Mary Marvig – CompTIA Security+
adi07k@r.postjobfree.com
Professional Summary
Information Systems Security Compliance Analyst with experience using automated tools and standards to ensure system security posture complies with industry and organizational security policies.
Areas of Expertise
Sarbanes-Oxley Act, SAS-70 Access Controls
Change Management Patch Management
Compliance Audit Network Vulnerability Assessment
HIPAA Compliance NIST 800-53
Nessus PCI DSS
Cyber Security Analyst
3T Solutions Consulting
2017 - Present
Ensure that security plans, controls, processes, standards, policies and procedures are aligned with organizational cybersecurity and compliance policies
Confirm Risk Assessments are current and accurate reflection of the existing state of the organization’s systems and services
Responsible for tracking project metrics and monitoring processes maturity based on Key Performance Index (KPIs) and reports
Experience implementing the security risk assessment utilizing NIST SP-800 framework
Analyze security procedure violations and developed plans to prevent recurrence
Assist with maintaining compliance for industry PCI Certification
Responsible for administration of the central Patch Management System to ensure system security compliance
Responsible for preparing and distributing project processes and performance to stakeholders
Responsible for transcribing project meetings into PowerPoint presentations for project leads to help in the management of project risks
Responsible for Project Management documentation storage using Microsoft SharePoint Portal for secured distribution to teams
Work closely with the Risk Management teams to ensure identified risks and all pertinent information is captured for risk analysis and are incorporated in the appropriate risk assessment
. Experience in leading programs for SaaS security compliance framework
. Experience in privacy compliance such as GDPR and ACCPA
. Experience in leading compliance activities including SOC 2, ISO 27001,27017,27018
.
Compliance Support Analyst
Eventide Health
2015-2017
Analyzed security procedure violations and developed plans to prevent recurrence.
Assisted with maintaining compliance for organization’s HIPAA audit
Performed Operating System patch management and coordination in Microsoft, Apple OS environments
Performed host security assessment and implemented appropriate security controls to mitigate the risk to the organization
Managed information security incidence to ensure effective prevention, detection and containment of security breaches
Contributed to the development of information security policies, standards and procedures
Assist operations and development teams in aligning operating procedures with information security best practices
Serve as internal analyst to business development, and infrastructure teams, advising internal business units with current information about best practices, changes to the threat landscape and security related issues
Technical Training
CompTIA Security+
ITILv4 Foundation
Education
University of Cape Coast
Certification
CompTIA Security+