AGRADA provides clear and sustainable solutions to secure and grow your organization. Services include:• Cybersecurity & privacy• IT risk management & compliance• Digital transformation For more information please see our site: AgradaGroup.com

• Designed, implemented, and executed information security third-party risk management (TPRM) programs in alignment with industry standard governance frameworks (i.e. ISO 27001, NIST, and COBIT5) to provide clients a risk-based approach to manage regulatory and contractual requirements related to vendor access of their sensitive data.• Consulted global organizations on satisfying General Data Protection Regulation (GDPR) requirements by engaging stakeholders across enterprise business lines to define business requirements and develop a TPRM governance and operating model, third-party inventory, and risk assessment methodology.• Led onsite and remote vendor risk assessments to identify, analyze, and report information security findings to senior client leadership. Produced assessments are leveraged by client leadership to gain assurance of their vendors’ information security posture and drive remediation actions of non-compliant vendors.• Managed local and international project teams by functioning as primary liaison between the client, vendor and risk assessor. Strong project management, communication, and coaching skills via engagement planning/economics activities (e.g. resource scheduling, budgeting, and invoicing), organization of ongoing stakeholder meetings, and providing effective technical/operational guidance to junior staff has ensured the successful delivery of hundreds of assessments annually.

• Worked with Fortune 500 corporations to enhance their information security posture through scoping, managing, and performing NIST based information security risk assessments. Communicated assessment progress in weekly status meetings, and reported assessment finds to the clients’ IT/Business leadership. • Streamlined internal IT audit processes for a multinational computer software firm by mapping multiple regulatory compliance and IT governance frameworks into a single aggregated workbook - minimizing time spent on redundant tasks and providing a holistic IT audit perspective to compliance leadership. • Identified network vulnerabilities, presented findings through comprehensive reporting, and developed remediation actions for several mid-to-large manufacturing corporations in efforts to initiate PCI DSS certification process. Internal Business Development:• Assisted in the creation of Protiviti’s intellectual property by conducting research and drafting documentation on current information security topics and trends. • Provided guidance for two junior consultants through Protiviti’s “Pier Advisor” program. • Served as PR chair of Protiviti’s “proLGBTA” group.

• Implemented and administered CA Nimsoft’s infrastructure monitoring solution through consulting engagements. • Engineered a multi-platform, high availability/disaster recovery infrastructure environment in AWS.• Maintained network, hardware, and system infrastructure monitoring needs for managed service clients.

• Supported firm-wide workstation deployment of the Windows 7 operating systems by imaging desktops, testing software compatibility, and creating reference media to educate users. • Administered Citrix XenApp environment and provided desktop virtualization support for over 450 users.