Sarah P Email and Phone Number
●7 years experienced Cyber Security Professional with well-developed skills in IT GRC – Internal IT Audits, Risk Assessment and Security Frameworks; along with BCP / DR, Employee Training in Cyber Security and Business Analysis.●Implemented and Audited IT controls and security frameworks such as NIST, ISO 27001/27002, PCI-DSS, GDPR, PIPEDA, Data Information and Privacy, Identity and Access Management. ●Thrive towards continuous improvement work, have strong interpersonal skills. Excellent customer service skills, Excellent Negotiation Skills, Ability to learn continuously. ●Core competencies include documenting and reviewing Policies and Processes; Risk Management and Compliance, Information Security Management System (Implementation, Auditing, and Continual Improvement), Third-party risk management, IT General Control Testing, Data Privacy, Business Continuity Management (Planning, Implementation, and Management), Disaster Recovery, Project Management, End User Training and Awareness for cyber security, and DLP Incident Management.●GRC Tools – Beauceron Security, ServiceNow GRC, Splunk, SailPoint and DynaTrace. ●Experienced in Microsoft Office tools such as MS Excel, PowerPoint, Word and SharePoint. ●IT Governance experience includes design of the cyber security program and oversight over its execution, implementation of NIST, ISO 27001 control frameworks, developing information security policies/standards, GRC implementation and maturity assessment of IT processes.●IT Risk experience - worked on Risk Register, risk assessment methodology/framework, risk identification, risk remediation and risk reporting of technology, process, projects, and special initiatives. ●IT Audit experience includes planning and executing of IT audit engagement, risk-control assessment, third-party controls review, IT general/application controls testing (IT SOX compliance), etc. ●Excellent Documentation skills Documented Cyber Security controls, policies, frameworks, Risk Register, RACM, Audit plan, Audit report, CAPA, Business Continuity Plan (BCP), Disaster Recovery (DR) and Requirement documents - User stories, SRS, BRD, Wireframes, Use cases.
Absorb Software
View- Website:
- absorblms.com
- Employees:
- 235
-
Senior Grc AnalystAbsorb Software Jun 2024 - Present
-
Cyber Security SpecialistTd Insurance Jul 2022 - Jun 2024- Conducted comprehensive risk assessments, vulnerability scanning, and security assessment to identify and mitigate security threats.- Participated in Governance activities and followed up till closure. (Employee mandatory trainings, Risks, Vulnerabilities patching schedules, false positive vulnerabilities management, etc)- Developed and maintained the Information Security Management System (ISMS) based on ISO 27001 standards.- Designed and implemented security architecture and engineering solutions to safeguard critical systems.- Oversaw identity and access management, ensuring the proper provisioning and de-provisioning of user accounts.- Executed regular security assessments and audits to ensure compliance with industry standards and regulations such as PCI-DSS, ISO 27001 and SOC 2.- Maintaining on-going communication with the business, external/internal auditors as it relates to alignment on audit planning, walkthroughs/testing, audit requests, impact assessments, and deficiency evaluation of IT controls (e.g., SOX, PIPEDA, GDPR, NIST 800-53, ISO 27001, etc.) - Planned internal audit schedule and ensured ongoing monitoring of audit task completion- Ensured adequate and timely resolutions to all audit review issues related to Information security. And also ensured timely Audit remediation.- Performed risk-based audit on information systems, and operating procedures. - Coordinated BCP / DR activities and drills.- Performed third party Cyber Security risk assessments for both on premise and cloud-based solutions and presented relevant reporting metrics to management to keep risk at an acceptance level -
Cyber Security AnalystIntact Jun 2019 - Jul 2022- Established and standardized GRC processes that improved resilience and efficiency.- Worked on Risk Register: Reviewed existing entries; performed Asset identification, evaluation; Vulnerability assessment, Risk assessment and documented ISMS controls after thorough discussions and reviews with stakeholders.- Gathered policy statement requirements and documented the policies, reviewed policies and presented to Leadership Management for approval and further communicated to teams. - Worked on ISO 27001 for implementing ISMS to ensure resilient Cyber Security Framework.- Cybersecurity maturity assessments against NIST, SOC 2, ISO 27001.- Responsible for redefining the Security framework in line with ISO's Standard of good practice.- Experience in Performing risk assessment for cybersecurity, information security and business continuity.- Implemented ISMS Controls across Organization.- Prepared and maintained repository for ISMS documentation including ISMS Manuals, Process Plan, SOP’s, Records.- Facilitated the Audit process within the team in terms of identification of root cause of audit findings, determine and implement appropriate CAPA / Remediation Plan.- Analyze, record and manage security incidents, vulnerability, and change issues in a timely and accurate fashion.- Performed Vendor Assessment and Vendor Audits.- Conducted Internal IT Audit, identified gaps and reported them. Also recommended Action Plans and followed-up till closure. -
Cyber Security Business AnalystBell Jan 2017 - May 2019- Actively involved in On -Boarding of Privilege Access accounts in CyberArk Vault.- Designed SAFE naming conventions as per the policies.- Conducted business process & data analysis to derive Role-based access control (RBAC) matrix for IAM solutions.- Collaborated with Business and Product Owners to come up with holistic solutions of the requirements.- Co-ordinated the strategic planning and integration meetings conducted for finalizing the business scope every quarter throughout the Year.- Wrote User stories, Acceptance Criteria and ensured the Story readiness both technically and functionally for the implementation of Privilege Access Management tool – CYBERARK.- Collaborated with Design (UI/UX Team) to come up with mock-ups and wireframes for the CYBERARK implementation.- Identified solution/requirement gaps and reviewed solutions with the stakeholders.- Conducted Sprint Refinement sessions for better understanding of User Story scope.- Enabled end to end delivery of scope to production through release management.- Participate in solving business requirements and impact assessments- Actively participate in clients’ meetings to discuss system requirements, specifications, budget etc.- Test cases and performed Functional and User acceptance testing (UAT) in HP ALM.- Prepared monthly status reports for Enhancement Requests to the project team that was used in efficient tracking and monitoring of open issues of the project.- Prepare necessary training materials for Production Support team.
Sarah P Education Details
Frequently Asked Questions about Sarah P
What company does Sarah P work for?
Sarah P works for Absorb Software
What is Sarah P's role at the current company?
Sarah P's current role is Cyber Security Consultant / GRC Analyst / IT Auditor.
What schools did Sarah P attend?
Sarah P attended Osmania University.
Who are Sarah P's colleagues?
Sarah P's colleagues are Lauren Mullane, Ashitosh Belhekar, Aaliyah Gardener, Doru Muresanu, Stephanie Bowal, John Sweeney, Douglas Dennie.
Not the Sarah P you were looking for?
-
Sarah Hossain, P.Eng
Pickering, On -
-
Sarah Shortreed, P.Eng, FCAE, ICD.D
Greater Toronto Area, Canada5rogers.com, brucepower.com, brucepower.com, atco.com, rim.com
Free Chrome Extension
Find emails, phones & company data instantly
Aero Online
Your AI prospecting assistant
Select data to include:
0 records × $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial