Summary
Overview
Work History
Education
Skills
Tools And Technologies
Certification
Timeline
Generic

CLAUVICE MOLLA

Columbia,MO

Summary

Results-driven Information Security professional with 6+ years comprehensive expertise in third-party risk management, vulnerability assessment, and regulatory compliance. Proven track record of implementing enterprise-wide security frameworks, conducting advanced threat assessments, and developing robust governance policies that align with business objectives while mitigating organizational risk. Skilled in orchestrating cross-functional initiatives that bridge technical security requirements with strategic business needs, from vendor risk evaluation to AI governance implementation. Adept at translating complex security vulnerabilities and compliance requirements into actionable insights for executive leadership and technical teams alike. Demonstrated success in streamlining security operations through automation, establishing continuous monitoring programs, and building security-conscious cultures across global organizations. Combines deep technical proficiency in security tools and frameworks with strong stakeholder management capabilities to deliver measurable improvements in security posture, regulatory compliance, and operational resilience. Committed to continuous learning, proactive risk reduction, and enabling secure, compliant business operations.

Overview

9
9
years of professional experience
1
1
Certification

Work History

Information Security Analyst

CaeliCode Solutions
05.2022 - Current
  • Monitor and analyze security events across enterprise infrastructure using SIEM platforms, investigating anomalies and coordinating incident response activities to minimize business impact and data exposure
  • Implement and maintain security controls including firewalls, intrusion detection systems, and endpoint protection solutions that defend against evolving cyber threats and attack vectors
  • Conduct regular vulnerability assessments and penetration testing exercises, identifying security weaknesses and collaborating with IT teams to prioritize and execute remediation efforts
  • Develop and enforce information security policies and standards that protect sensitive data assets while enabling business operations and digital transformation initiatives
  • Lead security architecture reviews for new technology implementations and system changes, ensuring alignment with security best practices and organizational risk tolerance
  • Manage identity and access management programs including privileged account monitoring, access certification campaigns, and role-based access control implementations
  • Participate in AI governance initiatives by establishing security guidelines for machine learning model deployment, data privacy controls for training datasets, and risk assessment frameworks for AI-powered applications
  • Investigate security incidents and data breaches, performing forensic analysis to determine root causes, attack vectors, and implementing preventive measures to strengthen defensive capabilities
  • Collaborate with DevOps teams to integrate security into CI/CD pipelines, implementing automated security testing and code scanning to identify vulnerabilities early in development cycles
  • Create and deliver security awareness training programs that educate employees on emerging threats, social engineering tactics, and secure data handling practices
  • Maintain comprehensive security documentation including incident response playbooks, security operating procedures, and risk assessment reports for audit and compliance purposes
  • Partner with business stakeholders to balance security requirements with operational needs, developing risk-based solutions that enable innovation while maintaining appropriate security controls

Third Party Risk And Vulnerability Analyst

CaeliCode Solutions
02.2020 - 04.2022
  • Conducted comprehensive security assessments of critical third-party vendors and suppliers, identifying vulnerabilities and implementing risk mitigation strategies that strengthened the organization's overall security posture
  • Developed and maintained vendor risk scoring methodologies to evaluate and prioritize third-party relationships based on criticality, data access levels, and potential impact to business operations
  • Led cross-functional collaboration with procurement, legal, and IT teams to establish vendor onboarding protocols that ensured compliance with security standards and regulatory requirements
  • Performed deep-dive vulnerability assessments on vendor systems and applications, providing actionable remediation recommendations that reduced exposure to supply chain attacks
  • Created and managed continuous monitoring programs for high-risk vendors, tracking security incidents, patch management practices, and compliance attestations throughout the vendor lifecycle
  • Streamlined third-party risk assessment processes by implementing automated questionnaire workflows and risk rating frameworks, significantly reducing vendor onboarding timeframes
  • Analyzed and interpreted complex vulnerability scan results from vendor environments, translating technical findings into executive-level risk reports for senior leadership decision-making
  • Established vendor security requirements and contractual language standards that aligned with industry best practices including SOC compliance, ISO certifications, and data protection regulations
  • Coordinated vendor incident response activities during security events, ensuring rapid containment and remediation while maintaining detailed documentation for regulatory reporting
  • Built and maintained comprehensive vendor risk registers documenting identified vulnerabilities, remediation timelines, and residual risk acceptance decisions across the entire third-party ecosystem
  • Mentored junior analysts on vulnerability assessment techniques, vendor risk evaluation methodologies, and effective stakeholder communication strategies

