A determined, resilient and analytical person who understands the work I carry out can have a significant impact on the success of my team and the organization I am working for. I possess strong numeracy and strategic-thinking skills; I am a solid researcher and somebody who will plan and organize my work meticulously, and I am a strong communicator, both verbally and in writing. I have been working as a third-party Risk and compliance analyst for over 6 years with great understanding and experience in vendor risk assessment to assess the information security posture of company’s third-party vendors. I do coordinate and assess vendors, categorize and select vendors. Also, identifying key risks and information security gaps. If weaknesses are discovered, I develop risk mitigation plans and strategy to be communicated to the third party and ensure timely and satisfactory remediation. Also performing continues monitoring on all company’s vendors. Reviewing and Analyzing SIG, SOC2 reports and creating Risk assessment Report meeting security objectives. I do review Vulnerability scan reports, pen test results, creating contingency and disaster recovery plan, business continuity plans. Experience in Federal Information Security Management Act (FISMA) FEDRAMP, NIST Management Framework, HIPAA/HITRUST, PCI-DSS, OMB, ISO 27001, GDPR. I also have experience with ZenGRC, Vinminder, Knowbe4, JIRA, SCOUT Tools
|
|
By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy
Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.
By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy