third party risk analyst resume example with 7+ years of experience

Jessica Claire
  • Montgomery Street, San Francisco, CA 94105 609 Johnson Ave., 49204, Tulsa, OK
  • Home: (555) 432-1000
  • Cell:
  • :
Professional Summary

Detail oriented individual with over 7 years of experience as a Cyber security analyst with strong analytical and problem solving attribute, seeking an IT cyber security/compliance analyst position in a dynamic organization that focuses on protecting the security posture of information systems, ensure controls are in place to provide and maintain a secure and regulatory compliant environment by focusing on all aspects of compliance requirement, by utilizing IT Security Risk Assessment knowledge and skills Summary of Qualifications: Experience developing and completing system authorization packages including System Security Plan, Security Assessment Report, Contingency plan, Privacy Threshold Analysis, Privacy Impact Analysis, Security Assessment Plan Experience with NIST/FISMA Audits RMF Process Develop A&A security packages and documents in accordance with IA Controls NIST IA Control Compliance Checks

  • Customer Communication
  • Merchant monitoring
  • Trend Analysis
  • Active Listening
  • Written Communication
  • Teamwork and Collaboration
  • Self-Motivated
  • Time Management.
  • Microsoft Office 365
  • Analytical Thinking
  • Risk/ Vulnerability management
Work History
Third party risk analyst, 12/XXX0 to Current
Dolby SoundLos Angeles, CA,
  • Plan and conduct security and compliance risk assessments for all third-party vendors/suppliers
  • Coordinate response to all third-party risk assessments from all clients by building Centralized response library/database
  • Assess and monitor third party lifecycle activities (risk assessments, due diligence, contract negotiation, consent obligations, ongoing monitoring, and termination)
  • Provide guidance to Vendor Relationship Owners, Client Audits team and partners in remediation processes.
  • Support Procurement in due diligence and RFPs processes.
  • Sent Inherent risk questionnaires to business Unit, review responses in order to adequately Tier Vendors.
  • Review Security documentation received from Third parties while conducting Vendor Security Assessment.
  • Review SOCs, CIAQ, SIGs and communicate with Vendor Point of Contact in identified issues.
  • Develop findings and update company Risk Register
  • Monitor and assess vendor performance to ensure compliance with regulatory requirements and client service level agreements
  • Work with stakeholders to document appropriate corrective action plans to reduce identified risks
  • Collect supporting documentation for external audit requests of SOC 1 and 2, NIST, ISO, and PCI frameworks and requirements
  • Active member of Privacy and Security Committee with monthly reporting responsibilities
  • Sent SIG questionnaires to vendors, ensure timely response to meet up with deadlines.
  • Develop RAR and provide report to Management for approval.
  • Review Vendors contracts with TPRM Teams prior to vendor's approval.
  • Conduct monitoring of all approved Vendors.
  • Update. vendors portfolio
GRC analyst, 01/2018 to 12/XXX0
Cart.ComSandy Springs, GA,
  • Created, maintained and updated Company Security and Compliance documentation, ;in line with HITRUST Regulation.
  • Worked with Stakeholders and Controls Owners in developing and implementing Security Policies and SOPs.
  • Mapped internal controls with SMEs to ensure proper safeguards are deployed to protect CIA of Information.
  • Liaised between External/Internal Auditors and environment in support of Audit processes.
  • Conducted pre-Audit, Audit and post-Audit activities, reviewing controls, evidence and correctives actions plans developed.
  • Reviewed Audit reports provided by Auditors {SOC 1, 2) and worked with SMEs to develop remediation.
  • Supported Security Operation Center (SOC) in scheduling, running and working on vulnerabilities scans results.
  • Conducted Weekly and monthly Security meeting in order to update Upper management oN Company's Security posture.
  • Conducted Security Awareness training for new, existing employees and clients.
  • Maintained Compliance review on yearly basic.
Risk Analyst, 01/2015 to 01/2018
Beecher CarlsonCity, State,
  • Developed solutions for reducing risk through elimination or reduction of manual processes
  • Partner with leadership and broader payroll team to execute process improvement efforts
  • Maintained Risk register of all identified risk.
  • Supported efforts of reviewing organization and department policies, and continually survey organization landscape to make suggestions on how polices should be applied to ensure compliance
  • Conducted monthly and quarterly scans in order to maintain safe and secure environment.
  • Independently performed internal compliance audits and risk assessments, including documentation, process flows, and testing
  • Driven development of recommendations to help improve compliance and efficiency of business line.
  • Conducted meetings with stakeholders with Upper Management as part of monthly Risk review,
  • Drove internal controls assessments activities, identified issues, and kept up to date Evidence checklist.
  • Partaken in company TPRM process by conducting risk assessments on assigned vendors.
  • Developed POA&MS to document, track and remediate vulnerabilities
  • Performed risk management activities in accordance with industry best practices and company policies.
  • Assisted internal and external audit projects in conducting controls walkthrough, regular meetings and evidence review.
Bachelor of Science: Cyber Operations And Warfare, Expected in 12/XXX3 to University of Maryland - College Park - College Park, MD
Additional Information

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • University of Maryland - College Park

Job Titles Held:

  • Third party risk analyst
  • GRC analyst
  • Risk Analyst


  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: