Information Security Analyst
Resume:
Ambe Niba Kisitor
**********@*****.*** 240-***-**** Dallas, Tx LinkedIn
Information Security Analyst
Dedicated Information Security Analyst with over eight years of experience in safeguarding critical information systems across Aerospace, Banking, E-commerce, and Insurance industries. Proven expertise in Risk Management Framework (RMF), network security architecture, vulnerability assessment, and application security. Adept at identifying and mitigating cybersecurity risks, ensuring regulatory compliance, and driving continuous improvement initiatives. Passionate about integrating GRC practices with leadership and interpersonal skills to strengthen organizational security posture and protect against cyber threats.Skills & Competencies
●Risk Management & Compliance (NIST 800-53, ISO 27001, SOC 2, PCI-DSS, HIPAA)
●Vulnerability Management & Threat Intelligence
●Security Auditing & Continuous Monitoring
●Policy Development & Security Controls Implementation
●Incident Response & Security Risk Mitigation
●Security Awareness Training & Phishing Simulations
●Process Improvement & Cross-Functional Collaboration
●Critical Thinking & Problem Solving
●Communication & Stakeholder Management
Technical Proficiency
●Risk Management Framework (RMF) Information Security Systems Cybersecurity Principles
●Network Security Architecture Application Security Vulnerability Assessments Security Oversight
●Compliance Management (SOX, PCI-DSS, GLBA, HIPAA)
●Policy Development Security Controls & Standards Regulatory Compliance
●Tools: GRC (ServiceNow, Archer), JIRA, Microsoft Excel, POAM, SSP, BCP
PROFESSIONAL SUMMARY
Senior GRC Compliance/Security Analyst
Boeing Irving,Tx March 2020 - Present
●Develops and implements compliance frameworks (NIST, ISO 27001) tailored to organizational needs, reducing security risks by 30% and improving audit readiness.
●Conducts regular assessments of NIST compliance, identifying 90% of potential vulnerabilities and recommending mitigation strategies that decrease non-compliance incidents.
●Partners with product development teams to ensure secure SDLC, leading to a 25% reduction in security flaws in production releases.
●Collaborates with IT, legal, and enterprise information teams to enforce mandated security controls, improving cross-functional security alignment by 35%.
●Provides guidance on access management, data encryption, disaster recovery, and business continuity, increasing system resilience and reducing downtime.
●Delivers periodic security reporting, addressing compliance gaps and promoting policy adherence, leading to 95% adherence to security policies across teams.
●Creates and monitors training programs on compliance, threat intelligence, and phishing simulations, improving employee security awareness scores by 50%.
●Supports internal stakeholders on security topics to ensure risk mitigation and regulatory compliance, reducing security incidents by 30% year over year.
Cybersecurity Risk Analyst/Risk Assessor
Freshly Laurel MD February 2018 to February 2020
●Conducted risk assessments and maintained risk registers, collaborating with risk owners on mitigation strategies, reducing identified risks by 35%.
●Managed security incidents and supported compliance, security, and risk inquiries from stakeholders, improving incident resolution time by 40%.
●Built and maintained a knowledge base for information security responses and questionnaires, streamlining security inquiries and reducing response time by 50%.
●Performed timely third-party security assessments, ensuring ISO 27001 and GDPR compliance.
●Developed and implemented security policies and procedures in line with regulatory requirements.
●Conducted gap analyses and prepared detailed reports for risk mitigation and compliance enhancement, leading to 90% compliance during audits
Information Security Analyst
TD Bank Silver Spring, MD July 2017 to Jan 2018
●Performed comprehensive security assessments to identify vulnerabilities and mitigate risks.
●Developed and implemented security controls, ensuring compliance with industry regulations.
●Led security authorization reviews and continuous monitoring efforts.
●Evaluated security architecture and risk management plans, addressing compliance gaps.
●Provided critical insights through risk analyses, including threat, vulnerability, and impact assessments.
Third Party Risk Analyst
Travelers Inc Hartfort,CT January 2016-June 2017
●Evaluated risks associated with third-party vendors via due diligence and compliance reviews.
●Managed the vendor onboarding process and ensured proper risk assessment and documentation.
●Developed risk mitigation plans and collaborated with legal, compliance, and security teams.
●Continuously monitored third-party activities and emerging compliance risks.
●Delivered regular reports summarizing risk assessments, mitigation strategies, and key metrics
EDUCATION
●Master of Arts in Contemporary Literature University of Yaoundé 1, Cameroon
●Bachelor of Arts in English and Literature University of Yaoundé 1,Cameroon
CERTIFICATIONS
●CompTIA Security+
●Certified Information Systems Security Professional (CISSP)
●Certified Information Security Manager (CISM)
Contact this candidate