Summary
Overview
Work History
Education
Skills
Websites
Projects
Timeline
Generic

Cyprian KAMSU

Jersey City,NJ

Summary

I am oriented toward the security of the systems of the companies in which I work with 5 years of successful experience. My goal is to ensure the effectiveness of Confidentiality, Integrity, and Availability of data. For this, I focus on the management of vulnerability, the choice, and implementation of compliances, and the drafting of policies and procedures during the assessment of Third-party with regulations such as PCI DSS, FIPS, HIPAA, FISMA, CSF, ISO, and the NIST SP 800 series publication. Having a strong capacity for integration in the teams in which I work. I am a good team player and very versatile.

Overview

6
6
years of professional experience

Work History

Security Compliance

Gen Re
Stamford, Connecticut
09.2021 - Current
  • Review Active Directory and Password Safe reports, addressing unauthorized activities and ensuring compliance
  • Review and update security policies and procedures in alignment with industry regulations
  • Administer questionnaires to vendors, validating their implementation of security controls
  • Monitor critical third-party vendors continuously to identify and remediate issues promptly
  • Collaborate with teams and third parties during vendor onboarding to ensure robust security controls
  • Conduct detailed contract reviews and in-depth analyses prior to approval, ensuring full compliance with legal standards, organizational policies, and risk mitigation strategies
  • Complete security questionnaires using the QnA Maker tool to streamline and automate responses and collaborate with the business team to address all security concerns
  • Actively participate in Change Control and Release activities, ensuring adherence to security controls and policies during updates
  • Oversee security awareness programs, including monthly phishing campaigns and role-based training sessions for new hires, utilizing the KnowBe4 platform
  • Serve as the primary point of contact during internal and external audits, facilitating communication and ensuring compliance with audit requirements
  • Review reports generated by Varonis to identify accounts that have been inactive for over 90 days within our domains
  • Lead and perform third-party security risk assessments, ensuring compliance with industry standards
  • Resolve ServiceNow tickets promptly to ensure timely incident resolution
  • Participate in vulnerability research and tabletop exercises
  • Record completed tasks in SharePoint for management review
  • Enhance the third-party contract review process, collaborating with legal, privacy, and information security teams
  • Possess in-depth knowledge of cybersecurity regulations, risk management frameworks, and cloud service providers (AWS, GCP, AAD)

Information Security/ Risk Analyst

UPS
Mahwah, NJ
04.2019 - 08.2021
  • Developed and optimized privacy solutions within One Trust, enhancing assessment templates, workflows, and data attributes
  • Implemented and refined the user experience of One Trust to improve overall effectiveness and usability
  • Utilized GRC tools (ZENGRC, Ven Minder, Jira) to streamline third-party risk processes, collaborating with business, procurement, legal teams, and engineers
  • Monitored and responded to security alerts in the SIEM tool for managed service clients, correlating data from various sources, recommending remediation, and supporting SOC analysts
  • Reviewed and updated the Risk Register, communicated remediation plans with third parties, and recommended mitigating controls
  • Facilitated security awareness and training initiatives for new hires
  • Applied knowledge of contemporary and legacy security IES technologies (e.g., Firewalls, IDS/IPS, SIEM)

Education

BSc/Bed - Computer Sciences

University of Nigeria Nsukka
Enugu, Nigeria

Skills

  • Excel
  • One-Trust
  • Nessus
  • Wireshark
  • Ven minder
  • Knowbe4
  • SIG
  • Microsoft Suite
  • Windows
  • Active Directory
  • SharePoint
  • Framework: NIST
  • SOC 1&2
  • ISO 27001
  • GDPR
  • HIPAA
  • HITRUST
  • NYDFS
  • French-Proficient

Projects

Present:

  • ISMS Audit - Deskside Services
  • Enhance security policies for service accounts.
  • Contribute to achieving SOC 2 Type II certification by assessing security. controls

Past:

  • QnA Maker Implementation
  • ISMS Audit – Mobile Device Management

Timeline

Security Compliance

Gen Re
09.2021 - Current

Information Security/ Risk Analyst

UPS
04.2019 - 08.2021

BSc/Bed - Computer Sciences

University of Nigeria Nsukka

Similar Profiles

  • Hunter Prichard

    Hunter PrichardHunter Prichard

    DATA INGESTION/CLAIMS EXAMINER at Gen ReDATA INGESTION/CLAIMS EXAMINER at Gen Re

    View Profile
  • Hunter Prichard

    Hunter PrichardHunter Prichard

    Data Ingestion/Claims Examiner at Gen ReData Ingestion/Claims Examiner at Gen Re

    View Profile
  • Ricardo Ernesto Diaz

    Ricardo Ernesto DiazRicardo Ernesto Diaz

    Underwriting Assistant at Gen ReUnderwriting Assistant at Gen Re

    View Profile
Cyprian KAMSU