Cybersecurity Professional

Phillip C. Porter

214-***-**** ️ ********.******@*******.*** Dallas/Fort Worth, TX (Remote/Hybrid)

U.S. Citizen · Public Trust Eligible

linkedin.com/in/phillipcporter

Certifications: CompTIA Security+ AWS Certified Cloud Practitioner (2023) CRISC (Nov 2025) CISM (Oct 2025)

Professional Summary

InformationSecurity & GRC Analyst with 5 years of combined realworld experience and graduatelevel training safeguarding cloud and onprem systems in finance, mortgage, and global technology environments. Proficient in incident response, vulnerability management, thirdparty / supplychain risk, and Risk Management Framework (RMF) execution. Experienced mapping NIST 80053, ISO 27001, NIST CSF, SOC 2, PCIDSS, SOX 404, HIPAA controls; tuning SIEM (Splunk ES, IBM QRadar); and automating evidence workflows in ServiceNow GRC, RSA Archer, AuditBoard, ZenGRC. MBAbacked business acumen converts technical risk into executive dashboards that secure funding and accelerate remediation. Seeking to leverage FedRAMP, MITRE ATT&CK, FAIR risk quantification, and cloudsecurity expertise to strengthen enterprise security posture.

Core Competencies

RMF & FedRAMP Compliance ThirdParty / SupplyChain Risk Incident Response & SIEM Tuning Vulnerability Management & Patch Governance Cloud Security (AWS, Azure) NIST CSF & 80053 ISO 27001 & CIS Controls Audit Readiness (SOC 2, PCIDSS, SOX 404, HIPAA) FAIR Risk Quantification Executive & Board Reporting Project & Agile Scrum Leadership

Professional Experience

Senior Information Technology Analyst – Security, ThirdParty Risk & Compliance

Wells Fargo – Technology Risk Division · Dallas, TX Dec 2024 – Apr 2025

40 hrs/wk — Supervisor may contact

Led enterprise thirdparty risk assessment initiative: evaluated 40+ technology vendors using SIG Lite and ISO 27001 AOC reviews; identified 6 critical gaps and drove remediation plans that reduced residual vendor risk 15 %.

Analyzed and upgraded vendorintegration processes, mapping API dataflows against NIST 80053 rev 5 controls; documented POA&Ms and achieved 96 % ontime closure ahead of internal audit.

Collaborated with business units (Payments, Consumer Lending, Wealth) to align new SaaS solutions with security and performance requirements, selecting architectures that cut onboarding time 20 %.

Developed thirdparty monitoring dashboard in ServiceNow GRC & Power BI, tracking SLA adherence, vulnerability status, and contract milestones—providing executives a realtime vendorhealth view.

Provided technical guidance to project managers and application owners on secure dataexchange patterns, encryption standards, and incidentescalation protocols, improving crossteam compliance awareness.

Cybersecurity Communications Consultant

Cognizant Technology Solutions · Dallas, TX Apr 2022 – Aug 2024

40 hrs/wk

Tuned Splunk and QRadar correlation rules, lowering false positives 25 % and meantimetodetect 30 % for Fortune500 clients.

Led cloudsecurity assessments in AWS & Azure against ISO 27001 Annex A controls; zero critical findings in external audits.

Completed thirdparty risk reviews for 25 + SaaS vendors, embedding encryption and logging clauses that reduced vendorrelated risk 15 %.

Developed Microsoft Purview dataclassification and RBAC playbooks, boosting sensitivedata discovery accuracy 40 %.

GRC Analyst – Audit

Franklin American Mortgage Company · Irving, TX Jun 2014 – Apr 2022

40 hrs/wk

Authored policies and animated explainers demystifying SOX & PCI controls; employee violations dropped 25 %.

Performed postclosing audits on 50–60 loans/week (FHA, VA, FNMA); cut critical defect rate from 8 % to 2 % in 6 months.

Prepared & balanced closing packages, achieving 100 % funding accuracy and 98 % ontime funding.

Managed a pipeline of 35 + loans, maintaining an 18day cleartoclose average and 95 % customersatisfaction score.

Education

Master of Science in Cybersecurity — University of Dallas

Coursework: Network Security, Application Security, Cloud Security, Risk Management, NIST Frameworks, ISO 27001/002, Security Analytics, AI & Machine Learning for SOAR

Master of Business Administration (MBA) — University of Dallas

Coursework: Strategic Management, Managerial Finance, Accounting for Decision Makers, Marketing Management, Operations & Supply Chain, Business Analytics, Organizational Behavior & Leadership, Business Ethics & Sustainability, Global Business Strategy, DataDriven Decision Making

Bachelor of Arts in Communications — University of Minnesota

Technical & Platform Skills

Cybersecurity & GRC: NIST CSF, NIST 80053, ISO 27001/002, CIS Controls, SOC 2, SOX 404, PCIDSS, HIPAA, RMF, FedRAMP, FAIR, MITRE ATT&CK

SIEM & IR: Splunk ES, IBM QRadar, Microsoft Defender XDR, CrowdStrike Falcon, Wireshark

Cloud Security: AWS (GuardDuty, Security Hub, KMS, S3, IAM), Azure (Security Center, Conditional Access), Terraform (IaC security)

GRC Platforms: ServiceNow GRC, RSA Archer, AuditBoard, LogicGate, OneTrust, ZenGRC

Vulnerability Mgmt: Qualys, Nessus

Scripting: PowerShell, Python

Analytics & Reporting: Power BI, Tableau

Collaboration: MS 365, Google Workspace, Slack, Jira, Confluence, MS Word, Excel, PowerPoint (advanced visual storytelling)

Professional Memberships

ISACA – Dallas/Fort Worth Chapter ISC2 Candidate International Information System Security Certification Consortium (ISC2)

Contact this candidate