Risk Assessments Network Security

Thierry Bodog

Silver Spring*****, USA

+1-240-***-**** *************@*****.**

www.linkedin.com/in/thierry-nmichel-bodog-538070340 PROFESSIONAL SUMMARY

Proficient in identifying and assessing IT security risks. strong understanding of governance frameworks and compliance requirements. Role has always been to help clients identify cybersecurity related improvements, conduct cybersecurity risk assessments, conduct cybersecurity scans and testing, document cybersecurity related policies and procedures, and respond to cybersecurity related issues. Experienced in conducting internal audits and collaborating with external auditors to evaluate compliance and security posture, with a focus on implementing corrective actions. My analytical prowess and interpersonal skills shone as I navigated complex compliance programs, leveraging tools like Splunk and ZenGRC to safeguard information and ensure industry standards, notably ISO 27001, NIST 800 171 and COBIT, were met. SKILLS

• Governance, Risk, & Compliance

(GRC)

• Risk Assessments & Compliance

Audits (ISO 27001, NIST, SOC 2)

• Strong Analytical &

Communication Skills

• Cybersecurity Tools (Splunk,

Wireshark, Tcpdump, NetScout,

Clone Systems)

• Vulnerability Scanning & Security

Controls (ACAS, Nessus, SIEM)

• Network Security & Troubleshooting

(Cisco, Juniper, Firewalls, IDS, SIEM)

• Penetration Testing & Incident

Response (SOC, Threat Monitoring,

SOAR, PKI)

WORK EXPERIENCE

DECEMBER 2021-AUGUST 2024

Cyber Security GRC Analyst

Samsung SEA Plano, Texas, USA

• Collaborated with the Samsung SEA Compliance team and senior partners to deliver client and backend support, successfully obtaining third-party certifications such as ISO 27001 and COBIT Framework certifications.

• Conducted internal and annual audits to monitor and improve the Information Security Management Systems (ISMS).

• Performed risk management practices and employed risk-based thinking to drive prioritization. Utilized the Samsung SEA Compliance System internal portal daily to understand compliance requirements.

• Evaluated Samsung SEA technologies for compliance with information governance controls, including access, authentication, encryption, logging, and retention.

• Utilized Splunk (SIEM Tool) to collect logs and security-related documentation from various sources, including servers, network devices, and domain controllers for data aggregation.

• Gained a solid understanding of common security and privacy frameworks and regulations (e.g., ISO 27001, ISO 22301, ITGC, COBIT, NIST800 171, NIST 800 53, CMMC, DFARS, CIS, SOC 2, HIPAA, HITRUST, PCI-DSS). AUGUST 2020-DECEMBER 2021

Network Security Analyst

General Dynamics IT Fall Church/VA

• Worked as a Network Security Engineer for GDIT, participating in the Priority Telecommunications Services (PTS) program to ensure priority communications in public telecommunications networks.

• Analyzed and configured various network communication devices, including routers, switches, firewalls, and cybersecurity systems.

• Worked as SOC Mid-Level Analyst supporting the development of processes, procedures, and analyze event messages to rapidly and assuredly identify and respond to Indicators of Compromise (IoC).

• Continuously monitored SIEM and on-premises infrastructure/cloud applications for security events to threats & intrusions such as SIEM alerts, Phishing emails inbox, intel feed via US-CERT, MS-ISAC.

• Assists with creating and tuning Security Orchestration and Automation (SOAR) playbooks and automated workflows.

• Perform scripted penetration testing and vulnerability scanning utilizing tools like Clone Systems.

• Participate in activities related to cybersecurity incident response and remediation.

• Monitored the network, utilizing cybersecurity tools such as Linux, SQL, Python, Wireshark, SIEM, IDSs, Splunk, Packets Sniffers, Tcpdump, NetScout, Public Key Infrastructure Service(PKI), SolarWinds and others CERT tool such as EnCase, FTK Imager, Caine (Computer Aided Investigative Environment), Xplico.

• Analyzed call traces and network testing data (SIP, HTTP, TCP/IP, TLS), Integrated Services Digital Network User Part

(ISUP) Initial Address Messages (IAM), and SIP Invite messages using network troubleshooting tools such as Iris View and Wireshark.

EDUCATION

BSEE

University of the District of Columbia, Washington DC CERTIFICATIONS

• CRISC (Certified in Risk and Information Systems Control)

• One Trust (PIA & DPIA Automation Expert, Tech Risk & Compliance, TPRM) Professional Certifications

• CompTIA Security+

• Google Cybersecurity Professional Certification

PROJECTS

NIST Cybersecurity Framework (CSF) & National Cyber Security Review (NCSR) 02/01/2021-04-15/2021

• Hands-on experience in cybersecurity assessments and compliance enhancement. INTERNSHIPS-PRACTICAL TRAININGS

One Trust Internship & Certifications (2024) 12/01/2024 - 12/31/2024

• Specialized in Privacy Impact Assessments, Data Privacy Impact Assessment, Tech Risk & Compliance, Third-Party Risk Management, and Compliance Automation.

TOOLS

• GRC Tools – ZenGRC, Hyperproof, Cyber Sierra, RSA Archer, Apptega.

• Security & Forensics – Splunk, Wireshark, Nessus, Tcpdump, Clone Systems, FTK Imager.

• Network Security – Cisco, Juniper, SIEM, IDS, SOAR, Firewalls, PKI.

Contact this candidate