| 20,000+ Fresh Resumes Monthly | |
|
|
| | Click here or scroll down to respond to this candidateCandidate's Name
Dubuque, Iowa, US EMAIL AVAILABLE PHONE NUMBER AVAILABLE LINKEDIN LINK AVAILABLESUMMARYA versatile and proactive professional with extensive experience in compliance, audit, and risk management. Skilled in creating and implementing best practices for information security, compliance, and risk through audits, assessments, and policymaking. Proficient in PCI, SOC 1 and 2, FDA, HITRUST, NIST, ISO 27001, and HIPAA regulations, as well as documentation best practices.Risk Management Auditing Data Analysis Team Leadership Training Documentation ReviewInformation Security Project Management Regulatory Compliance Strategic Planning Program DevelopmentEXPERIENCERisk ConsultantTransUnion December 2021 - December 2023, Chicago, IllinoisLed business process initiatives for four business groups, providing compliance-related consultation and suppliers for compliance with information security-related requirements in supplier contracts. Partnered with Legal and teams to influence and support the consistent execution of the global compliance program.Co-developed a training program for new team members.Created and updated standardized information-gathering questionnaires for various services.Developed short-term goals and a long-term strategic plan to improve risk control and mitigation.Participated in daily systemwide huddle calls.Presented risk findings with detailed analysis.Conducted assessments of Neustar suppliers for compliance with information security-related requirements in supplier contracts.Assist with ad-hoc customer information security related information requests to ensure tracking, prioritization, engagement of appropriate internal functions/personnel, and timely response to customers.Participate in contract reviews to ensure information security related requirements are accounted for in established controls or if new controls or control changes will be required.Participate in responses to information security related compliance questions from prospective customers in questionnaires, and existing customers in audit questionnaires.Engage with business units to perform and coordinate technical assessments to identify and analyze cybersecurity risks. Assessments to include architecture reviews and analysis of security testing from vulnerability assessments and penetration testing. Analyze risks for likelihood and impact. Provide analysis results and mitigation recommendations.Act as a liaison between the risk, technology and security functions and the business units to help facilitate risk management program processes and activities.Acquired PCI DSS certification.Compliance and Audit LeaderTELEPERFORMANCE January 2021 - December 2021, Salt Lake City, UtahManaged overall audit and compliance program, ensuring business operations within policies, procedures, and regulatory guidelines. Facilitated all aspects of audits, such as HITRUST, PCI, SOC 1 Type 2, and SOC 2 Type 1 and 2 audits.Assessed Teleperformance suppliers for compliance with information security-related requirements in supplier contracts.Developed a program for gathering evidence for audits.Cultivated an Agile environment, fostering collaboration with team members and SMEs during audit procedures.Align current business processes with client requirements and external security standards/obligations, such as NIST, FISM, PUB1075, ISO 27001:2013, PCI-DSS, HIPAA/HITRUST, etc., as well as Service Organization Control reportingIdentify, document, and assist in the remediation of security deficiencies and gaps with business suitable controlsReview Statements of Work, Master Service Agreements, and other contracts for security obligations and identify areas of exposureServe as a liaison between internal and external customers and management to maximize the adoption of and support for security plans and procedures within the organization.Serve as a liaison between the organizations clients and security auditors, concerning information securityIdentify and lead the appropriate subject matter experts to participate in the identification and analysis of risk scenariosCollect and review control evidenceRegulatory Compliance AdministratorIBM October 2014 - November 2020, Dubuque, IowaManaged and coached the regulatory team to maintain industry knowledge and skills in compliance, audit, and risk management to improve internal processes and practices. Ensured compliance and adherence to state, national, and international requirements, including Sarbanes-Oxley (SOX), PCI, HIPAA, GDPR, ITAR, and CCPA. Responded to external and internal audits, continuous monitoring, penetration tests, and various vulnerability assessments, including ongoing monitoring of compliance control to ensure constant functionality through ongoing infrastructure upgrades and changes.Developed and delivered training content for a division of 30 employees during tenure as administrator.Created document program to eliminate use of hard-copy documents.Oversaw development of Watson Health project.Mentored and coached junior team members, enhancing regulatory, strategic, and operational performance.Facilitated and participated in internal audits by identifying compliance issues.Created and advised team on improving internal controls and processes while preparing for risk assessments during audits.Served as single point of contact for audits which included routing data requests to delivery teams, reviewing responses prior to replying to auditors.Performed qualification and validation activities for document management system used to assign and track IBM and customer regulatory documentsResponded to external and internal audits, continuous monitoring, penetration tests and various vulnerability assessments, including ongoing monitoring of compliance controls to ensure constant functionality through ongoing upgrades and changes.Single point of contact for audits which included routing data requests to delivery teams, reviewing responses prior to replying to auditorsEnsured compliance and adherence to state, national, and international requirements including Sarbanes-Oxley (SOX), PCI, HIPAA, GDPR, ITAR and CCPACoordinated corrective actions to respond to audit findingSecurity Compliance AnalystIBM June 2011 - October 2014, Dubuque, IowaEstablished and maintained security and compliance for assigned accounts. Designed a training program for new team members. Created action plans and responses to all audit observations.Piloted audit readiness reviews by assessing account compliance to contractual requirements, as well as IBM and client security documents and global process documents.Collaborated with other teams while conducting health checks on servers of customers.Created daily, weekly, and monthly reports for the account teams reporting on the status of health check progress.Conducted research on how to create a tool to automate health check process. Produced web page and video for global audience on how to conduct auditsCMA/Lab SupervisorCrescent Community Health Center October 2008 - November 2010, Dubuque, IowaManaged the collection, analysis, and interpretation of 100+ lab results daily, ensuring compliance with industrystandards and regulationsManaged and oversaw daily clinic laboratory operations, facilitating efficient employee training for a team of 10 staffmembersManaged and optimized lab testing procedures, resulting in improved accuracy and increased cost savings.Automated patient data entry and test result processing for billing, streamlining operations and facilitating in-housepatient care servicesEstablished relationships with nearby medical providers and facilities to procure appointments for low-incomepatients, resulting in a 20% increase in patient access to care.Execute Medical Assistant duties to facilitate smooth patient care and workflow, including conducting vitals, EKGsand patient histories in a high-volume clinic setting.EDUCATIONBachelor of ArtsTheology Apostolic Bible Institute St. Paul, Minnesota 3.60Certification -ParamedicUniversity of Iowa Iowa City, Iowa 4.0AAS NursingNORTHEAST IOWA COMMUNITY COLLEGE US, Iowa, Peosta 4.0CERTIFICATIONSPCI DSSAWARDSIBM-3 MANAGER CHOICEIBM-1 EMMINENCE AND EXCELLENCE |