)
  • Routine development of HIPAA compliance reports, documenting auditing findings and corrective actions
  • Assisted in development of key security standards and guidelines by performing in-depth security assessment using frameworks like HIPAA, PCI DSS, ISO 27001 and SOX to help gain compliance.
03/2006 to 06/2014
Computer Support Technician City Of Loveland Loveland, CO,
  • Created databases, schemas, users and database objects including packages, procedures, functions, triggers, tables, indexes
  • Configured system to achieve High Availability, Load balancing and automatic fail over functionality
  • Configured data guard and tested disaster recovery using failover and switchover strategy
  • Creating, configuring databases for mission critical business applications
  • Migrating databases across platforms (UNIX to Linux, Linux to Windows)
  • Configured and Maintained Standby databases
  • Maintained Production, Development, Quality assurance database (QA) and Test databases
  • Implemented Partitioning on huge tables to improve performance and reduce maintenance to finite window operations
  • Created partitioned Tables and indexes using Range, hash, list partitioning
  • Configuring Database to for Hot Backup using Oracle RMAN incremental backups
  • Perform Export and Imports and identify potential failures of Export/Import Jobs and resolution of problem including resizing tablespaces
  • Involved in Database and Transaction log Backups and Restoration, backup strategies, scheduling backups
  • Backing up system & user databases and restoring them as required
  • Create Database users and roles and implement appropriate user security.
Expected in 04/2019
Master of Science: Supply Chain System
North Carolina A & T State University - Greensboro, NC
Expected in 04/2005
Bachelor of Science: Business Administration
University of Ghana - Accra GH,
Expected in 09/2002
Associate of Applied Science: Computer Engineering
Kumasi Polytechnic - Kumasi GH,

CompTIA Security +, SIX SIGMA Green Belt,Certified Authorization Professional Training Information Security and Privacy – FISMA Enterprise Certification & Accreditation Training The International Organization for Standardization (ISO) Auditing Activities, Health Insurance Portability and Accountability Act (HIPAA) training and certification. Council of Sponsoring Organizations of Treadway Commission (COSO) Framework. Information System Security Officer training The Health Information Technology for Economic and Clinical Health (HITECH) – (HIPAA). Statement on Standards for Attestation Engagements 16 (SSAE16).

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • North Carolina A & T State University
  • University of Ghana
  • Kumasi Polytechnic

Job Titles Held:

  • Information Security Risk Analyst
  • IT Security Analyst
  • Computer Support Technician


  • Master of Science
  • Bachelor of Science
  • Associate of Applied Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: