Security Analyst Iii | Information Security, Risk Management, Governance, Compliance
CurrentEnhancing Security for CivicPlus, a leading GovTech provider trusted by over 7,000 municipalities.Leveraging my experience in information security, I'm a Security Analyst III at CivicPlus, an Inc. 5000 company committed to building positive civic experiences. I play a key role in safeguarding CivicPlus's digital assets and ensuring compliance with industry best practices like NIST.My contributions at CivicPlus include:Leading the implementation and gap remediation of the NIST Security Framework.Proactively protecting our systems through vulnerability management and rapid incident response.Empowering staff with security awareness training to cultivate a robust security culture.Conducting thorough security assessments and risk analyses to identify and mitigate threats.Ensuring adherence to critical security standards like NIST, OWASP, and data privacy regulations.Increased security posture by 50% through NIST initiatives.Achieved/ Maintained NIST/SOC II compliance for multiple product lines.Provided security training to 900 staff members, improving awareness by 75%.Vulnerability scanning and penetration testing remediationSecurity incident response planning and executionSecurity risk analysis and threat modelingGovernance and complianceDevSecOps integrations