Risk Management Information Security

PROFESSIONAL

SUMMARY

An Information Security Analyst with over a decade of experience,

specializing in vendor risk management and information security auditing. Leveraging a deep understanding of the NIST 800-53 framework, Abena excels in conducting risk assessments, developing security assessment reports, and implementing enterprise risk management controls. Known for a methodical approach to enhancing security protocols and collaborating effectively with stakeholders to mitigate risks, this analyst is poised to contribute significantly to cybersecurity initiatives. SKILLS

Vulnerability Management

Audit Testing of Controls

Gap Analysis

Nerc-CIP framework

IT General Controls Audit

Regulatory Compliance Program

Management

Designing and Tailoring Security

Controls

Analyzing SOC and Penetration

Test Reports

Analytical Thinking

Extensive Understanding of Risk

Management Framework

(RMF)/Cybersecurity/IT Security &

NIST 800 Special Publication Series

PCI DSS Management Reports

Engineering Periodic Testing of

Controls

Assessing Vendors for Security Risk

Internal and External Auditors ISO

27000 Audits

Enterprise Risk Management

Controls

Supply Chain Management

WORK HISTORY

Cyber Security Analyst (SOC) / DTE Energy - Hybrid, MI / 03.2023 - Current Proactively monitor and analyze security alerts and events in real-time to identify threats and vulnerabilities before they impact the organization, demonstrating strong sense of urgency and attention to detail. Collaborate with other departments to conduct simulated cyber attack exercises to identify vulnerabilities and improve incident response procedures

Collaborate with cross-functional teams to develop and implement cybersecurity strategies that align with business objectives and adhere to industry regulations and best practices

Develop and implement cybersecurity training programs for employees to ensure awareness of best practices and new threats, ultimately enhancing organization's overall security posture

Conduct regular training sessions for employees on cybersecurity best practices, emerging threats, and incident response protocols to enhance organization's overall security posture and reduce human error risks

Conduct regular security assessments and audits to identify potential ABENA WEALTHY

************@*******.*** 737-***-**** Leander, TX 78641 vulnerabilities and recommend proactive measures to mitigate risks, providing valuable insights to improve organization's cybersecurity posture and resilience

Continuously research and stay updated on latest cybersecurity trends, threats, and Nerc-CIP/NIST framework to provide cutting-edge solutions and proactive security measures for the organization, showcasing commitment to ongoing professional development and enhancement of cybersecurity expertise.

Analyze a variety of network and host-based network security appliance logs (Firewalls, NIDS,HIDS, SYS Logs etc) to determine correct remediation actions and escalation paths for each incident

Vendor Risk Associate (GRC Assurance Team) / State Of Michigan(DTMB) - Remote, MI / 08.2018 - 03.2023

Facilitated vendor onboarding process by performing third-party party risk assessment of vendors

Collaborated with business owners to document vendor relationships, collect supporting risk assessment documentation, and monitor vendors' performance

Developed Vendor Risk Assessment Report and escalated issues when necessary

Compiled Risk Assessment Reports (RAR) and consulted with vendor's primary contact about assessment findings.

Revised/ reviewed policies, procedures and standards annually Established performance metrics for evaluating vendor effectiveness, aligning supplier goals with overall business objectives. Analyzed supplier risk profiles to ensure stability within the supply chain while mitigating potential disruptions caused by unforeseen circumstances such as natural disasters or geopolitical events. Information Security Auditor / Google/Accenture - Remote, CA / 01.2018

- 08.2018

Conducted audits on (IT) operating system (OS) platforms and operating procedures in accordance with established standards for efficiency, accuracy, security, and risk mitigation

Conducted kick-off meetings in order to categorize systems according to NIST requirements of Low, Moderate, or High Risk Evaluated IT infrastructure in terms of risks to about 80 departments and establish controls to mitigate loss

Determine and recommend improvements to enterprise risk management controls

Designed and performed information technology internal Controls test work for banking /Public Sector clients using PCI DSS as guide Identified and Reported threats /Vulnerabilities applicable to Systems. IT Security - Project Coordinator / JP Morgan Chase - Chicago, IL / 06.2014 - 01.2018

Developed Security Assessment Reports (SAR) and Plan of Action and Milestone reports (POA&M)

Wrote about 250 technical narratives to document processes and design changes

Kept projects on schedule by managing deadlines and adjusting workflows

Supervised multiple projects from project start through delivery by prioritizing needs and delegating assignments

Provided input and feedback on departmental initiatives, directives and strategies to contribute to project success

Created and monitored Project Charters, story Boards from start to finish. EDUCATION

National Able Network Power BI/Data Analytics - Chicago, IL / 06.2020 Certification

University of Ghana - Accra,Ghana / 05.2012

Bachelor Of Arts: Information Technology Studies And Sociology CERTIFICATIONS

CISM,CISA, EXCEL, Certified in Cyber Security, CISSP in Progress

Contact this candidate