| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateNkemchap Yakou Tel: PHONE NUMBER AVAILABLE Email: EMAIL AVAILABLEEssential SkillsRisk Management & ComplianceGovernance Frameworks (ISO, NIST, RMF,)Regulatory Compliance (GDPR, HIPAA, SOC 2)Policy Development & DocumentationSecurity Awareness TrainingIncident Response PlanningVulnerability & Threat AnalysisVendor Risk ManagementInternal & External Audit SupportData Protection & PrivacyPlan of Action and Milestone (POA&M)SUMMARYDynamic and detail-oriented GRC Analyst, Information system Security Officer with over 7 years of experience in risk management, compliance frameworks (ISO 27001, RMF, NIST 800-53, GDPR, SOC 2), and policy development. Proven track record in assessing, implementing, and managing information security controls while ensuring adherence to regulatory requirements. Expertise in risk assessments, security audits, and creating comprehensive compliance reports for stakeholders. Passionate about improving security postures by applying strategic governance models and control frameworks that ensures the protection of sensitive information assets.EXPERIENCEGRC Analyst- Randstad US, Atlanta, Georgia 03/2024-Present.Lead the development and implementation of GRC processes aligned with NIST 800-37 to ensure effective risk management and compliance with organizational objectives.Perform risk assessments for information systems, identifying gaps, evaluating control effectiveness, and providing recommendations for mitigation.Develop, implement, and maintain security policies and procedures to support ISO 27001, PCI-DSS, and SOC 2 compliance requirements.Conduct regular security awareness training programs, increasing organizational understanding of compliance obligations and best practices.Coordinate with internal teams to prepare for regulatory audits and third-party assessments, achieving a 100% reduction in compliance issues year over year.Implement and monitor third-party risk management processes to evaluate vendor security and compliance posture.Collaborated with cross-functional teams to perform regular internal audits, mitigating compliance issues and enhancing risk management strategies.Information System Security Officer Accenture, Arlington, VA 06/2022- 12/2023.Develop, update, and maintain System Security Plans (SSPs) for information systems, ensuring alignment with NIST 800-53 controls.Conduct regular risk assessments and security control assessments (SCAs) to identify and mitigate vulnerabilities, enhancing system security.Implement continuous monitoring strategies, including automated vulnerability scans and manual review of system logs, to maintain system compliance and security posture.Serve as the primary liaison between the organization and federal auditors to ensure compliance with FISMA requirements, leading to successful Authority to Operate (ATO) approvals.Develop and maintain Plan of Action and Milestones (POA&Ms) to track the remediation of identified vulnerabilities and ensure timely closure.Provide security awareness training to system users, increasing compliance with security protocols and reducing security incidents.EDUCATION2023 -2024 Masters in Cybersecurity Technology University of Maryland Global Campus2009 - 2012: Bachelor of Science: University of Buea, Cameroon.CERTIFICATIONCertified Information Systems Auditor (CISA) - License # 201308388.AWS Certified Solutions Architect - Associate License # 9VBP99LB2NEE1BC8.CompTIA Security+ CE - License # -COMP001021667495 |
