| | | 20,000+ Fresh Resumes Monthly | |
|
|
| | Related Resumes Risk Management Data Analysis Herndon, VA Risk Management Data Scientist Vienna, VA BI, SQL, web security, data analysis, risk management Great Falls, VA Business Analyst Data Management Washington, DC Information Security Risk Management Washington, DC Risk Management Security Officer Riverdale, MD Team Lead Risk Management Alexandria, VA |
|
Click here or scroll down to respond to this candidateCandidate's Name
Bluemont, Virginia EMAIL AVAILABLEGRC Analyst CyberSecurity Risk Analyst RSA Archer Developer Data AnalystSUMMARYProven track record of achieving results in technology, oil, finance, health, agriculture, management consulting, and Federal sectors across international markets. Established and evaluated global Governance, Risk and Compliance (GRC) and business continuity programs, ensuring compliance with regulations and standards and high availability operations. Streamlined risk management processes through the implementation and integration of GRC systems. Resolved complex business challenges in diverse international settings using analytical, technical, communications, and negotiation skills.KEY SKILLS-Successfully managed global GRC programs, ensuring adherence to international regulations and standards.-Implemented processes and systems to enhance business continuity and disaster recovery, and third party management.-Proficient in RSA Archer and Navex KeyLight, leveraging these systems to enhance risk management processes and business continuity.-Utilized qualitative and quantitative risk analysis methods to identify and mitigate risks.-Expertise in international regulations and standards, including ITIL, COBIT, ISO, CIS, SOX, COSO, PCI, HiTrust, HIPAA, AUP-SIG, NIST 800, RMF, CSF, FedRAMP, FISMA, SOC, and DoD 8500.-Applied data analytics, business intelligence, and data visualization techniques to drive informed decision-making.-Ensured effective IT governance, risk management, high-availability operations, business continuity and disaster recovery.-Excelled in building and maintaining strong relationships with stakeholders.PROFESSIONAL EXPERIENCEGRC Analyst - RSA Archer (Consultant) CastleHill Risk Solutions, Amherst, NH Oct 2023 Sep 2024-Developed, and implemented data governance and vulnerability management solutions using RSA Archer, resulting in enhanced data management and security of IT assets.-Created new systems using RSA Archer that streamlined and enhanced the management of record inventories, retention schedules, IT assets, scans, vulnerabilities, CVEs, and remediation plans.-Successfully integrated GRC systems with advanced workflows, data feeds, complex calculations, and special permissions.GRC and RSA Archer (CyberSecurity) Consultant OneMain Financial (Contractor), Evansville, IN Jul 2021 Sep 2023-Designed, developed, and implemented cybersecurity systems using RSA Archer, resulting in enhanced exception request management, insider threat mitigation, and application security.-Created new processes and systems using RSA Archer that streamlined and enhanced the management of third party security, business impact analysis, business continuity, and disaster recovery.-Successfully integrated GRC systems with advanced workflows, data feeds, calculations, and special permissions.GRC and RSA Archer (IT Audit) Consultant PRICEwaterhouseCOOPERS (Contractor), Tampa, FL Jun 2019 - Apr 2021-Created and implemented complex GRC solutions using RSA Archer, improving audit processes, risk management, and control procedures.-Collaborated with stakeholders to automate assessment processes for various frameworks, resulting in streamlined audits.-Enhanced management of ISO 27000 audits, including vendor management, procurement requests, and contract management.-Successfully executed RSA Archer migration from version 6.2 to 6.4.GRC and RSA Archer (Assessment and Authorization) Subject Matter Expert DEPARTMENT OF ENERGY (Contractor), Washington, D.C. Apr 2018 - Jun 2019-Developed custom applications for risk management, risk remediation plans, and integrated RSA Archer SSO with ADFS and OneID.-Supported ATO processes by assessing key applications against NIST 800 controls and the Risk Management Framework (RMF).GRC and RSA Archer Subject Matter Expert DEPARTMENT OF HOMELAND SECURITY (Contractor), Washington, D.C. Jun 2017 - Mar 2018-Supported RSA Archer integration for the Continuous Diagnostic and Mitigation (CDM) program, improving cybersecurity capabilities.-Successfully deployed RSA Archer, applications, data feeds, APIs, and Python scripts for Splunk integration.GRC Consultant & RSA Archer Developer WELLS FARGO (Contractor), Charlotte, NC Nov 2016 - Jun 2017-Created comprehensive exceptions and risk management solutions for a large international bank.-Implemented complex workflows, calculations, data-driven events, custom objects, and customized dashboards.-Integrated 30+ internal and external data feeds and APIs, contributing to Agile development processes.GRC Consultant & RSA Archer Developer CHARLES SCHWAB (contractor), San Francisco, CA Jul 2015 - Nov 2016-Developed and implemented enhanced risk, issues, and policy management solutions using RSA Archer 5 and 6.-Designed and executed complex workflows, calculations, and data-driven events, streamlining risk assessment and remediation planning processes.-Collaborated closely with stakeholders to identify requirements, resulting in customized applications for issues, findings, risk, exceptions, remediation plans, policies, and compliance assessments.-Ensured data integrity and security throughout the system through the application of RSA Archer expertise.GRC and Senior RSA Archer Consultant DEPARTMENT OF ENERGY (Contractor), Washington, D.C. Aug 2014 - Jul 2015-Designed and developed comprehensive RSA Archer solutions and prototypes for the Department of Energy, resulting in the successful implementation of compliance, risk management, POA&Ms, metrics, audit, and security initiatives.-Established robust security frameworks and assessment methodologies, ensuring compliance with NIST 800 and the Risk Management Framework (RMF).-Created data collection questionnaires and authorization processes that significantly improved the efficiency and accuracy of compliance assessments.-Collaborated with cross-functional teams, delivering customized RSA Archer solutions to meet unique requirements.Senior Security Consultant Governance, Risk & Compliance (RSA Archer Consultant) FISHNET SECURITY Herndon, Virginia Feb 2012 - Jul 2014-Developed and implemented enterprise-wide GRC programs utilizing RSA Archer and KeyLight eGRC systems, resulting in improved risk management and regulatory compliance for clients.-Conducted comprehensive GRC, security, and SOC assessments, providing organizations with actionable insights to meet regulatory and compliance requirements.-Designed and delivered highly effective GRC management programs encompassing IT governance, frameworks, policies, procedures, and analysis methodologies.-Leveraged RSA Archer and Agile methodologies to deliver customized solutions that precisely aligned with clients' unique needs, resulting in enhanced efficiency and effectiveness.-Demonstrated expertise in guiding organizations through the implementation of GRC systems, enabling them to achieve improved risk management and regulatory compliance.Project Lead / Information Security Analyst DEPARTMENT OF DEFENSE (Contractor) Fort Meade, MD Aug 2010 - Feb 2012-Served as Project Lead for a variety of DoD information assurance projects, successfully overseeing their completion within tight timelines and budget constraints.-Provided analytical, technical, and management support for Certification & Accreditation (C&A), resulting in enhanced security posture and compliance with regulatory standards.-Identified and implemented enhancements for security policies, risk management, security architecture, vulnerability management, business continuity, continuous monitoring, and incident monitoring, significantly improving the organization's overall security posture.-Implemented policy, audit, risk, and compliance processes that ensured adherence to regulatory requirements and industry best practices.EDUCATIONM.S. Computer Science, First Honors Ateneo UniversityM.A. Economics University of OklahomaB.S. Electrical Engineering & Computer Science University of California, BerkeleyCERTIFICATIONSRSA Archer Certified Professional (ACP) CISA CISSP CCNAPUBLICATIONSContributed to articles and five books about IT governance, risk management, and high-availability operations, in collaboration with Prentice Hall. |
