Eric Muluh
Dayton
Summary
Five Years’ experience in cybersecurity helping organizations maintain compliance with various frameworks such as ISO 27001, PCI- DSS, Privacy, HIPAA,GDRP, NIST CSF, conduct Vendor Risk Assessment, Penetration test review, Vulnerability Scan review, Threat Detection & Analysis, Microsoft Excel, send out and answer to Sig Core & Sig Lite Questionnaires,Due Diligence, Soc2 Audit Preparation. I am experienced with various GRC tools: Archer, process unity, Jira, ServiceNow,Central
Overview
6
6
years of professional experience
1
1
Certification
Work History
Third Party Risk Analyst
PepsiCo, Inc
Fairborn
06.2020 - Current
- Complete vendor risk assessments by clients and prospective clients
- Provide information security due diligence on third-party vendors to determine the effectiveness of their controls
- Evaluate client needs against security concerns and resolves various risk issues
- Develop and monitor third-party vendor assessments
- Implement and record assessment activities following established processes and procedures
- Conduct third-party online reviews to assess their current information security posture and practices
- Enhance existing questionnaire response process
- Stay informed of regulatory and compliance information to enhance the third-party due diligence program
- Contribute to the continuous improvement of all aspects of the Information Security Program
- Deliver threat notifications to third-party vendors
- Observe vendor mitigation progress of identified threats
- Coordinate, execute, and support Information Security & Business projects
- Develop and update security policies, procedures, and best practices
- Oversee the Information Security Program
- Resolve security-related issues and incidents
- Function with other business units to ensure compliance with standards and policies
- Perform security research and knowledge of current security events
- Oversee the Information Security Program
- Detect Information Security & Business Continuity risks and make recommendations for solutions
- Provide excellent customer service skills to ensure a smooth data collection experience for customers and internal business unit partners.
Vendor Management Specialist
Home Depot
Glendale
06.2019 - 05.2020
- Facilitate vendor onboarding by performing third-party risk assessments on vendors.
- Ensure compliance with applicable privacy and industry standards by coordinating and analyzing risk artifacts.
- Assess completed questionnaire and supporting documentation (SIG Core, SIG Lite) to validate vendor appropriate implementation of information security controls.
- Assist vendor relationship managers and business partners in managing and responding to risks.
- Assess all vendors in accordance with vendor risk assessment and security assessment policies.
- Manage vendor risk in compliance with internal policies and regulatory requirements (NIST CSF, ISO 27001, PCI-DSS, GDPR), ensuring robust oversight of all vendor risks and providing visibility into emerging threats.
- Verify legal documents and pertinent paperwork for accuracy.
- Perform audit planning, developing scope, and reporting of findings noted during an assessment.
- Implement remediation strategies with vendors in response to findings.
- Work with control owners and operators to ensure quality, consistency, and operability of new & existing controls.
- Analyzing all new vendor contracts and suggesting improvements.
- Implement appropriate IT controls to mitigate risk.
- Ensure stakeholders are aware of vendor information security issues and what needs to be done to remediate them.
- Ensure effective project controls by monitoring progress and reporting status for each assigned project.
- Track third-party risks effectively using the Governance, Risk, and Compliance system.
- Support a security awareness training program.
- Ensure that complex and critical RFPs are reviewed and responded to.
- Analyze trends and recommend the most effective response approaches to RFPs.
Education
Bachelor’s - Information Technology
University of Buea
01.2013
Skills
- Ability to work under pressure
- Meet tight corporate deadlines
- Accuracy
- Focused attention to detail
- Excellent analytical skills
- Conduct risk assessment on vendors
- Conduct pen test reviews
- Microsoft Excel
- Review Vulnerability scan Reports
- Communication proofreading
- Ability to proofread
- Vendor contracts
- Content proofreading
- Grammar proofreading
- Detail-oriented
- Organizational skills
Certification
- CompTIA Security+
- CISA
Timeline
Third Party Risk Analyst
PepsiCo, Inc
06.2020 - Current
Vendor Management Specialist
Home Depot
06.2019 - 05.2020
Bachelor’s - Information Technology
University of Buea
Similar Profiles
Liam SkellyLiam Skelly
Warehouse Picker at PepsiCo, IncWarehouse Picker at PepsiCo, Inc
Debosmita MukherjeeDebosmita Mukherjee
NA at PEPSICO, INCNA at PEPSICO, INC
BRITTEN RICHARDS, MS , PHRBRITTEN RICHARDS, MS , PHR
HR Manager at PEPSICO, INCHR Manager at PEPSICO, INC
Sinai Payton-BellSinai Payton-Bell
Patient Care Technician at Premier HealthPatient Care Technician at Premier Health
Laura EsquivelLaura Esquivel
Digital Shopper at Walmart Inc.Digital Shopper at Walmart Inc.