Improve systems scorecard from F to A grade.Reduce system vulnerabilities from 123 to 12 in 2 months.Help facilitate systems decommissioning process for all servers and workstations that have reached end of life.Supporting third party risk program infrastructure elements for example, risk controls assessments, reporting, and documentation, in collaboration with partners across the first, second and third lines of Defense.Updating and maintaining documentation including procedures and workflows in support of Audits and exams.Developing, reporting, KRI’s, and critical metrics related to third parties.Monitoring and reporting on third party risk trends.Contributing to the continuous improvements of enterprise third party office’s governance and infrastructure processes, for example risk identification, data management, reporting, metrics, and program management.Provide our clients with advice and guidance to successfully achieve ISO 27001:2022 compliancePrepare and complete documentation package to include SOP’s, policies, plans, templates, and manuals, which address all ISO 27001:2022 requirements.Assist System Owner and Privacy Officer in preparing Authorization Package for Major/Minor Application systems, making sure that security controls adhere to a formal and well-established security requirement referencing SP 800-53 rev 4 and rev 5.Collaborate with security engineering team to review and analyze vulnerability scan results and coordinating the remediation response with system security administrators/engineering teams.Conducts RMF first step kick off meeting, initial risk assessment and categorization of information security system into Low, Moderate and High system centered on Confidentiality, Integrity and Availability (CIA) of th information type referencing FIPS-199 and NIST 800-60.Initiate, update, coordinate and track the patching and remediation of security weaknesses as they are documented in the Plan of Actions and Milestones (POA&M).