Information Technology Security
Resume:
T e r e z a W a l l e m a n
Sylmar Ca 91342
Phone: 818-***-****
email: **************@*****.***
Professional Summary
Service-oriented risk assurance analyst with 10 years background in Information Technology Industry, 2 years in Banking services and 3 years in the Aerospace Industry. Some of my core competencies include being bilingual (Spanish/English), metric analysis, process improvement, audit reviews, detail oriented, planning and organizing as well as exceptional communication and time management skills, executing tasks with accuracy and efficiency. I have strong meeting planning and facilitations skills; able to communicate effectively with all organizational levels, build relationships of trust and enlist the participation of team members. I’m driven for creativity, resourceful, flexible, able to adapt to changing priorities and maintain a positive attitude and strong work ethic.
Work experience
05/30/12 – 12/16/16 Fiserv (Information Technology) West Hills, CA
Risk Assurance Analyst / Audit, Risk and Compliance Department
Validation of Controls Reviews - Review Validation of Controls (VOC) for various lines of business to validate that internal controls continue to meet PCI,-DSS regulatory, corporate and third party compliance policies. Conducted IT compliance testing to assess internal risk through evaluation for internal operational controls including those in relationship to security. Managed due diligence activities, such as testing controls, process walkthroughs, third party technology risk assessments, and contract reviews.
High Level Executive Reports – Compile executive reporting Security, Audit, Risk and Compliance (SARC) monthly report by working with various stakeholders to obtain the latest activity and status reports as it relates to: ERA, PCI, Vulnerability Management, Audit engagements, formal/informal findings, and DR schedules.
CMMI - Process, Product, Quality and Assurance (PPQA)
oConduct multiple formal reviews of Product software development projects to ensure adherence to project management framework, aligns with compliance practices relevant to the SDLC standard and project storybook. Conduct audit interviews to follow-up on non-conformances.
oTrack metrics for trending business outcomes, resulting from the adoption of a common framework, compliance and adherence to SDLC criteria. Promote continuous improvement by documenting and communicating lessons learned throughout project evaluations.
Chair the Quality & Standards Committee – Lead the Q&S team Committee to review standards and guides and ensure documents are edited and formatted to meet document standardization.
2013 SharePoint Administration for the Audit, Risk and Compliance Department - Active SharePoint administrator for establishing and maintaining various sites, designing web pages, establishing and maintaining privilege user groups across the organization.
03/2007 – 04/30/12 Fiserv (Information Technology) West Hills, CA
Security Admin Representative/Security Department
MS SharePoint Administrator – Active SharePoint administrator for establishing and maintaining various sites, designing web pages, establishing and maintaining privilege user groups across the organization.
Network Monitoring – Monitoring and analysis of security events from multiple sources including but not limited to events from Security Information Event Monitoring (SIEM) tools, network and host based intrusion detection systems, firewall logs, data loss prevention events, anti-virus system events, and system logs. Performance/Service Measurement Reports – Compiled and delivered service metric reports per database on a quarterly basis. Worked with various departments to ensure downtime was accurately reflected on each report representing Uptime, Start Time, Report Availability and Product Availability.
Standards, Procedures and Guides – Worked with various department staff in order to make the necessary changes needed to revise standards, guides and procedural manuals. Created system narratives, identifying key controls, and concluding on design and worked with stakeholders in drafting operating procedures for the effectiveness of key controls. Demonstrated clear and concise writing, and verbal skills to communicate complex issues in simple terms to the organization’s stakeholders.
Employee Access Forms –Maintained and set-up new Internal/External Employee Access Forms. Worked with relating department manager to set up employee access required for new positions and circulated the form to gather all necessary signatures.
Incident Management – Prepared Confidential Incident Reports and worked with relevant stakeholders in drafting and obtaining the relevant information per incident. Worked with the appropriate teams to analyze and report root causes, take corrective actions, and formulate incident post mortem reports.
Data Loss Prevention – Utilized the Websense software tool for analyzing events that triggered DLP email activities.
Endpoint Detect and Respond – Utilized Cylance software tool for compiling dashboards and anomaly metric reports leveraging business intelligence raw data. Cylance Endpoint security computer software solution that
Web filters – Leveraged the software tool Websense for filtering web content on the network and performing analysis on random internet bandwidth activity throughout the business unit.
Education
10/2015 DeVry University Sherman Oaks, CA
Bachelor Degree – Bachelors of Science - Business Administration - with an emphasis in Accounting /GPA of 3.80
01/2018 DeVry University Sherman Oaks, CA
MBA – Information Security – Current GPA of 4.00
Memberships
ISACA – Member since 01/2014
Skills & Abilities
Generally Accepted Accounting Principles (GAAP) /Generally Accepted Auditing Standards (GAAS)
Knowledge of the ISO 9002 System, Regulatory Compliance (SOX)
CMMI Process Improvement (Product Process Quality Assurance - PPQA)
Cisco Security - Monitoring, Analysis and Response System (MARS) / Cylance Protect end point protection
Websense
Cylance – Endpoint security computer software solution
Adobe Acrobat Professional XI (Advanced)
2010/2013 Microsoft SharePoint Administrator, MS Project, Word, Outlook, Visio & PowerPoint (Advanced)
Contact this candidate