Data/Cyber Risk Analyst

Damien McCall

Faribault, MN 507-***-**** ******.******@*****.***

CYBERSECURITY RISK SPECIALIST

Highly experienced leader with expertise in building and leading effective strategies for information security, delivering process improvement advancements that safeguard critical systems and ensure business continuity and resiliency for large organizations.

Expertise in leading the implementation of programs and projects to strengthen, protect, and expand systems to meet the needs of the organization.

A demonstrated record of success establishing internal and external relationships to deliver business objectives.

AREAS OF EXPERTISE

Multi-faceted Information Security professional

Experience bridging strategic and tactical initiatives

Skilled in Application / Infrastructure Security compliance (NIST/GRC/RMF/CI-CD)

Leading Risk Assessments and audit preparation

Trusted Advisor to Leadership

Defining Information Security Policies and Frameworks

Building and Leading Strong Teams

Experienced in a Fortune 500 Corporation

Technical Program Management

Professional Experience

2022 to 2023 • Allianz • Golden Valley, MN

Internal Governance, Principle

Daily Qualys checks and contact with asset owners to discuss vulnerabilities remediation plans to reducing risk and liability.

Weekly, bi-weekly, and monthly touch bases with Sr. leaders to break-out Aged, Newly Aged, and Toxic Assets. Using Business Impact Analysis (BIA), asset owners and leaders were kept in the loop on current threat landscape.

Spearheaded education and awareness communications with various technology teams to quantify CVSS scores and vulnerability severity scores.

Compared ISO 270001 controls to internal methodologies for process improvement recommendations and control hardening.

Assisted vulnerable assets owners in Archer process to establish Risk Acceptance, Mitigation, or Remediation paper trail.

Explicitly followed RMF frameworks like NIST 800-37 to present process improvement measures to the business. Created process flows to assist in understanding complex asset relationships between physical and logical networks.

2021 to 2022 • Wells Fargo • Minneapolis, MN

Senior Business Services Manager

Examined data and processes to identify and capitalize on opportunities to improve efficiency and productivity.

Successfully simplified a major process, resulting in a 50% reduction in time and resource allocation. Additionally, reduced Mean Time to Resolution by 30%, enabling the company to meet SLA commitments.

Change Advisory Board and Incident Management analyst to ensure PROD changes are well documented and planned/unplanned outages (Incidents) meet SLA and company guidelines.

Lead education and awareness campaigns for need-to-know stakeholders and spearhead process improvement initiatives with key program managers and leaders.

2015 to 2021• Wells Fargo • Minneapolis, MN

Technology Relationship Manager / Third Party Corporate Risk Manager

Assumed a lead role directing the bank’s third-party risk management program, spanning six outside vendors and more than 1000 software applications reviewed each year. Served as the architect of a comprehensive code review process within six months, including frameworks for vulnerability management and remediation.

Leveraged the use of an RACI matrix to manage a high volume of work with overlapping and competing priorities.

Partnered with the Legal department to perform bi-annual reviews to ensure compliance.

Recognized for lowering the time required for annual code reviews by 50% and costs by 30% by transitioning to differential assessments, limited to reviewing only code that had changed from the prior year.

2014 to 2015• Wells Fargo • Minneapolis, MN

Full Disk Encryption Testing Coordinator

Joined Wells Fargo as a contractor and lead a team of Quality Assurance engineers tasked with FDE testing.

Achieved all project milestones and deliverables on-time and within budget for the Pre-Boot/Full Disk Encryption rollout leading to an offer to become a full-time employee.

2012 to 2013 • Helgeson Inc. • White Bear Lake, MN

Business Systems Analyst

Helgeson Inc. offered fulfillment services that included rebate check processing, prepaid debit and gift cards, energy incentives program management, and sweepstakes administration.

Innovated and documented process and procedural workflows for complex rebate programs for a utilities company on the West Coast. Scope of work included the development of test cases and scenarios designed to identify process gaps. Completed the transfer of data from testing to production environments.

Early Career

Technical Inventory Analyst, Time Warner Cable - Charlotte, NC

SOX Auditor/404, Moodys – San Franciso, CA

Help Desk Administrator / Y2K, Golden Gate University – San Francisco, CA

US Army 11M/11B – Fort Stewart, GA

Education & Professional Certifications / Development

Keller Graduate School of Management

(MBA) Master of Business Administration, Concentration in Project Management

University of Phoenix

(BA) Bachelor of Science Degree in Business Management

Heald College

(AA) Associate of Applied Science Degree in Network Technology (Cisco Systems)

Certifications and Continued Education

ITIL3 Certification

CISSP (Pending)

Cybersecurity / DevSecOps – Pluralsight

Secure Code Best Practices – Code Academy

Business Intelligence / Business Analytics – Udemy

Cybersecurity (Kali Linux) – TryHackMe

Threat / Risk Compliance – NIST / OWASP / MITRE

Bug Bounty - Bugcrowd

Contact this candidate