Security Analyst Information

Rexford De-Sosoo

*********@*****.*** 508-***-**** Bronx, NY https://www.linkedin.com/in/rexford-de-sosoo-a5B94938/ Summary

Seasoned Cyber Information Security Analyst with 13 years of progressive experience in mitigating risks and shaping cybersecurity strategies. Adept in conducting comprehensive risk assessments, developing and executing security policies, and aligning cybersecurity initiatives with business objectives. Proven expertise in managing vendor relationships and ensuring regulatory compliance to protect critical information assets. Eager to leverage a robust background in cybersecurity governance and risk. management to drive strategic security enhancement in a dynamic role. Work Experience

Intec Logic Global, LLC

Information Security Consultant (Training & Awareness Manager) Houston Jul 2024 - Present

• Enhanced organizational cybersecurity posture by conducting comprehensive risk assessments of information systems, ensuring compliance with industry standards (ISO 27001, GDPR, HIPAA) and regulatory requirements. Identified and mitigated potential threats and vulnerabilities, reducing security risks by 30 % and strengthening overall governance.

• Developed and enforced cybersecurity policies, procedures, and controls, ensuring compliance with industry standards

(ISO 27001, GDPR, HIPAA) and regulatory requirements. Strengthened security governance, reducing policy violations by 80%, enhancing organizational resilience against cyber threats.

• Strengthened regulatory compliance and risk management by conducting regular security audits, ensuring adherence to ISO 27001, GDPR, and HIPAA standards. Identified and resolved security gaps, enhancing operational resilience and reducing non-compliance risks by 90 %.

• Partnered with executive leadership, IT teams, and external stakeholders to align security Initiatives with core business objectives. Developed robust risk communication strategies that enhanced decision-making, leading to a 60

% reduction in unaddressed vulnerabilities.

• Delivered expert technical guidance on security technologies, optimizing the deployment of firewalls, intrusion detection systems, and encryption solutions. Strengthened network defense, improving threat detection efficiency by 50 % and enhancing data protection measures to align with industry best practices.

• Optimized third-party security compliance by evaluating and managing vendor relationships, ensuring alignment with organizational cybersecurity requirements. Strengthened risk management processes, reducing vendor-related security incidents by 80 % and enhancing overall system integrity.

• Designed and implemented a comprehensive Cybersecurity Education, Awareness, and Training Program, enhancing employees' understanding of governance and compliance requirements. Strengthened security culture across the organization, leading to 80 % increase in policy adherence and a measurable reduction in security incidents.

• Clients Supported

• University of Texas Health (UTHealth Houston)

• National Information Technology Agency (NITA),

Societe General Bank Inc.

Security GRC Analyst (Consultant) New Jersey Jun 2022 - Jun 2024

• Led comprehensive cybersecurity assessments aligned with NYDFS 500 regulations, ensuring full compliance and strengthening the organization's security posture. Identified and remediated key vulnerabilities, reducing regulatory risks and enhancing resilience against cyber threats.

• Designed and executed cybersecurity policies, procedures, and controls, ensuring compliance with NYDFS 500 requirements and industry best practices. Strengthened regulatory alignment and risk management, reducing security policy violations by 80 % and enhancing organizational resilience against cyber threats.

• Executed comprehensive cybersecurity assessments utilizing the FFIEC Cybersecurity Assessment Tool (CAT) to evaluate and enhance the organization’s cybersecurity maturity and risk profile. Identified key security gaps, leading to a 90 % improvement in risk mitigation strategies and overall compliance posture.

• Partnered with the Chief Information Security Officer and senior leadership to design and refine cybersecurity programs and policies, ensuring alignment with regulatory standards. Strengthened governance frameworks, leading to an 80 % improvement in compliance adherence and risk mitigation effectiveness.

• Supported the implementation of cybersecurity measures and facilitated the annual certification process, ensuring compliance with regulatory standards. Earned positive feedback from regulatory bodies and external auditors, contributing to 90 % improvement in security posture and audit success rates.

• Developed and delivered comprehensive reports and presentations for senior management, providing actionable insights into assessment findings, risk levels, and remediation progress. Enhanced strategic decision-making, leading to a 70 % improvement in risk mitigation efforts and compliance adherence.

• Led the DCS department through multiple cybersecurity assessments, including NYDFS 500, FFIEC CAT, and SWIFT, achieving measurable improvements in compliance and maturity levels. Strengthened regulatory alignment, reducing audit findings by 80 % and enhancing the organization's overall security posture. One Brooklyn Health, Inc.

Cyber Security Risk Analyst Brooklyn, New York Jan 2021 - May 2022

• Conducted comprehensive risk assessments across critical systems to identify potential threats and vulnerabilities, and developed strategic remediation recommendations that reduced overall risk exposure by 50%, significantly enhancing the organization’s cybersecurity posture and resilience.

• Collaborated with the first line of defense to expedite incident response, reducing resolution times by 60%, and effectively mitigating risks to critical operations.

• Collaborated with multiple agencies to develop and rigorously test comprehensive business continuity and disaster recovery plans, ensuring organizational resilience during security incidents and disruptions. This initiative reduced potential downtime by 70% and bolstered operational readiness to safeguard critical business functions. NYU Langone Medical Center

Information Security Risk Analyst New York Oct 2019 - Dec 2020

• Collaborated with cross-functional teams to conduct comprehensive risk assessments, identify cybersecurity vulnerabilities, evaluate their impact, and drive remediation efforts that ensured compliance with critical industry regulations.

• Led collaboration with cross-functional incident response teams to swiftly manage and resolve cybersecurity incidents, employing structured methodologies to detect, contain, and remediate threats while minimizing operational downtime.

• Partnered with legal departments to embed cybersecurity best practices into privacy policies, streamlining compliance with relevant laws and reducing potential data breach risks.

• Oversaw the maintenance of third-party compliance documentation and executed comprehensive security audits, reinforcing industry standard compliance and streamlining vendor risk management processes. Caring People Healthcare

Information Security Analyst (HIPAA) Bronx, New York Jun 2017 - Sep 2019

• Conducted regular, in-depth audits and assessments to ensure strict HIPAA compliance and safeguard PHI. Identified critical vulnerabilities and implemented targeted remediation measures that decreased non-compliance issues by 80% and reinforced data protection protocols.

• Spearheaded the development and rollout of comprehensive security policies, procedures, and controls to safeguard sensitive data while ensuring confidentiality, integrity, and availability. This initiative reduced risk exposure by 70% and enhanced compliance with industry standards during audits.

• Led company-wide IAM governance efforts by establishing comprehensive user access review processes, implementing role-based access controls, and enforcing segregation of duties. These measures significantly improved data security and reduced potential insider threats, cutting non-compliance risks by 90 %.

• Served as the primary point of contact for cybersecurity escalations, orchestrating a coordinated, timely response that minimized risks and preserved business continuity. This role reduced incident resolution times by 40% and enhanced overall operational resilience

United Nations Mission-DR. Congo

Information Security Analyst/Project Coordinator DR. Congo Jan 2010 - Apr 2017

• Managed IT project logistics through precise scheduling, efficient resource distribution, and strict budget compliance, resulting in enhanced project performance, on-budget deliveries, increase in stakeholder satisfaction and a 90% boost in overall quality outcomes.

• Proactively monitored emerging cybersecurity threats, evolving technologies, and industry best practices to deliver actionable recommendations that enhanced agency defences. This forward-thinking approach improved overall threat mitigation effectiveness by 80%, strengthening the organization's security posture and operational resilience.

• Worked in tandem with PMO, IT, and Engineering teams to develop and enforce security protocols, proactively managing project challenges and ensuring strict adherence to policies. This cross-functional teamwork not only elevated security standards but also delivered a 75% uptick in project performance and compliance.

• Collaborated with both internal and external auditors to conduct comprehensive audits, integrating critical security measures into PMO processes. This initiative streamlined compliance workflows, reduced identified security gaps by 80%, and strengthened overall project risk management. Education

University of Roehampton

Master of Science, Project Management UK, London Takoradi Technical University

Bachelor of Science, Civil Engineering Ghana, Takoradi INFORTEC Logic Academy

Cyber and IT Security Training/Certification US, New York Certifications

Certified in Risk and Information Systems Control (CRISC) ISACA 2024 Certified Information Security Manager (CISM) ISACA 2022 Certified Information System Auditor (CISA) ISACA 2022 Skills

Project Management, Compliance Strategies, Policy Management, Access Controls, Incident Response, Threat Analysis, Vulnerability Assessment, Intrusion Detection, Risk Analysis, Network Security, Risk Assessment, Vulnerability Management, Firewalls, System Management, Regulation Compliance, Governances, Business Continuity, Data Privacy

Contact this candidate