Cybersecurity Analyst with Risk & Compliance Expertise

SHARON KAYE ENCHILL

NY, NY 347-***-**** *********@*****.***

Professional Summary:

Dedicated Cybersecurity Analyst with strong expertise in risk assessment, threat mitigation, and security compliance. Skilled in vulnerability scanning, policy development, incident response, and security frameworks such as NIST CSF, CIS, RMF, and industry best practices. Adept at monitoring security threats, optimizing controls, and enhancing organizational cyber resilience. Passionate about security awareness and proactive defense against emerging threats.

Core Skills

- Risk Management & Mitigation. Vulnerability & Security Assessments. Security Policies & Procedures

- Threat Detection & Incident Response. Endpoint & Network Security. Compliance Monitoring & Frameworks (NIST CSF, RMF, IS27001). Vulnerability Management & Patch Coordination. Security Documentation TPRM, CRM

Professional Experience

Cybersecurity Analyst

Mandarin Oriental Hotel Group NY. May 2024 – Present

Conducted vulnerability assessments and risk analyses to identify and remediate security gaps, ensuring compliance with industry standards.

Developed and enforced security policies, procedures, and best practices to improve overall security posture.

Monitored security logs and alerts, detecting and responding to cyber threats in real time.

Collaborated with cross-functional teams to support IT audits, assess risk posture, and recommend mitigation strategies.

Collaborated with cross-functional teams during IT audits, facilitating discussion and presenting findings to stakeholders

- Developed and maintained asset criticality classifications, overseeing distribution and VLAN management in partnership with IT teams for vulnerability remediation.

- Conducted bi-monthly asset inventory audits, identifying outdated or legacy assets, and purging them to optimize license usage and reduce costs.

Coordinate internal penetration testing projects by working with stakeholders to define scope for all VLANs within their network, assessing VLAN criticality and coordinating testing with third-party vendors.

- Engaged in vendor meetings to discuss scope, expectations, and deliverables for pen tests, ensuring comprehensive Internal Pen testing process.

RMF Intern - Eretimis Inc. NY.

January 2023 – November 2023

Performed security control assessments using FIPS 140-2, NIST 800-88, and NIST 800-53 Rev 4 to ensure compliance and mitigate risks.

Monitored vulnerability scans; coordinated patch management for critical, high, and medium vulnerabilities.

Maintained and updated security documentation, including SSP, PIA, PTA, and SIA, for compliance purposes.

Assisted HR in developing and delivering cybersecurity awareness training to improve employee knowledge on security best practices.

Reviewed bi-monthly vulnerability scan reports to ensure timely patching of identified vulnerabilities.

Education

Bachelor of Science

Central University — Accra, Ghana

Certifications

CompTIA Security+ (Renewing)

Tools & Technologies

- Jira, Qualys, Snow MDR, CrowdStrike, Process Unity

- Bit9, Threat locker whitelisting Tool, Smartsheet, Office 365, Teams, Slack

References

Available upon request.

Contact this candidate