Desk Technician Information Security
Resume:
JENNIFER AWUNOR,
**** ****** **** ********** ** *0052 470-***-**** Email: adxso6@r.postjobfree.com
CAREER FOCUS
A dynamic Information Security Professional with 3+ years of experience and expertise in Control Assurance, and Information Security Risk Management, Skilled in security control assessment, implementation of security controls, and development of information security policies, standards, and procedures with a focus on privacy and regulatory compliance, experience in compliance audit, including gap analysis, risk assessments, and vendor risk management. Excellent communication and client relationship management at all management levels.
PROFESSIONAL EXPERIENCE
IT SECURITY RISK ANALYST- Governance Risk & Compliance Plaid Enterprise 03/2021 - Present
Developed and reviewed information security policies, standards, processes, and procedures such as information Security Policy, Acceptable Use Policy, Third-Party Risk Management Standard, and Incident Response policy. etc.
Track and monitor the policies’ version control and distribution to the key stakeholders as well as the management of the entire policy lifecycle.
Facilitate the annual review of all information security-related policies while ensuring input is collated.
Manage the risk register and develop corresponding risk treatment plans while working with various teams to ensure remediation is completed in a timely manner.
Conduct a security control assessment to identify any control gaps within the organization.
Performed risk assessment for third-party/vendors.
Developed a vendor questionnaire and analyzed the vendor responses.
Mature and automate repeatable processes to document, prioritize, manage, remediate, and monitor risks within the enterprise
Mapped organization cybersecurity control with NIST Cybersecurity Framework and identified control gaps.
Lead security controls audits, control self-assessments to ensure controls are appropriately designed and operating effectively as required by security best practices, contractual obligations as well as regulatory requirements.
Evaluate and support the implementation of controls to address applicable regulations such as PCI DSS, HIPAA, GDPR, and complete PCI DSS annual self-assessment.
Collaborate with external auditors as the enterprise Lead on audit engagement i.e., SOC 2, Audit Readiness Engagement, Compliance Audit, etc.
Interpret standards and provide subject matter expertise and assist in the creation of appropriate IS compliance requirements per various information security frameworks/standards like COBIT, NIST Security & Privacy, ISO
Support the business goal of building a culture of security by collaborating with the CISO on security awareness training initiatives and Phishing campaigns
Stay abreast of the latest industry trends and events that impact the security or regulatory environment within the industry space
Aid in the development of action plans from findings and present Clear and concise information on risk to management
Documenting Incident response procedures and processes.
Providing written and final incident reports to executive management.
Collaboration with departmental IT teams to identify the root cause of recuring incidents and create action plans to remediate and prevent recurring situations.
Cyber Security GRC Specialist PIEDMONT NATIONAL 07/2020 – 03/2021
Developed and reviewed information security policies, standards, processes, and procedures such as information Security Policy, Acceptable Use Policy, Third-Party Risk Management Standard, and Incident Response policy. etc.
Manage the risk register and develop corresponding risk treatment plans while working with various teams to ensure remediation is completed in a timely manner.
Mapped organization cybersecurity control with NIST Cybersecurity Framework and identified control gaps.
Support the business goal of building a culture of security by collaborating with the CISO on security awareness training initiatives and Phishing campaigns
Stay abreast of the latest industry trends and events that impact the security or regulatory environment within the industry space
Aid in the development of action plans from findings and present Clear and concise information on risk to management
Evaluate and support the implementation of controls to address applicable regulations such as PCI DSS, HIPAA, GDPR, and complete PCI DSS annual self-assessment.
Building Policies in relation to the Organization need.
Carried out companywide Phishing campaign/Security training awareness
Conduct Risk Assessment In line with the Organization’s standard.
Asset Identification and Monitoring
Implementation of Incident Response and Business Continuity plan.
Performed risk assessment for third-party/vendors.
Help Desk Technician IT INFRASTRUCTURE (PIEDMONT NATIONAL) 05/2018 – 07/2020
Assign and issue laptops to new employees.
Assisted with troubleshooting laptop issues and employee account access issues.
Screened, referred, and diagnosed internal inquiries and work requests as they relate to the maintenance of personal computers and related systems.
Documented, monitored, and resolved incidents and completed work requests per Service Level Agreement (SLA) and departmental procedures.
Assisted with password and security questions resets.
Configured Multi Factor Authentication on all enterprise devices.
Worked with the security team on security incidents and remediation activities.
Hardening of wireless and wired networks for PC machines and mobile devices.
Provided information security support to account users.
Provided end-user software troubleshooting and support.
Assist with hardware configurations and system upgrades.
EDUCATION
Bachelor's Degree (International Studies & Diplomacy) University of Benin, Nigeria 2010
National Diploma (International Studies & Diplomacy) University of Benin, Nigeria 2006
SKILLWEED- Cyber Security Boot camp 2020
Contact this candidate