sr cyber risk data analyst resume example with 6+ years of experience

Jessica Claire
  • , , 609 Johnson Ave., 49204, Tulsa, OK 100 Montgomery St. 10th Floor
  • H: (555) 432-1000
  • C:
  • Date of Birth:
  • India:
  • :
  • single:
  • :

An Information Security professional experienced at innovating, solutioning and delivering cross-functional, security and analytical solutions across multiple high availability environments. Contributed to the top and bottom-line growth, transformed and optimized business operations.

  • Information security
  • Leadership
  • Cybersecurity Standards- HIPAA, PCI-DSS,ISO 27001,27002,27701, NIST SP 800-53 ,NIST framework
  • Multiple delivery Methodology - Agile, Scrum, Waterfall, Lean
  • Governance Risk and Compliance
  • Critical thinking
  • Cybersecurity Architecture, Operations
  • Analytical Skills
  • Software Development Lifecycle
  • Data Loss Prevention
  • Team management
  • Risk mitigation
  • Continuous improvement
  • People skills
  • Policies
  • Risk management
  • Strategy
Sr Cyber Risk Data Analyst, 04/2022 - Current
Calpine Downers Grove, IL,
  • Led the Risk Management Program for Information Risk- Reporting and Metrics vertical.
  • Delivered cybersecurity GRC and advisory services to global industry leading companies with combined annual revenue of over $200B
  • Created cybersecurity maturity and risk assessment/management tools and methodologies.
  • Managed a team of 5 to provide advisory services including risk , compliance assessment.
  • Established cyber security roadmaps including staffing models, network architecture designs, corrective control solutions m strategic and tactical security recommendations.
  • Assessed the current state and target state data flow architecture and risk landscape, and suggested effective measures to mitigate risk during data creation, storage, transit.
  • Led the Process and Knowledge Management playbooks initiative reducing the Operating Process SLA by 27%
  • For Archer - SNow migration - Collaborated with key stakeholders from over 11+ verticals [Vendor Management, Findings Management , IAM, Vulnerability management , Risk Engineering teams etc] to identify business requirements, key opportunities, challenges, risks and Interdependencies.
  • Translated business requirements to technical details, built and validated use cases.
  • Ideated and built the project charter and set key deliverables and milestones.
  • Owned Roadmaps with milestones , prioritizing deliverables and progress tracking of data migration efforts.
Sr Risk Analyst, 03/2020 - 03/2022
Honeywell Gonzales, LA,
  • Managed NIST RMF, FISMA compliance programs
  • Conducted application architecture and access reviews for over 225 critical applications covered by Sarbanes Oxley Act [ SOX].
  • Managed identification, tracking and risk treatment of 2160 risk findings from Third party risk assessments.
  • Performed Gap Analysis in People , Process , Technology framework and designed cybersecurity strategies, including target state architectures, operating models, and remediation roadmaps, for global telecommunication Fortune 500 clients.
  • Advised clients on developing risk management and mitigation techniques, managing complexities of the global threat landscape, identifying and analyzing vulnerabilities, and maintaining compliance with legal requirements to secure their ePHI, PII, and PHI.
  • Developed policy and standard documentation to address advancing regulations.
  • Assessed client information security programs and conducted HITRUST evaluations alongside other framework assessments.
  • Provided security solutions across domains like Banking, Insurance, Telecom, Healthcare.Collaorated with Nitel's security, business , IT verticals to design cybersecurity strategies, roadmaps, and target operating models across a variety of vendor products.
  • Implemented business resilience strategies to minimize the impact of a cyber incident by 7%.
Network Security Engineer, 09/2017 - 02/2020
Drs Technologies Madison, AL,
  • Managed client projects and coordinated testing of IT Risk and Cyber security programs using industry frameworks and methodologies.
  • Evaluated effectiveness and design of information security controls and operations by interviewing project stakeholders, subject matter experts and system owners.
  • Implemented security metrics program to measure the important KPI/KRI indicators of security performance like MTTD, MTTR, CPI, security incidents.Drove Gap analysis projects to improve the security posture.
  • Conducted risk assessments, secure onboarding of teams, promoted best practices and held training sessions as a continuous improvement strategy.
  • Collaborated with data owners and various business unit contacts to determine the Data Owners, Stewards and Custodians in order to perform data governance activities.
  • Managed documentation of all Standard Operating Procedures, SLAs, business processes requirements, IAM, and Security standards and processes.
  • Documented the working processes to be Security framework compliant [NIST,PCI- DSS].Drove weekly, account-wide, risk management metrics through attendance of management briefings.
  • Developed and implemented IT Security strategies, policies, and procedures.
Cybersecurity Analyst, 09/2016 - 09/2017
Distil Networks City, STATE,
  • Performed complex bot investigations, threat analysis and investigated threat actors and malicious activity in client environments & separated threats from false positives.
  • Identified potential intrusion attempts and false alarms.
  • Identified anomalies, malicious network traffic patterns and potential threats. Performed Root cause analysis and implement controls to mitigate them.
  • Utilized risk management frameworks to identify security requirements and performed risk assessment.
  • Managed SIEM Firewall, NIDS/NIPS, Endpoint Security tools, DLP documentation. Handled SSL cert generation, renewals.
  • Created Whitelist/Blacklist Lua rules for user agents and unique signatures.
  • Developed and maintained security assessment report, System Security Policy, Plans of Action and Milestone, Incident Response and SOC Operations manuals.
  • Used log parsing and analysis in Windows/Linux administration environment for bot signature investigation.
  • Leveraged Distil's products to develop and publish vulnerability report.
Education and Training
PGP: Cloud Computing, Expected in 01/2021
University of Texas McCombs School of Business - Austin, TX
Status -
Master of Science: Computer Networking And Telecommunications, Expected in 01/2016
George Mason University - Fairfax, VA
Status -
Bachelor of Engineering: Electronics And Telecommunication, Expected in 01/2012
University of Pune - Pune,
Status -
  • Architecting on AWS - Training 2023
  • AWS Security best practices - Training 2023
  • CISSP Training - 2022
  • CRISC Training - 2022
  • CISM Training - 2022
  • Microsoft Azure Security Engineer
  • CCNA
  • AuditBoard's Strategic Risk Management Strategic Risk Management -Aug 2021 - Credential ID 143422
  • AuditBoard's Building Towards a Mature Policy Management Program- Sept 2021
  • Auditboard's Leveraging the COSO ERM Framework to Integrate Cyber Risk Management & Enterprise Risk Management- Sept 2021

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • University of Texas McCombs School of Business
  • George Mason University
  • University of Pune

Job Titles Held:

  • Sr Cyber Risk Data Analyst
  • Sr Risk Analyst
  • Network Security Engineer
  • Cybersecurity Analyst


  • PGP
  • Master of Science
  • Bachelor of Engineering

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: