Information Security Social Media
Resume:
MONA LISA (ML) BROOKSHIRE, MBA
**** ******** **** ***** ****, TX 77493 +1-516-***-****
E-mail: *************@*****.*** / ******************@*****.***
Online Presence: http://www.linkedin.com/in/ml4lyfe / All Social Media Handles: ml4lyfe
EDUCATION
Clark Atlanta University Spelman College
Atlanta, Georgia Atlanta, Georgia
Master of Business Administration, (MBA) May 2005 Bachelor of Arts, (B.A. Hons.) May 2001
Major: Brand Marketing & Communications Majors: English Literature and International Business
TED Talk (Most Recent): https://youtu.be/TFfhuynlUnU
Multi-Faceted IT, Marketing & Communications Maven with global experience. Passionate and Ambitious Information Security Analyst with the ardor and fervor to positively impact your bottom line and showcase a results-oriented drive that will culminate into overall business success from an IT standpoint. Looking forward to exhibiting the very fabric of my versatility within the realm of Risk Assessment of General Support Systems (GSS) and Major Applications (MA), 3rd party/Vendor Security Control Assessment, IT Auditing, HIPAA, SSAE 18, SOC 2 Type II Reports, HITECH, SOX, GLBA, ISO, FISMA, Physical Security, General Computer Controls, Compliance Testing, Configuration Management, Security Maintenance, Contingency Planning; Policies and Procedures, Implementation, NIST 800-53a, SIG Lite within the Manufacturing, Oil & Gas, Technology, Telecommunications industries et al.
EXPERIENCE
06/16 - present Samsung (www.samsung.com) Houston, TX, Palo Alto, CA & Soho, NY
Information Security Analyst, SmartThings Automation Systems
Delineate and identify the overall Information Security strategy to demonstrate the viability and implementation feasibility of all SmartThings products to allow B2B/B2C consumers to sync up their connected gadgets onto a single smartphone hardware hub
Perform security assessments to meet the HIPAA and NIST Risk Management Framework (RMF) requirements (NIST SP800-37, 800-53a); and develop solutions and adhere to Service Organization Control (SOC) reporting standards on an adhoc basis
Perform scans, work with System/Network administrators to ensure the secure installation of applications and networks whilst evaluating results and determining remediation systems that are ISO 27K (ISO 27001) compliant
Conduct and document security assessments and analyze the effectiveness of security controls whilst reassessing remediated controls (where applicable)
Develop Test Plan, ST&E, SAR and POAM reports to improve the analysis of federal incidents as well as the overall security operating functions in Security Control Testing
Analyze system risks to implement appropriate security countermeasures and implement plans to secure computer files against breach, destruction or accidental modification
Facilitate the reviews of internal security controls and IT General Controls (ITGCs)
Evaluate risk assessment policies, vendor questionnaires, technical procedures and standards for preserving security and execute scripts to communicate with back-end servers by providing real-time updates on an ongoing basis
Investigate PCI DSS 3.2.1 standards for POS cards etc.; and analyze technical issues utilizing knowledge-based experiences on Information Systems projects
Identify areas for automation in relation to third-party vendor and security risk-related processes whilst monitoring third-party provider risk continuance policies
Monitor the execution of risk treatment and evaluate residual risk from vendors by leading detailed vendor risk assessments, partnering closely with key partners, to identify and evaluate risks before establishing or continuing operations with third-party vendors; and determining the risk rating with qualifications based on the potential impact
Manage all Vendor Risk Management (VRM) reviews, internal communications, marketing intelligence / business intelligence for SSAE 16/18, PCI reviews and SOX assessments utilizing Control Objectives for Information and Related Technology (COBIT) / COSO frameworks
Establish and complete required system and application cybersecurity due diligence documentation within SLAs (Service Level Agreements) with GLBA controls
MONA LISA (ML) BROOKSHIRE, MBA
6231 Cantigny Lake Drive Katy, TX 77493 +1-516-***-****
E-mail: *************@*****.*** / ******************@*****.***
Online Presence: http://www.linkedin.com/in/ml4lyfe / All Social Media Handles: ml4lyfe
11/13 - 06/16 Hewlett Packard (www.hp.com) Houston, Texas
Information Security Analyst, Enterprise Systems
Reviewed and validated vendor appropriate implementations of information security controls and analyzed the information to identify non-compliance issues
Utilized Standard Information Gathering (SIG) Lite security questionnaires and other Information Security documentation for third party vendor assessments
Liaised with stakeholders and business units to initiate, scope and plan control assessments for new and existing vendor engagements using (VRM) Frameworks
Orchestrated a robust, integrated corporate channel for Information Systems and identified security weaknesses and gaps by producing detailed reports of assessments
Provided professional security engineering and compliance efforts according to, HIPAA, PCI-DSS, Sarbanes Oxley 404 and GLBA regulations to develop security infrastructure monitoring and incident management scorecard reporting systems for review
Assessed vendor reviews, data center documents; and also evaluated the evidence provided before remediation plans were annulled
Escalated issues associated with vendors as needed to the Information Security Manager and performed peer reviews on completed assessments for quality assurance purposes
07/11 - 07/13 AT&T (formerly Cingular Wireless (www.att.com) Houston, Texas
Junior Systems Specialist & BA
Conducted daily business analyst duties as well as project management due diligence tasks using Agile and other corporate technologies for helpdesk communication
Responded to user service requests and expediently resolved open trouble tickets and software cases in order to maximize system uptime
Supported disaster recovery plans, performed regular backups and created images of multiple workstations prior to updates
Assisted desktop and laptop users with issues related to Microsoft Adobe, Symantec and other deployed software within the organization
Disassembled computer systems to troubleshoot and resolve hardware issues and diagnosed, tested and repaired a myriad of devices by following electrical procedures
Spearheaded the implementation of New Product Introductions (NPIs) determining if the products would be created for old or new business markets utilizing Ansoff’s Matrix
Updated new technologies, current market trends, monitored quality and the current status of computer hardware along with electronic circuitry
09/01 - 07/11 General Electric (GE Energy) (www.ge.com) Atlanta, Georgia
Six Sigma Black Belt Marketing Manager, Product Dev’t Group
Conducted sales and competitor analysis of the market by providing synergized forecast data for strategic planning and tactical engagements in addition to evaluating and assessing Gas Turbine price points on a continual basis
Leveraged brand development interest by conducting primary research for new product conception; product penetration, product development / diversification; and also focused primarily on the attainability of key strategic marketing projections
Synthesized and evaluated complex marketing research and sales analysis data to drive quantifiable results for Segmentation Targeting and Positioning (STP) by leading a team that delivered process improvements around product marketing and commercialization processes in B2B Energy markets
Implemented the annual marketing plan for the department, provided write-ups and strategic communication to improve key processes and marginalized information for upper-level management utilizing a strategic framework
Facilitated New Product Development cross-functional engagement and workout sessions using statistical tools and strategic marketing concepts to recommend business solutions and strategies to all GE Corporate Clientele
MONA LISA (ML) BROOKSHIRE, MBA
6231 Cantigny Lake Drive Katy, TX 77493 +1-516-***-****
E-mail: *************@*****.*** / ******************@*****.***
Online Presence: http://www.linkedin.com/in/ml4lyfe / All Social Media Handles: ml4lyfe
Highlights and Capabilities
GLBA & SOX 404 Compliance Testing
Conduct IT risk assessments and document all system security keys controls
Meet with IT teams to gather evidence, testing procedures whilst documenting test results and exceptions
Conduct walkthroughs, formulate test plans and develop remediation plans for each area of testing
Participate in the SOX testing of the General Computer Controls
Develop Business Continuity Plans and create strategic relationships with outsourced third-party vendors
PCI DSS Related Experience
Assist the Compliance team to assess, remediate and facilitate to make sure there is a secure payments environment in compliance with the PCI data security standard
Install and maintain firewall configuration to protect cardholder data (PHI)
Ensure that the corporation does not use vendor-supplied defaults for system passwords and other security parameters
Create measures to protect stored cardholder data
Establish policies to make sure cardholder data across all open and public networks is secured
Maintain a Vulnerability Management Program (VMP)
Develop and maintain secure systems and applications
Implement strong access control measures and make sure that a unique ID is assigned to each person with computer access
Orchestrate programs and procedures to restrict physical access to cardholder data
Regularly monitor and test networks
Randomly test security systems, parameters and processes
Maintain an Information Security policy
Certifications: Six Sigma Green Belt, Black Belt License & Customer Relationship Management (CRM) Certification. Aspiring towards becoming a Certified Information System Security Professional (CISSP)
Interests: Avid Real Estate Investor, Jazz Enthusiast, Global & Iconic Brand Strategist, Movie Buff, Pianist & TEDx Public Speaker that thrives on Socialization & Networking opportunities via Social Media et al
Contact this candidate