GRC Analyst

ALAIN R. MVONGO

Bronx, NY

***-***–****

************@*****.***

PROFESSIONAL SUMMARY

Forward-thinking GRC Analyst with experience implementing ISO 27001 and NIST Cybersecurity Framework initiatives, resulting in a 40% reduction in compliance gaps and improving overall security posture. Demonstrated success in managing and executing GRC initiatives, leading cross-functional teams to achieve a 20% reduction in risk visibility and a 40% increase in audit readiness. Sought-after for expertise conducting risk assessments and audits to ensure adherence to regulatory standards, including SOX, GDPR, HIPAA, and PCI DSS, leading to a 40% improvement in audit outcomes and a significant decrease in potential penalties. Leveraging data-driven insights and collaborative efforts ensures sustainable GRC strategies that support organizational objectives.

CORE COMPETENCIES

●Governance, Risk, & Compliance (GRC)

●Risk Assessment & Mitigation

●Incident Response Planning

●Regulatory Compliance

●Compliance Monitoring

●Third-Party Risk Management

●Data Privacy Management

●Third-Party Risk Assessment

●Audit Management

●Internal Audit Coordination

●Compliance Assessment

Corporate Governance

EXPERIENCE

Risk Analyst UL Solutions, New York, NY 2022 – Present

●Led the analysis and evaluation of risk management strategies, improving compliance with ISO 31000 standards and reducing operational risks by 18% across key business functions.

●Assessed operational risks across key divisions, driving the adoption of risk mitigation measures that reduced financial loss exposures by 20%.

●Played a key role in implementing an enterprise risk management (ERM) system, improving risk identification and mitigation processes, resulting in a 15% reduction in enterprise-level risks.

●Collaborated with cross-functional teams to assess third-party risks aligned with NIST SP 800-30 guidelines, reducing vendor security incident response times from 48 hours to 24 hours.

●Spearheaded risk awareness training programs, educating 50+ employees on risk policies and procedures, which resulted in full compliance with internal risk guidelines.

●Reviewed and optimized the organization's risk management framework, aligning with COSO and NIST standards, improving overall risk management efficiency by 20%.

Governance Risk & Compliance Analyst Data Service Group Inc, Bear, DE 2018 – 2022

●Crafted a governance model that integrated on cloud-based solutions that enhanced operational efficiency by 30% and streamlined client onboarding by 25%.

●Engineered a compliance assessment engine that readjusted risk metrics in real-time, leading to a 20% boost in client trust and regulatory alignment.

●Overhauled third-party vendor management processes, increasing vendor compliance rates by 50% and ensuring real-time alignment with GRC regulatory standards.

●Conducted compliance training programs for employees and clients, boosting engagement and policy adherence by 50%, and fostering a stronger risk management culture.

●Executed a risk management framework tailored to Data Service Group Inc.'s IT solutions, reducing operational risks across customer systems, while ensuring secure, scalable network designs.

IT Support Specialist/Linux Administrator Orange Cameroon, Cameroon 2012 – 2017

●Installed hardware components across the entire system, ensuring seamless integration with Linux-based software distributions, reducing hardware-software incompatibility issues by 15%.

●Evaluated existing IT infrastructure, presenting detailed recommendations for overhauls that resulted in an improvement in system performance and a reduction in maintenance costs.

●Formulated and implemented comprehensive administrative policies, standardizing operations across 10+ systems and facilities, which improved workflow efficiency and reduced system downtime.

●Executed a company-wide backup automation strategy using Linux-based tools, minimizing manual intervention by 35% and ensuring full data restoration compliance.

●Automated routine IT tasks using Bash scripts, reducing manual workload across support teams while enhancing overall system stability and user satisfaction.

EDUCATION

Bachelor of Science: Management Information Systems

University of Yaounde, Yaounde, Cameroun

CERTIFICATIONS

Certified Information Systems Auditor (CISA) In-view

Certified in Risk and Information Systems Control (CRISC) In-view

TECHNICAL ACUMEN

IT Service Management: Jira, ServiceNow

DevOps Tools: Git, Jenkins, Ansible, Terraform, Docker, Kubernetes, AWS DevOps Tools & Services

Web/Application Servers: Apache, Tomcat

Monitoring & Logging: Splunk

Operating Systems: Linux (RedHat, Centos 6/7), Mac, Windows

Scripting and Automation: Bash, PowerShell, YML, Groovy

Contact this candidate