Daniel Arthur
Summary
Daniel Arthur is a detail-oriented Security expert with years of experience identifying vulnerabilities, conducting incident responses, and performing risk assessments to protect corporate networks and data. Proficient in utilizing cybersecurity tools and best practices to monitor, detect, and mitigate threats while ensuring compliance with security frameworks such as ISO 27001, ISO 27017, GDPR, NIST 800-53, NIST CSF, NIST RMF, CIS Controls, HIPAA, PCI- DSS, ITIL, OWASP TOP 10 and other similar frameworks. I am a strong communicator and problem-solver, capable of working crossfunctionally with teams to boost security posture, and safeguard critical assets. Conducted various risk assessments using various security frameworks and provided relevant solutions where necessary.
Overview
6
6
years of professional experience
1
1
Certification
Work History
GRC analyst
Eretmis Inc.
05.2023 - Current
- Maintained risk registers and conducted comprehensive risk assessments to identify potential threats to organizational operations, ensuring alignment with business objectives and regulatory requirements
- Review and assess the company's security policies
- Maintain governance frameworks, policies, and procedures in compliance with HIPAA, PHI security standards, OWASP TOP 10, SOC 2, ITIL, ISO27001, ISO27017, NIST800-53, CIS controls, NIST CSF, and PCI DSS standards
- Assist with developing and executing a repeatable risk assessment methodology
- Establish key risk indicators (KRIs) and key performance indicators (KPIs) for risk and business, including monitoring reporting and breach remediation, to support links between risk appetite, profile, and performance metrics
- Manage third-party risk assessments, ensuring vendors meet company security standards and compliance requirements
- Identify and catalog all third-party services and vendors
- Evaluate the technical security posture of newly proposed third-party solutions
- Conduct regular vulnerability assessments and penetration testing to identify weaknesses in the network and applications
- Develop and implement GRC strategies, policies, and procedures to ensure compliance with regulatory standards and industry's best practices
- Provide training and awareness programs to employees regarding cybersecurity best practices
- Assisted in developing risk assessments and provided appropriate credible challenges as needed
- Provide support to Information Security Incident Response team during cyber/privacy incidents
Information Security Analyst
Tata Consultancy Services (TCS)
Edison, New Jersey
03.2022 - 04.2023
- Assisted in performing security risk assessments and vulnerability assessments and Produced reports based on risk management assessments
- Prepare risk assessment report deliverables for management review
- Provide support to Information Security Incident Response team during cyber/privacy incidents Assisted in developing and implementing security policies and procedures
- Utilize GRC tools to update the security knowledge base and maintain the required documentation
- Identify inherent risk, evaluate current state, and determine residual risk posture for various information technology asset categories and types
- Help develop business continuity and disaster recovery plans
- Participated in security awareness training sessions and acted as a resource to guide management, including producing documentation, presentations, or other materials to educate on risk policies and procedures
- Identify inherent risk, evaluate current state, and determine residual risk posture for a variety of information technology asset categories and asset types
Security Analyst
Lobek Software
Hershey, Pennsylvania
06.2019 - 02.2022
- Assisted in the development and implementation of security policies and procedures
- Conducted regular security assessments and vulnerability scans to identify potential risks
- Collaborated with cross-functional teams to ensure security measures were integrated into all
- Monitored network traffic and security alerts, responding to incidents as needed
- Evaluate information security threats and associated vulnerabilities
- Coordinate with numerous stakeholder groups to develop risk remediation plans
Education
Master of Science - Cybersecurity and Information Assurance
Western Governors University
Millcreek, Utah11-2024
Bachelor of Science - Administration (Accounting Option)
Presbyterian University
Skills
- Security Monitoring & Incident Response (SOC)
- Vulnerability Assessments & Penetration Testing
- Scripting for automation (PowerShell, Python, or BASH)
- Privacy and Security Policy Development
- Risk & Compliance
- Gap Analysis & Remediation
- Cloud security (AWS, Azure, Google Cloud (GCP) Security Principles)
- Network troubleshooting tools (traceroute, Ping, Nmap, Wireshark)
- Risk Management & Mitigation
- Identity & Access Management
- Data Protection
- Operating Systems Security (Windows, Linux, macOS)
- Cyber Design
- Third-party risk Management
- Regulatory Compliance (SOC 2, ISO27001, ISO27017, NIST800-53, NIST RMF, NIST CSF, CIS Controls, HIPAA, PCI- DSS, OWASP TOP 10)
- Project Management (Jira, ServiceNow, Archer)
- IT Concepts, Operations & Controls
- Compliance/Security Awareness Training
- Firewalls (Cisco ASA, SonicWall), Anti-virus, and Malware
- Security Architecture
- Incident Handling & Forensics
- Network security (VPN, IDS/IPS, NAC)
- VPN, IDS/IPS Configuration
- Network Security & Intrusion Detection
- Security Information and Event Management (SIEM) Tools and other tools (Splunk, Azure Sentinel, Wireshark, Qualys, Nessus, Metasploit, QRadar, Palo Alto Firewalls, Cisco ASA, Snort, Tenableio)
- Microsoft Applications (Outlook, Excel, SharePoint, Teams)
Certification
- CompTIA Security+
- Certified in Cybersecurity (ISC2)
- Certified Information Systems Security Professional (CISSP)
Timeline
GRC analyst
Eretmis Inc.
05.2023 - Current
Information Security Analyst
Tata Consultancy Services (TCS)
03.2022 - 04.2023
Security Analyst
Lobek Software
06.2019 - 02.2022
Master of Science - Cybersecurity and Information Assurance
Western Governors University
Bachelor of Science - Administration (Accounting Option)
Presbyterian University
Similar Profiles
Lanae MooreLanae Moore
PCI/GRC Cybersecurity Analyst Lead at Eretmis Inc.PCI/GRC Cybersecurity Analyst Lead at Eretmis Inc.
Olanrewaju OrobiyiOlanrewaju Orobiyi
PCI DSS Professional at Eretmis Inc.PCI DSS Professional at Eretmis Inc.
OMOZE IDEHENREOMOZE IDEHENRE
Security Analyst at Eretmis IncSecurity Analyst at Eretmis Inc
Adeline AgyebitAdeline Agyebit
GRC Analyst at AcrisureGRC Analyst at Acrisure
ANUOLUWAPO SOLOLAANUOLUWAPO SOLOLA
GRC Analyst at OTDRE LIMITEDGRC Analyst at OTDRE LIMITED