Associate Information Security Risk Analyst
Current• Conduct risk assessments, offer recommendations, specified control requirements, & determine approvals for third-party vendors • Improving the third party risk assesment process • Collaborate with IT teams to implement and monitor security controls, ensuring compliance with industry standards• Organized and led security awareness training for 1000+ employees which increased reporting of phishing emails by 10%• Developed and drove PCI-DSS compliance training for the concerned team• Support internal and external audit teams during SOX audits, providing necessary documentation and explanations• Prepare comprehensive documentation for audit evidence and coordinate responses to internal and external audit inquiries.• Collaborated with process owners to enhance control documentation and ensure accuracy• Participated in the remediation of control deficiencies, tracking progress to closure• Lead periodic user access review initiatives, ensuring compliance with security policies and industry regulations• Implemented effective lookback procedures to review historical access data, identifying and addressing any unauthorized or inappropriate access that may have occurred in the past• Performing CIS Control Benchmark