Data Entry Information Security

Jessica L. Chisholm ** Old Hope Kent Rd. Hope, Rhode Island 02831

508-***-**** • ***************@****.***

EMPLOYMENT HISTORY

Citizens Bank Johnston, Rhode Island

Vice President, Senior Third Party Vendor Assessment Analyst 2019-2020

Conduct Desk based and Onsite Third Party Vendor Assurance using NIST 800.53 as compliance framework to ensure vendor compliance with company policy

Write Internal and External Third Party Vendor Assessment reports detailing findings and issues discovered during assessment

Engage vendor, Business Line owners as well as other parties in order to meet the target dates

Translate security risk and communicate effectively with internal business partners for risk identification and remediation efforts

Neighborhood Health Plan of Rhode Island Smithfield, Rhode Island Cyber Security Senior Analyst 2018-2019

Respond to intrusion detection / intrusion prevention alerts from outsourced Security Operations Center (SOC)

Work in Prevalent’s portals to streamline assessments. Work with Prevalent technical point of contacts to provide feedback based on application software.

Conduct proper review and follow-up for potential threats based on log monitoring results from outsourced security service

Perform Information Security risk assessments and execute tests of data processing systems to ensure functioning of security measures; examples: HIPAA/HITECH compliance assessment, Role Based Access audit

Gather and research risk control deficiencies and work with Enterprise Risk Management to accurately record in a risk register and assign prioritization

Coordinate and participate in Information Security penetration tests

Manage internal information security scanning tools such as Qualys and perform regular assessments

Coordinate remediation efforts associated with the results of penetration tests and vulnerability assessments

Review and revise Security Incident Response plans as needed

Evaluate and implement security solutions

Support all audit requests

Perform security permissions administration audits (Periodic Access Reviews)

Assist with annual review of Information Security policies, standards and procedures

Promotes Security Awareness throughout the company by facilitating various activities

Evaluates third party vendors by completing an information security assessments CVS Health 2012 - 2018 Woonsocket, Rhode Island

IT Store Support Analyst – Security and Compliance 2013-2018

Manage project requests and estimations

Manage four security engineers in project allocations and vulnerability remediation

Create monthly resource planning and forecasting

Ensure proper provisioning of team members and contractors along with on boarding and off boarding contractors as project demands change

Create metrics for vulnerabilities that exist and create remediation plans

Lead for all security and compliance related issues for stores systems

Keep track of all remediation plans and make sure they are on target

Coordinate and participate in Information Security penetration tests

Manager of all internal and external certificates and polices in Venafi for store systems

Work with the risk management team to follow up on team risks

Work with various audit/assessment teams (internal and external) to track system and application security weaknesses from identification to remediation/risk acceptance

Create monthly executive Power Point presentations for VPs to show our remediation efforts and continuous improvements plans

Work with numerous application managers to monitor chronic areas such as FIM, MSB’s, Access Reviews, Application Exposure Risk Ratings, Inventory, Vulnerabilities, etc.) IT Assessment Advisor- Controls Assessments & Monitoring Team 2013-2015

Performed compliance testing on IT Controls. Highlighted gaps, deficiencies and areas or non- compliance and offer consulting where necessary

Consolidated and streamlined issue management processes for Internal Audits, External SOX Reviews, PCI, FTC, SOC1, SOC2, and Debit Pin assessments

Developed and implemented a scalable, enterprise-wide findings and remediation module on the Archer Platform

Worked with responsible parties to facilitate issue closure on complex, enterprise wide and technical findings

Assisted in the implementation of continuous monitoring program to ensure compliance was maintained

Created weekly metrics for VPs based on Archer analysis

Coordinated and facilitated both FTC (Federal Trade Commission) and PCI (Payment Card Industry) assessments for related applications, operating systems, databases, and critical libraries and directories

IT Quality Metrics Analyst 2012-2013

Built a model and process for measuring and reporting the quality of work order process and engineering functions for the Enterprise IT Services (EITS) group

Provided ongoing oversight and drove continuous improvement

Defined a set of measurements for system and data quality

Proactively analyzed trends, causes and variances

Utilized industry standard practices where appropriate

Communicated with senior IT and business management

Participated in High Level Design Review sessions from perspective of information quality

Promoted use of metrics across the organization

INSTRON 2006 - 2012 Norwood, Massachusetts

Service Quality Analyst 2007-2012

Maintained various databases critical to the calibration laboratory’s compliance to ISO 17025

Managed field software installations, ensuring all FSEs are up to date and receipts are on file

Facilitated use of the Agile database for the entry and management of audits and resulting corrective actions; maintain the Field Service audit schedule and follow up on committed schedules as required

Maintained records of field service engineers signatory status in Agile Database

Conducted a yearly quality management review of the calibration lab

Assisted in internal and external customer audits

Provided status reports on Field Change Orders (FCOs) at Executive Top Ten meetings

Executed FCOs for product safety and data integrity recalls globally

Created Astea training procedures; train the accounting department, call coordinators and the customer service representative group

Facilitated survey process and analyze data from the surveys to a create a company newsletter which highlights strengths and weaknesses of our department within the company

Reviewed customers surveys to determine if they warrant complaint calls

Managed customer insurance certificate requests

Ensured documents are reviewed in a timely manner and submit document change notifications

Managed customer safety surveys and handle customer questions that involve OSHA/EMR data

Served as report manager for Safe2Work and OSHAcademy training for the field service engineers; ensure that the required safety courses for all FSEs are completed

Maintained the Service Unified Price List

Quality FCO Administrator 2006-2007

Created a new MOCT process in Agile and conducted training sessions

Conducted Quality-related meetings for customer complaints for business teams

Monitored status of quality service requests, engineering service requests, opportunities for improvements, and corrective actions

Updated quality documentation for compliance to ISO 9001

Conducted quality management reviews

DRAKA CABLETEQ USA 2004-2006 Taunton, Massachusetts Quality Control Administrator 2004–2006

Maintained ISO procedures, documents, and work instructions

Created quality control documents for customers (certificates of compliance, general data sheets, lab reports, etc.)

Prepared PowerPoint presentations for Quality, HR and Operations Departments

Oversaw the Quality Control database

Human Resources 2004-2005

Provided administrative support to Quality, HR, and Operations Departments

Maintained HR vacation spreadsheets, annual accrual spreadsheets, and provided employees with the required forms

Maintained attendance control policy and earned personal day policy; maintained weekly payroll, administered HR’s safety eyeglass program and safety incentive program

Balanced weekly spending of uniform and maintenance supplies

Served on the profit improvement team and safety committee team CITIZENS FINANCIAL GROUP 2000-2003 Cranston, Rhode Island Technical Support Administrator for Systems Support 2002–2003

Provided technical support and project management assistance for Commercial Loan Operations

Maintenance of critical files, reports, procedures, and a variety of other forms TEXAS INSTRUMENTS 1998-2001 Attleboro, Massachusetts Administrative Assistant 2000–2001

Assisted automotive department in administrative activities

Generated reports using Oracle in distributing voucher registers

Organized various meetings and company events

Customer Service 1999-2000

Responded to customer requests regarding order status using Oracle

Followed through on problem accounts

Data Entry Analyst 1998-2000

Analyzed productivity by developing reports and charts used for production

Calculated daily inventory counts based on work in process

Maintained databases of productivity in Access and Excel

Posted weekly charts of product performance using Power Point EDUCATION

Bachelor of Science in Business Information Systems with a Minor in Marketing Jan 2002 University of Massachusetts Dartmouth – Dartmouth, Massachusetts

DELTA MU DELTA- the National Honor Society in Business Administration Associate Degree in Liberal Arts June 1999

Bristol Community College – Fall River, Massachusetts

The Frank Golden Memorial Scholarship for the highest ranking GPA of 4.0 within the E.P. Charlton College of Business

SKILLS AND CERTIFICATIONS

Certified Third Party Risk Professional (CTPRP)

o The Santa Fe Group (Credential ID: 02-2019-1528)

Certified ISO 17025 and ISO 9001 Auditor

Certified in the DuPont Stop for Safety Program and Qualified Stop for Safety Auditor

CEMPRO (Customer Experience Management Professional) Advocate Certification

Advanced knowledge of Microsoft Office Suite -Access, Excel, Word, Power Point

Knowledge of a number of data management techniques and business systems (Agile, IBS, Astea, UPL, CR Manager, Archer, QualysGuard, Venafi, Kenna, SharePoint)

Strong organizational skills and attention to detail

Self-motivated and ability to work independently with a minimum of supervision

Ability to multi-task, keeping several projects on target simultaneously

Strong knowledge of IT audit test methodologies

Contact this candidate