Policy and Compliance Analyst

Afro Technology
06.2016 - 11.2020
  • Developed and implemented enterprise-wide compliance policies and procedures that aligned with regulatory requirements including GDPR, CCPA, SOX, and industry-specific mandates
  • Conducted comprehensive gap analyses between existing organizational practices and regulatory standards, creating detailed remediation roadmaps that achieved full compliance across multiple frameworks
  • Led internal compliance audits and assessments across business units, identifying control deficiencies and partnering with stakeholders to implement corrective actions within established timelines
  • Authored and maintained policy documentation including information security policies, data governance standards, and privacy procedures that served as authoritative guidance for global operations
  • Collaborated with legal counsel and regulatory affairs teams to interpret complex compliance requirements and translate them into actionable operational controls and business processes
  • Managed compliance monitoring programs utilizing automated tools and manual reviews to ensure continuous adherence to internal policies and external regulatory obligations
  • Facilitated compliance training sessions and awareness campaigns that enhanced organizational understanding of regulatory requirements and promoted a culture of compliance
  • Coordinated responses to regulatory inquiries and audit requests, preparing comprehensive documentation packages and serving as primary liaison with external auditors and regulators
  • Established key risk indicators and compliance metrics dashboards that provided executive leadership with real-time visibility into the organization's compliance posture and emerging risks
  • Streamlined policy lifecycle management processes including regular reviews, updates, and attestations that ensured policies remained current with evolving regulations and business needs
  • Investigated compliance violations and policy exceptions, conducting root cause analyses and recommending systemic improvements to prevent recurrence
  • Built cross-functional relationships with IT, HR, Finance, and Operations teams to embed compliance requirements into business processes and technology implementations

Education

Bachelor's Degree - Computer And Information Sciences

University of Buea
12.2015

Skills

  • Risk Assessment and Analysis
  • Vulnerability Management
  • Compliance Framework Implementation
  • Security Incident Response
  • Policy Development and Governance
  • Third-Party Risk Management
  • Security Architecture Review
  • Regulatory Compliance (GDPR, CCPA, SOX)
  • AI Governance and Risk Management
  • Security Auditing and Assessment
  • Data Privacy and Protection
  • Business Continuity Planning
  • Threat Intelligence Analysis
  • Stakeholder Management and Communication
  • Compliance & Policy Management (SOC 2, GDPR, HIPAA, PCI DSS, ISO 27001, NIST)
  • Security Policy Development
  • Documentation
  • Incident Response
  • Automation of Compliance Monitoring
  • Evidence Collection
  • Regulatory Compliance
  • Attestation
  • Process Documentation
  • Workflow Design
  • Risk Reporting
  • Dashboarding
  • Security Awareness Training
  • Excellent Communication
  • Cross-Functional Collaboration
  • Analytical Skills
  • Problem-Solving Skills
  • Time Management
  • Multitasking
  • Microsoft Office Suite (Word, Excel, PowerPoint)

Tools And Technologies

ServiceNow VRM, ProcessUnity, Archer GRC Platform, Venminder, Tenable Nessus, Tenable.io, Rapid7 InsightVM, Splunk SIEM, Sophos, OpenVAS, Qualys, CrowdStrike, SailPoint, AWS Cognito, AWS Systems Manager, AWS KMS, AWS Secrets Manager, Okta, HashiCorp Vault, Grafana/Prometheus, Confluence, Jira, Metasploit, Burp Suite, BitSight Security Ratings

Certification

  • CompTIA Security+
  • CISA/CISSP (In Progress)

Timeline

Information Security Analyst

CaeliCode Solutions
05.2022 - Current

Third Party Risk And Vulnerability Analyst

CaeliCode Solutions
02.2020 - 04.2022

Policy and Compliance Analyst

Afro Technology
06.2016 - 11.2020

Bachelor's Degree - Computer And Information Sciences

University of Buea

Similar Profiles

  • Elizebeth GhilbertElizebeth Ghilbert

    Sr Software Engineer at P Square Toll Solutions India Pvt Ltd / Seeroo IT Solutions (P Square Solutions LLC – Contractor)Sr Software Engineer at P Square Toll Solutions India Pvt Ltd / Seeroo IT Solutions (P Square Solutions LLC – Contractor)

  • Aarav NairAarav Nair

    Office Administrator-Accounts Payable at B&C Food Solutions (A division of Centennial Food Solutions)Office Administrator-Accounts Payable at B&C Food Solutions (A division of Centennial Food Solutions)

  • Eric SchwederEric Schweder

    Customer Quality Specialist Testing at Broadridge Financial Solutions Financial Solutions Inc.Customer Quality Specialist Testing at Broadridge Financial Solutions Financial Solutions Inc.

  • Sarah GumSarah Gum

    Food and Beverage Team Leader at Nekter Juice Bar Inc.Food and Beverage Team Leader at Nekter Juice Bar Inc.

  • BRADY BALLARDBRADY BALLARD

    Certified Nursing Assistant at The Neighborhoods by TigerplaceCertified Nursing Assistant at The Neighborhoods by Tigerplace

CREATE PROFILE
CLAUVICE MOLLA