Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

GEORGE AWA

Menifee,CA

Summary

A highly dynamic and process-oriented Cyber Security, GRC and PCI delivery professional with proven ability, knowledge, and experience. Provided strategic guidance and support to senior leaders that helped improve decisions and project implementations while effectively managed multiple priorities in a fast-paced environment which effectively enhanced core system performance, and improved productivity and profits.

Overview

8
8
years of professional experience
1
1
Certification

Work History

Security Analyst - PCI Security

APEX SYSTEMS
11.2023 - Current
  • Conducted regular vulnerability assessments to identify weaknesses and implement appropriate countermeasures.
  • Developed customized security policies and protocols, ensuring compliance with industry standards and best practices.
  • Developed and maintained detailed documentation on security processes, facilitating knowledge transfer and ensuring consistency in procedures.
  • Streamlined incident response procedures for quicker threat mitigation and improved system uptime.
  • Educated employees on cybersecurity awareness through training sessions, significantly reducing instances of human error-related breaches.
  • Reviewed existing security architecture for improvements that aligned with evolving business needs while minimizing risk exposure.
  • Participated in tabletop exercises simulating cyberattacks, leading to better preparedness for real-world incidents.
  • Customized security awareness materials to address specific vulnerabilities within organization, enhancing employee vigilance.
  • Conducted detailed risk assessments for new software implementations, ensuring alignment with security standards before deployment.
  • Coordinated with external auditors during security certifications, showcasing organization's commitment to maintaining high security standards.
  • Led cybersecurity awareness training sessions, increasing employee understanding of potential security threats and preventive measures.
  • Evaluated third-party vendors'' security posture during contract negotiations, ensuring adherence to organizational requirements and minimizing risk exposure.
  • Reduced security risks by 60% through enhancing protocols and ensuring adherence to regulations.

Cybersecurity GRC Analyst

PALOMAR HEALTH
02.2023 - 11.2023
  • Conducted training activities, including phishing campaigns, and developed and maintained training modules and documentation
  • Developed, implemented, and communicated information security policies and procedures supporting security best practices
  • Designed and implemented information security compliance controls to address current data risks and emerging threats
  • Designed and implemented performance metrics to measure the success of GRC (Governance, Risk, and Compliance)
  • Assessed and analyzed employee data risk due to accidental, incidental, and awareness security issues
  • Executed as a business liaison, coordinating with internal and external auditors to effectively communicate requirements and deliver results
  • Led cybersecurity audits, assessments, investigations, incidents, and other duties as required.

PCI DSS Specialist

ERETMIS INC.
11.2021 - 07.2023
  • Deployed security solutions and processes to support PCI DSS compliance, including vulnerability management, patching, SIEM, and FIM
  • Facilitated interactions between the company and PCI DSS Qualified Security Assessors (QSA)
  • Mapped and evaluated payment card data flows for PCI DSS scoping assessments
  • Supported the completion of the annual PCI DSS Report on Compliance (ROC)
  • Ensured ASV scans and pen testing were conducted quarterly and annually, respectively, with all remediation activities completed within expected timelines
  • Tracked, documented, and addressed PCI compliance gaps to ensure timely closure
  • Managed the annual PCI audit, including evidence gathering, quality assurance of evidence, coordination of audit resource meetings, and other tasks required to successfully complete the audit
  • Coordinated with Third Party Risk Management to ensure PCI compliance needs were addressed and tracked appropriately with third-party vendors
  • Stayed current with new and evolving security topics and technologies through formal training and self-directed education.

IT Compliance Analyst

WELLSTAR KENNESTONE HOSPITAL
09.2019 - 10.2020
  • Developed comprehensive risk assessments for better data protection and regulatory adherence.
  • Streamlined internal processes by implementing effective IT controls, policies, and procedures.
  • Collaborated with cross-functional teams to ensure consistent compliance practices across the organization.
  • Supported a strong security posture by regularly assessing vulnerabilities and implementing appropriate countermeasures.
  • Evaluated third-party vendors for their adherence to company-specific compliance standards before engaging in partnerships.
  • Ensured data privacy with rigorous management of sensitive information according to regulatory guidelines.
  • Assisted in achieving regulatory certifications through diligent preparation efforts and collaboration with external auditors.
  • Identified gaps in existing compliance processes and recommended updates.
  • Conducted periodic compliance audits and reviews to identify areas of improvement.

IT Risk Analyst

PEACE CARE ST JOSEPH
06.2016 - 09.2019
  • Assisted in developing business continuity plans, ensuring minimal disruption during disaster recovery scenarios.
  • Improved incident response times by establishing a cross-functional team dedicated to addressing IT risks promptly.
  • Optimized vulnerability scanning tools for more accurate detection of potential security breaches, resulting in improved response times.
  • Updated IT governance framework regularly to address evolving organizational needs and industry best practices effectively.
  • Maintained an up-to-date knowledge base of relevant threat intelligence, sharing insights with colleagues to inform decision-making processes.
  • Contributed to reducing human error-related incidents by creating targeted awareness campaigns focusing on safe computing habits among employees.
  • Developed plans to safeguard computer files against modification, destruction, or disclosure.
  • Conducted security audits to identify vulnerabilities.
  • Evaluated third-party vendor risks, providing recommendations to minimize possible negative impacts on company operations.
  • Reduced potential vulnerabilities through regular security audits and software updates.

Education

Master of Science - Information Technology

Wilmington University
01.2018

Skills

  • Vulnerability Assessment
  • Endpoint Security
  • Threat Intelligence
  • Security policy development
  • Security Awareness Training
  • Identity and Access Management
  • Firewall Management
  • Incident Response
  • Disaster Recovery
  • Excellent Communication
  • Server Management
  • Bash Scripting
  • Project Management
  • DHCP Administration
  • Patch management
  • Network Administration
  • Social Engineering
  • Linux Operating System

Certification

  • CISSP - Certified Information System Security Professional
  • CompTIA Security Plus
  • PMP - Project Management Professional

Timeline

Security Analyst - PCI Security

APEX SYSTEMS
11.2023 - Current

Cybersecurity GRC Analyst

PALOMAR HEALTH
02.2023 - 11.2023

PCI DSS Specialist

ERETMIS INC.
11.2021 - 07.2023

IT Compliance Analyst

WELLSTAR KENNESTONE HOSPITAL
09.2019 - 10.2020

IT Risk Analyst

PEACE CARE ST JOSEPH
06.2016 - 09.2019

Master of Science - Information Technology

Wilmington University

Similar Profiles

CREATE PROFILE
GEORGE AWA