Anna V Email & Phone Number

Mississauga, Ontario, Canada

• Performed necessary tasks to protect information systems assets from unauthorized access or destruction by involving in several GRC initiatives such as DBAM Tool implementation, Beauceron Security (SaaS) implementation.
• Implemented ISO 27001 to include new enhancements/changes, which required the development and implementation of new Information Security policies and procedures.
• Responsible for governance, risk, and compliance activities within the Information Security team utilizing best practice frameworks such as NIST, ISO 27001 and PCI-DSS.
• Monitored the results from risk assessments, penetration testing, and vulnerability scans and ensured treatment plans and remedial actions are being progressed.
• Tracked developments and changes in the digital business and threat landscape to ensure that they are adequately addressed in security strategy plans and architecture artifacts.
• Implemented Beauceron Security (SaaS) platform for all Bell employees to provide Security education focusing on human side of security. Helped in designing awareness programs through surveys, computer-based training.

Toronto, Ontario, Canada

• Responsible for Technology GRC Workshop – maintained and updated GRC deck on weekly basis; to ensure the Leadership Management (CISO) is well informed on the Security Health status; including Vulnerability patching.
• Worked on ISO 27001:2013 for implementing ISMS to ensure resilient Cyber Security Framework.
• Worked on Risk Register: Reviewed existing entries, Asset identification, evaluation; Vulnerability assessment, Risk assessment and documented ISMS controls after thorough discussions and reviews with stakeholders.
• Performed Control Effectiveness Rating Annual Reviews with the control implementing teams and reported them to the Control owners and CISO.
• Developed and maintained Tech security artifacts (e.g., models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.
• Revamped the information security control guidance, including technical documentation, e.g., System access, Network, Cloud computing, Supplier management, Business application management security policies.

Toronto, Ontario, Canada

• Actively involved in On -Boarding of Privilege Access account in CyberArk Vault and Thycotic Secret server in bulk.
• Wrote User stories, Acceptance Criteria and ensured the Story readiness both technically and functionally for the implementation of Privilege Access Management tool – CYBERARK.
• Collaborated with Design (UI/UX Team) to come up with mock-ups and wireframes for the CYBERARK implementation.
• Collaborated closely with Product Owners and stakeholders to refine and prioritize the product backlog, ensuring alignment with business objectives.
• Interacted with Business Stakeholders to gather and finalize Business Requirements for the application.
• Developed UML Use Cases using Rational Rose and using Requisite Pro, monitored change requests and documented requirements, integrating them with Use Cases.