LiveCareer-Resume

third party risk analyst resume example with 7+ years of experience

Jessica Claire
  • Montgomery Street, San Francisco, CA 94105 609 Johnson Ave., 49204, Tulsa, OK
  • Home: (555) 432-1000
  • Cell:
  • resumesample@example.com
  • :
Professional Summary

Detail oriented individual with over 7 years of experience as a Cyber security analyst with strong analytical and problem solving attribute, seeking an IT cyber security/compliance analyst position in a dynamic organization that focuses on protecting the security posture of information systems, ensure controls are in place to provide and maintain a secure and regulatory compliant environment by focusing on all aspects of compliance requirement, by utilizing IT Security Risk Assessment knowledge and skills Summary of Qualifications: Experience developing and completing system authorization packages including System Security Plan, Security Assessment Report, Contingency plan, Privacy Threshold Analysis, Privacy Impact Analysis, Security Assessment Plan Experience with NIST/FISMA Audits RMF Process Develop A&A security packages and documents in accordance with IA Controls NIST IA Control Compliance Checks

Skills
  • Customer Communication
  • Merchant monitoring
  • Trend Analysis
  • Active Listening
  • Written Communication
  • Teamwork and Collaboration
  • Self-Motivated
  • Time Management.
  • Microsoft Office 365
  • Analytical Thinking
  • Risk/ Vulnerability management
  • NIST/ HITRUST/ GDPR/ PCI-DSS
Work History
Third party risk analyst, 12/XXX0 to Current
Dolby SoundLos Angeles, CA,
  • Plan and conduct security and compliance risk assessments for all third-party vendors/suppliers
  • Coordinate response to all third-party risk assessments from all clients by building Centralized response library/database
  • Assess and monitor third party lifecycle activities (risk assessments, due diligence, contract negotiation, consent obligations, ongoing monitoring, and termination)
  • Provide guidance to Vendor Relationship Owners, Client Audits team and partners in remediation processes.
  • Support Procurement in due diligence and RFPs processes.
  • Sent Inherent risk questionnaires to business Unit, review responses in order to adequately Tier Vendors.
  • Review Security documentation received from Third parties while conducting Vendor Security Assessment.
  • Review SOCs, CIAQ, SIGs and communicate with Vendor Point of Contact in identified issues.
  • Develop findings and update company Risk Register
  • Monitor and assess vendor performance to ensure compliance with regulatory requirements and client service level agreements
  • Work with stakeholders to document appropriate corrective action plans to reduce identified risks
  • Collect supporting documentation for external audit requests of SOC 1 and 2, NIST, ISO, and PCI frameworks and requirements
  • Active member of Privacy and Security Committee with monthly reporting responsibilities
  • Sent SIG questionnaires to vendors, ensure timely response to meet up with deadlines.
  • Develop RAR and provide report to Management for approval.
  • Review Vendors contracts with TPRM Teams prior to vendor's approval.
  • Conduct monitoring of all approved Vendors.
  • Update. vendors portfolio
GRC analyst, 01/2018 to 12/XXX0
Cart.ComSandy Springs, GA,
  • Created, maintained and updated Company Security and Compliance documentation, ;in line with HITRUST Regulation.
  • Worked with Stakeholders and Controls Owners in developing and implementing Security Policies and SOPs.
  • Mapped internal controls with SMEs to ensure proper safeguards are deployed to protect CIA of Information.
  • Liaised between External/Internal Auditors and environment in support of Audit processes.
  • Conducted pre-Audit, Audit and post-Audit activities, reviewing controls, evidence and correctives actions plans developed.
  • Reviewed Audit reports provided by Auditors {SOC 1, 2) and worked with SMEs to develop remediation.
  • Supported Security Operation Center (SOC) in scheduling, running and working on vulnerabilities scans results.
  • Conducted Weekly and monthly Security meeting in order to update Upper management oN Company's Security posture.
  • Conducted Security Awareness training for new, existing employees and clients.
  • Maintained Compliance review on yearly basic.
Risk Analyst, 01/2015 to 01/2018
Beecher CarlsonCity, State,
  • Developed solutions for reducing risk through elimination or reduction of manual processes
  • Partner with leadership and broader payroll team to execute process improvement efforts
  • Maintained Risk register of all identified risk.
  • Supported efforts of reviewing organization and department policies, and continually survey organization landscape to make suggestions on how polices should be applied to ensure compliance
  • Conducted monthly and quarterly scans in order to maintain safe and secure environment.
  • Independently performed internal compliance audits and risk assessments, including documentation, process flows, and testing
  • Driven development of recommendations to help improve compliance and efficiency of business line.
  • Conducted meetings with stakeholders with Upper Management as part of monthly Risk review,
  • Drove internal controls assessments activities, identified issues, and kept up to date Evidence checklist.
  • Partaken in company TPRM process by conducting risk assessments on assigned vendors.
  • Developed POA&MS to document, track and remediate vulnerabilities
  • Performed risk management activities in accordance with industry best practices and company policies.
  • Assisted internal and external audit projects in conducting controls walkthrough, regular meetings and evidence review.
Education
Bachelor of Science: Cyber Operations And Warfare, Expected in 12/XXX3 to University of Maryland - College Park - College Park, MD
GPA:
Additional Information
  • NIST CSF TRAINING SECUIRTY

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • University of Maryland - College Park

Job Titles Held:

  • Third party risk analyst
  • GRC analyst
  • Risk Analyst

Degrees

  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: