Information Security Analyst

Junior Peter Lamptey

Macomb's Rd, New York, *****

Phone: 516-***-****

********.***@*****.***

Profile

Highly motivated Governance, Risk and Compliance (GRC) analyst with industry experience in Third-Party/Vendor Risk Assessment, ITGC Testing, SOX Compliance, ISO 27001/27002: 2013, NIST 800 SP, PCI DSS, COBIT and COSO

Functional Skills

Testing Controls, NIST 800-60, NIST 800-53, NIST 800-30, NIST 800-37, Business Continuity Plan, Disaster Recovery, ISO 27001, 27002, SOC2, SOC3, PCI DSS, Internal Control Design, Risk Assessment, Third Party Management, Audit Compliance.

Skills

IT Risk Management

Risk Assessment

NIST

Information Security

IT Audit

Experience

Information Technology Audit

Mastek Inc, Yonkers 10/08/2017-Current

Review audit evidence, prepare audit plans, workpapers, findings, status report and audit report

Develop new audit techniques, revise existing procedures and perform risk analysis in order to determine the frequency of audit.

Identify and analyze complex issues, problems and improvement opportunities and develop conclusions and recommendations.

Support audit planning, entity monitoring, enterprise risk management in accordance with IIA standard.

Evaluate risk, perform control assessments, report results and make recommendations to improve internal controls over business processes, systems and financial reporting.

Escalate significant audit issues identified and research viable solutions to make value-added recommendations

Testing of IT Controls, documenting and providing recommendations.

Assess client business processes, information systems and internal controls

Interact with senior and line level management in matters relating to internal controls and enterprise risk

Coordinate with the external auditors to support the delivery of SOC and financial audits

IT Risk Analyst- Third Party/Vendor Risk

Kairos Vision Consult, New York 01/1/2016

Third-Party due diligence, vendor reviews and assessment and assisting TPRM department in the implementation and ongoing maintenance of Third-Party Governance, Risk and Compliance (GRC) Risk Assessment, Incident Management, and other risk management related activities.

Perform first line analysis and trending to detect patterns of service delivery (non) performance across vendors/engagements

Develop portfolio management strategy, by assessing inventory for efficiency and reduction opportunities across.

Contribute to developing, reviewing policies, standards for addressing various open risks in the TPRM domains.

Coordination with various functions, stakeholders on various front related to TPRM initiatives.

Strong attention to details with a solid risk and control background.

Provide strategic input to the development of new processes and design of existing processes.

Education Central University Bachelor's Degree in Bus Admin

Certification EC-Council Certified Ethical Hacker (CEH)

.

Contact this candidate