Security Analyst Compliance

ROSHODE MCQUEEN

Mobile: 512-***-**** Email: *******.*******@*****.***

PCI DSS Expert Security Analyst Compliance Analyst Risk Analyst

Roshode is a hands-on technical cybersecurity and compliance leader with over half a decade of experience. He utilizes his practical experience as a PCI expert to implement robust security programs, scope limiting solutions, develop compensating controls for several large organizations. He possesses hands on project experience working with Encryption and Analyzing threats.

•Captured traffic from the firewall, found and stopped data exfil of credit card and encrypted data.

•Accessed the command and control server of a group of hackers to disable a botnet network in use to execute a widespread financial scam triggering the collapse of a national bank.

•Conducted a risk assessment of a company’s existing network structure and its cyber risk posture for possible phishing attacks.

Areas of Expertise

Security/Compliance Frameworks

•Payment Card Industry Data Security Standard Compliance (PCI DSS)

Security Tools

•Firewalls

•Intrusion Detection Systems (IDS)

•Intrusion Prevention Systems (IPS)

•Antivirus Software

•Virtual Private Networks (VPNs)

•Encryption Tools

•Security Information and Event Management (SIEM) Systems

•Endpoint Security Solutions

•Data Loss Prevention (DLP) Solutions

Virtualization & Cloud

•VMware vSphere

•Microsoft Hyper-V

•Microsoft Azure

Firewalls

•Pfsense

Security Strategy

•Governance

•Risk Management

•Compliance

•Cloud Security

Professional Experience

Baxter Clewis Consultant

2023-PRESENT

•Reviewed network firewall configurations for PCI DSS compliance by conducting thorough assessments to ensure adherence to regulatory standards, identifying gaps, and recommending necessary adjustments to enhance security posture and maintain compliance with industry regulations.

•Advised clients on the implementation of relevant PCI DSS controls by providing expert guidance on best practices, interpreting complex regulatory requirements, and tailoring solutions to align with specific organizational needs, thereby enabling clients to strengthen their security measures and meet compliance obligations effectively.

•Evaluated password configuration settings on Linux and Windows systems for PCI DSS compliance through detailed analysis, identifying weaknesses, and proposing robust security measures to mitigate risks, enhance data protection, and ensure alignment with regulatory mandates.

•Created comprehensive remediation plans for non-compliant system configurations for PCI Compliance by outlining actionable steps, prioritizing tasks based on risk levels, and collaborating with stakeholders to implement necessary changes promptly, thereby reducing vulnerabilities, enhancing overall security posture, and safeguarding sensitive data.

Commvault GRC Analyst 2022-2022

•Designed and implemented customized proof-of-concepts tailored to customer needs by collaborating with stakeholders to understand requirements, developing innovative solutions, and presenting them effectively. This initiative resulted in a 20% increase in conversion rate from initial inquiries to closed deals, enhancing the company's revenue stream and market competitiveness.

•Streamlined customer and prospect transitions from Commvault (On-Prem) to Metallic (SaaS) through meticulous planning, coordination with cross-functional teams, and efficient execution. This effort led to a 30% decrease in migration time and a 25% improvement in customer satisfaction ratings, boosting operational efficiency and customer loyalty.

•Engaged with engineering and product management teams to identify and deliver workarounds or solutions by conducting thorough analysis, facilitating productive discussions, and driving implementation efforts. This proactive approach resulted in a 15% reduction in escalated customer issues and a 20% increase in overall product stability, enhancing customer experience and product reliability.

Wipro Inc GRC Specialist

2020-2022

•Identified and resolved critical issues at Facebook/Wipro, leading to a 30% reduction in resolution time, surpassing triage objectives. This recognition from management highlighted the impact of my efforts on operational efficiency and effectiveness within the cybersecurity GRC domain.

•Spearheaded the establishment of the Core SRT pod, enhancing cross-team collaboration and improving issue resolution efficiency by 20%. This initiative significantly strengthened the overall cybersecurity GRC framework, fostering a more cohesive and proactive approach to risk management and compliance.

•Demonstrated consistent excellence in task execution with a 99% quality and completion rate, resulting in heightened customer satisfaction and a 30% decrease in rework. By upholding high standards in task delivery, I contributed to the overall effectiveness and reliability of cybersecurity GRC processes, ultimately enhancing organizational resilience and risk mitigation strategies.

Impero Software Cybersecurity Governance specialist

2019-2020

•Identified and mitigated security threats and vulnerabilities proactively, leading to a 40% decrease in successful cyberattacks and data breaches. This enhanced the organization's cybersecurity posture and protected sensitive data from unauthorized access, ensuring business continuity and maintaining customer trust.

•Led the development of a comprehensive training manual and user documentation for new hires, streamlining the onboarding process by 25% and accelerating job proficiency by 15% within the first month. This initiative improved operational efficiency, reduced training costs, and enhanced employee productivity, contributing to overall business success.

•Facilitated effective communication between 45+ engineering teams and PDS, resulting in a 15% decrease in miscommunication-related delays and a 25% boost in overall productivity. By fostering collaboration and alignment across departments, this effort optimized project timelines, minimized errors, and increased operational output, ultimately driving business growth and success.

Lief Johnson Ford Risk Analyst

2017-2018

•Streamlined the process of completing expense reports and audit reports by implementing efficient workflows and automation tools, resulting in a 20% reduction in administrative overhead and a 15% increase in overall efficiency. This improvement enhanced compliance and reduced the risk of errors in financial reporting, ultimately strengthening the company's cybersecurity posture and operational resilience.

