We provide IT Staff Augmentation Services!

Enterprise Risk Consultant Resume

San Ramon, CA

SUMMARY:

  • 13 + years’ experience performing cybersecurity, governance, risk, and compliance work
  • Extensive cybersecurity knowledge/competencies and credentials
  • Broad industry sector functional experience
  • Excellent oral and written communication skills
  • Honest, critical thinker, planner, reliable, adaptable, team player
  • Data Privacy and Protection, GDPR, Internet of Things, Risk Management, PCI, Cyber Resilience

PROFESSIONAL EXPERIENCE:

Confidential, San Ramon, CA

Enterprise Risk Consultant

Responsibilities:

  • Subject Matter Expert providing support services for Confidential Enterprise Risk and Compliance standardization initiative
  • Evolved Confidential ’s independent technical processes and controls supporting high - priority Business Units and Products into a standards-based Enterprise Framework derived from Cobit 5 and ISO27001

Confidential, San Ramon, CA

Principal Risk Advisor- Cybersecurity Vendor Risk Management

Responsibilities:

  • Cybersecurity champion for Confidential ’s Predix Industrial Cloud hardening and FedRAMP compliance initiative
  • Conducted risk, cybersecurity, and privacy assessments of supply chain organizations and vendor IT products/services procured for integration with Confidential Industrial Cloud infrastructure and services
  • Performed supplier/vendor contractual reviews and risk management assurance activities
  • Engineered and authored Confidential

Confidential, Foster City, CA

Sr. Cybersecurity and Privacy Advisor

Responsibilities:

  • Key contributor to Confidential Information Security Risk Management program development initiative
  • Developed and engineered enterprise cybersecurity policies and IT system minimum security baselines (MSBs)
  • Conducted third party application/software security assessments and designed a repeatable security assessment process for use by the cybersecurity organization
  • Identification, evaluation, registration and tracking of application/software security risks
  • Engineered secure application usage, data protection, and privacy guidelines for Confidential enterprise users

Confidential, Foster City, CA

Cybersecurity Risk Specialist

Responsibilities:

  • Performed comprehensive cybersecurity risk assessment of Confidential Transaction Processing ecosystem (including credit authorization and clearing & settlement processes)
  • Conducted cyber and information security risk and compliance assessments encompassing all Confidential business segments
  • Performed security readiness evaluations of information systems and applications prior to migration into production
  • Conducted merger and acquisition, supply chain, and third-party vendor/service provider cybersecurity risk assessments
  • Cybersecurity risk advisor to multiple business segments. Worked with business/IT stakeholders and project teams to assure alignment of business/project objectives with internal and external regulatory compliance requirements
  • Partnered with cybersecurity teams across Confidential to identify IT and product related vulnerabilities and threats. Identified and categorized risks, developed risk scenarios, risk responses/mitigation options, and cataloged risks

Confidential, Washington, DC.

Sole Proprietor and Principal Cybersecurity Consultant

Responsibilities:

  • Performed 50+ PCI DSS assessments for level 1 merchants and service providers
  • Authored merchant ROC (Report on Compliance) and AOC (Attestation of Compliance) reports
  • Provided PCI DSS consulting and readiness services for all merchant levels and service providers
  • Provided consulting and planning services for ISO27001 and FISMA controls implementations
  • Developed enterprise, operational, and technical level client security policies and guidelines

Confidential, Annapolis, MD

Sr. Cybersecurity Consultant

Responsibilities:

  • Performed PCI DSS security assessments for a wide range of industry sector organizations as a PCI QSA (Qualified Security Assessor)
  • Conducted client ISO27001control assessments
  • NIST 800-53 v2 compliance assessment support for the U.S. Dept. of Agriculture

Confidential, Herndon, VA

Cybersecurity Consultant

Responsibilities:

  • Managed 40 + client accounts and delivered full range of Confidential ’ Enterprise Risk Management Program services
  • Performed technical security assessments of client networks (design, architecture and penetration tests)
  • Performed Identity and Access Management (IAM) domain assessments (Identity data, Identity management, Access governance, and Access enforcement) for client networks, systems, applications and databases
  • Performed physical data center security assessments (physical facility, environmental monitoring, surveillance, etc.)
  • Developed client strategies for vulnerability mitigation

Hire Now