• Provide analysis and recommendations for identified security exceptions; participate in defining remediation efforts. • Ensure all vendor relationships are documented and all contracts related to vendors that provide outsourced services are uploaded in the system. • Perform 3rd Party Vendor Risk Assessments & assist in the reporting of vendor risk management activities. • Identify opportunities to improve risk posture, develop solutions for remediating or mitigating risks and assessing the residual risk. • Contribute to the Cyber assessment metrics and GRC reporting to senior management to influence risk-based results. • Review and validate vulnerability findings. • Identifying weaknesses and vulnerabilities within the system and proposing counter measures. • Maintain strong working relationships with individuals and groups involved in managing information risks across the organization. • Assist in remediating penetration tests, application & vulnerability assessment findings. • Perform internal risk assessment. • Perform focused risks assessments of existing or new services and technologies. • Work with cross-functional teams, including IT, human resources, contracts, and security to address potential compliance issues and achieve data privacy program initiatives and provide as-needed support to other programs within Ethics & Compliance. • Execute day-to-day deliverables that support the ongoing compliance needs related to, PCI, IT policy, compliance, and risk, as well as any new regulatory requirements.

• Document observations for existing IT control processes and identified issues in assessment,questionnaire during disaster recovery planning exercises.• Conducts assessment of the security and privacy controls implemented by an information system officer to determine the overall effectiveness of the controls and the vulnerability state of components, applications and databases residing within the system boundary. • Perform vulnerability/risk assessment analyses to support A&A activities. • Develop solutions to security weaknesses in the Requirement Traceable Matrix (RTM) and SAR, while working on POA&M remediation and Corrective Action Plan (CAP).• Perform assessments on FedRAMP based on customer responsibility documentation and controls provided by the Cloud provider to assess.• Maintains and manages Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), POA&Ms, SAR, and other relevant security documentations for the system.• Performs risk assessments, develops, and recommends mitigating controls, and remains abreast of advancements that address emerging business and environmental factors impacting assurance levels.• Analyzes and updates System Security Plan (SSP), Risk Assessment (RA), Privacy Impact Assessment (PIA), System Security test and Evaluation (ST&E).• Work with IT Controls Manager to improve efficiency and effectiveness of IT audit testing procedures, processes, and attributes.• Provide security control assessor (SCA) services, such as assisting with the Assessment and Authorization process, including A&A scanning, documentation, reporting and analysis – analyzing current threats to information security and systems.• Better understanding of NIST 800-53 security controls and documentation for assessment result.

• Administer and troubleshoot client connections.• Administer all Network Devices (Firewalls, routers, switches, appliances) in the Global Infrastructure.• Design and deploy networks.• Work with systems, database administrators to implement Cloud architectures that utilize industry best practices.• Implement Cloud technology policies and procedures for disaster recovery.• Archive to ensure effective protection, integrity of storage appliances and stored data assets.• Maintain a highly secure infrastructure protect sensitive corporate data from threats.• Perform network address assignment.• I use an umbrella to block malicious and unwanted domains, IP addresses and cloud applications before a connection is ever established.• Ensure network connectivity throughout LAN/WAN infrastructure is on par with technical considerations.• Maintain network facilities in individual machines, such as drivers and settings of personal computers as well as printers.• Control and advanced malware protection components with the Fire Power• Maintained a highly secure infrastructure, protecting sensitive corporate data from internal and external threats.• Configuring and setting up of VoIP phones. (Polycom phones)• Configuration for logical or physical changes to maintain service integrity.• Performed Cisco Routing/Switching, Network upgrades and configuration.• Creating & maintaining detailed network documentation.• Technical responsibilities included, but were not limited to, problem solving, monitoring, system performance, and troubleshooting of various LAN/WAN technologies, server and enterprise applications and desktop technologies.• I use Aruba Clear Pass to allow me to grant full or limited access to devices based on users’ roles, device type, and cybersecurity posture.