•Leveraged the company database to gather accurate and relevant information for customers, enhancing data integrity and security measures. This initiative led to a 30% increase in customer satisfaction scores and a 10% rise in repeat business, demonstrating a proactive approach to cybersecurity governance and risk management that positively impacted the company's reputation and bottom line.

•Spearheaded the implementation of strategic initiatives that directly contributed to a notable 12% increase in the company's annual profits, translating to a revenue growth of $1.2 million. By aligning cybersecurity practices with business objectives, these initiatives bolstered the organization's financial resilience and competitive advantage in the market, showcasing the value of a robust cybersecurity GRC framework in driving sustainable business growth.

•Recognized as Employee of the Month (July/2018) for consistently achieving targets and delivering exceptional performance in cybersecurity governance, risk management, and compliance. This recognition underscores a strong commitment to upholding industry best practices and standards, fostering a culture of excellence and continuous improvement within the cybersecurity GRC function.

Schwan's Risk Analyst

2016-2017

•Implemented a referral program by designing and executing strategies to increase new customer acquisitions weekly, resulting in a 15% expansion of the customer base within three months. This initiative enhanced brand visibility and market reach, contributing to business growth and revenue generation.

•Achieved a 99% completion rate in fulfilling daily customer orders by implementing streamlined processes and quality control measures, leading to improved customer satisfaction levels and a 40% reduction in order errors. This enhancement in operational efficiency positively impacted customer retention and loyalty.

•Orchestrated accurate routing schedules to optimize delivery logistics, resulting in a 95% on-time delivery rate and a 25% reduction in delivery delays. This meticulous planning and execution improved overall supply chain efficiency, customer service levels, and operational cost-effectiveness.

•Developed and maintained strong relationships with key stakeholders, including vendors, partners, and regulatory bodies, to ensure compliance with cybersecurity governance, risk, and compliance (GRC) standards.

The Diamond Group Security Analyst

2013-2015

•Managed cybersecurity governance, risk, and compliance protocols to ensure a secure environment, resulting in a 0% incident rate and a 15% decrease in security-related incidents. This contributed to safeguarding sensitive data and maintaining operational continuity.

•Proactively identified and reported cybersecurity risks and anomalies, leading to a 20% enhancement in threat detection capabilities and a 10% reduction in incident response time. This proactive approach strengthened the organization's resilience against cyber threats.

•Delivered comprehensive cybersecurity training and guidance to new team members, enhancing onboarding efficiency by 30% and increasing job proficiency by 15%. This initiative ensured that all team members were well-equipped to adhere to security protocols and contribute effectively to the organization's cybersecurity posture.

Securitas Security Analyst

2012-2013

• Utilized video surveillance software to efficiently monitor and analyze security footage, resulting in a 24% increase in security effectiveness. Implemented advanced video analytics tools to proactively identify potential security threats, enhancing the overall security posture of the organization. This initiative streamlined the monitoring process, enabling quicker detection and response to security incidents, ultimately reducing the risk of breaches and unauthorized access.

• Operated and monitored closed circuit television (CCTV) systems with a 99% uptime, ensuring uninterrupted coverage of critical areas. Conducted regular maintenance and system checks to guarantee optimal performance of CCTV systems, minimizing downtime and ensuring continuous surveillance of key locations. This proactive approach to system management enhanced situational awareness and provided real-time visibility into security events, contributing to a more secure environment for the organization.

•Delivered daily reports detailing activities and irregularities, improving incident response time by 15% and decreasing unresolved security incidents by 10%. Implemented a structured reporting process to document security incidents and anomalies, facilitating timely analysis and response to potential threats. By providing detailed insights into security events, these reports enabled the security team to prioritize and address incidents promptly, reducing the impact of security breaches and enhancing the overall resilience of the organization.

•Conducted regular security assessments and audits to identify vulnerabilities and compliance gaps, ensuring alignment with industry regulations and best practices.

U.S. Navy Operations Speacialist

1997-2009

•Collaborated as an integral team member to enhance operational efficiency by 15% and reduce errors by 10%, contributing to the strengthening of cybersecurity governance, risk management, and compliance processes within the organization.

•Executed precise commands and closely monitored system functioning to achieve an impressive 92% error detection rate, ensuring the accuracy and integrity of cybersecurity operations in alignment with governance, risk, and compliance standards.

•Installed and conducted minor repairs on hardware, software, and peripheral equipment, resulting in a 20% reduction in system downtime and an 18% decrease in maintenance costs, thereby fortifying the cybersecurity GRC framework and optimizing resource utilization.

•Maintained meticulous records of daily data communication, transactions, problems, and remedial actions, leading to a 25% improvement in issue resolution time and a 15% increase in overall system reliability, bolstering the organization's cybersecurity GRC posture.

Certifications

•Network System Administrator - Professional Certificate of Completion

•NexGenT Cyber Security Associate (NCSA)

•NexGenT Cyber Security Professional (NCSP)

•Learning Mobile Device Security

•Cyber Security Awareness: Cloud Security

•Qualys: Vulnerability Management

Education +-

•NexGenT Intensive 24-week military-grade Cyber Security Specialist Program

•New Horizons Learning Center 6-month Network System Administrator program

•Austin Community College Associate of Science: Criminal Justice

•Austin Community College Fiber Optics Technichian

Contact this candidate