Hagop Atoyan
Palmetto,FL.
Summary
Over 25 years of experience in various Industries. Wheelhouse includes, Governance, Risk, Compliance, Control/Risk/3rd Party Assessments, Access Control, Business Continuity, Disaster Recovery, Telecommunications, Healthcare & Audit.
Analytical, articulate and persistent with outstanding interpersonal, organizational, communication and presentation skills Highly skilled in GRC metrics analysis and reporting Experienced in Metrics analysis, Forecast Modelling, Process-flow, Swim-lane, Flowchart design and delivery Volunteer – WaterFire Providence, Coaching, Veteran Services OVERVIEW OF SKILLS INDUSTRY EXPERIENCE DoD, Utilities, Manufacturing, Retail Services, Healthcare, Financial Services & Banking.
Overview
21
21
years of professional experience
Work History
Cybersecurity Assessments Specialist
JPM Chase
05.2022 - Current
- Currently Performing Risk & Compliance assessments
- Identified & helped resolve Findings and Response Management (FARM) risks against assets using (JIRA)
- Interfaced with LOBs and ISMs & provided guidance/assistance with risk mitigation on vulnerability findings
- Provided awareness & education through forums, specialized FAQ meetings and Office Hours
- Passionate about learning and committed to continual improvement
- Proved successful working within tight deadlines and fast-paced environment
- Organized and detail-oriented with strong work ethic
AVP Operational Risk Sr. Analyst
Citigroup
08.2020 - 05.2022
- Performed Cross Border & Data Privacy GRC metrics analysis on Data Clearance initiatives
- Monitored & Reported KPI metrics to various cross-functional teams
- Chaired monthly briefings with management on Cross Border Performance scorecard and project metrics
- Re-designed process workflow documents to increase efficiency and productivity
Sr. Compliance Analyst
CVS HEALTH
08.2015 - 06.2020
- Retail & Enterprise Corporate Systems Compliance Analyst
- Performed Secure Code analysis (Veracode, Qualys) on application pen test results
- Delivered flaw & vulnerability reports to release management & stakeholders
- Audited InfoSec Policy Standards vs Risk Assessment procedures to ensure compliance
- Created Risk Observations for Policy Attestations in Archer
- Managed Retail BC coordinators across IT Retail Organization
- Performed annual Business Impact Assessment (BIA) and BC plan updates across Enterprise IT
- Brokered table-top exercises & conducted semi-annual Call Tree exercises
- Managed over 150 DR Plans in BCiTC (Business Continuity in The Cloud)
- Provided GRC on retail asset application on-boarding process into Enterprise Asset Inventory System (HP uCMDB
Sr. Information Security Analyst - Consultant
SQA
09.2014 - 08.2015
- On extended assignment (CVS Health) Compliance team for multi-phased project leading to Full Time Employment
- Performed Vulnerability Assessment Survey analysis, Findings Registrations & Policy Attestations (Archer)
- Partnered with 30+ Stakeholders and SMEs to identify and mitigate remediation gaps
- Streamlined Security Requirements Document Processes (Application/Infrastructure risk assessment)
- Performed Periodic Access Reviews (Identity & Access Management) on Pharmacy Systems Applications
- Disaster Recovery (DR) governance liaison ensuring DR Plan Compliance with DR Policy Standards
Information Security Analyst
RBS Citizens
04.2011 - 09.2014
- Managed Information Security Vulnerability and Business Impact Assessment and Policy Gap Analysis programs
- Audited Policy, Standards & Process Documentation for GLBA, SOX, and PCI requirements & Regulatory Compliance
- Collected & Organized evidentiary documentation in preparation for external regulatory audits (FDIC, OCC)
- Business application owner for automated records inventory and data transfer repository tools
- Methodology owner - overall Corporate Security & Resilience Risk Assessment capability
- On-boarded new applications in compliance with HIPAA, PCI and GLBA standards for security
- Developed company-wide risk assessment schedule for entire calendar year
- Authored process flow documents for Recovery Point Objective project, Breakdown and analysis of Information Security Business Impact Assessments. Designed & developed enhanced self-assessment tools in Process Unity
- Modified & published Penetration Testing standardization process flow document
- Coordinated and scheduled Penetration Tests on RBS Citizens and vendor hosted Internet facing applications
- Business Continuity Coordinator for Information Security Group, including Third Party Assurance
- Conducted personal and professional development training classes
VP Sr. Auditor
HealthCare Analytics
06.2002 - 04.2011
- Performed high level and detailed statistical analysis reporting (pro-forma, break-even, cost/benefit)
- Conducted On-Site and Off-Site claims audits from extract files using custom stratified random samples (statistical)
- Analyzed systemic vs Ad-Hoc errors and computation of sample errors to population
- Analysis of Policy & Regulatory requirements, including Frameworks and Standards
Education
Bachelor of Science - Computer Information Systems
Rhode Island College
Providence, RI01.1990
No Degree - Aeronautical Science, Aviation Management Technology
Embry Riddle Aeronautical University
Daytona Beach, FL1985
Skills
- APPLICATION FRAMEWORK
- Archer, PACS, Clarify, MS SharePoint, Office, Process Unity, LDRPS, BCiTC, everBridge
- COMPLIANCE ISO 9000, 27001, 27002, 27005-2011, COSO, COBIT, GLBA, SOX, HIPAA, RESPA, PCI-DSS
- CERTIFICATION QES-TQM, Senn Delaney, Certified in Cyber Security (ISC2)
- MEMBERSHIP ISC2, ISACA, DRI International, Toastmasters International
Languages
Arabic
Limited Working
Armenian
Native or Bilingual
French
Limited Working
Timeline
Cybersecurity Assessments Specialist
JPM Chase
05.2022 - Current
AVP Operational Risk Sr. Analyst
Citigroup
08.2020 - 05.2022
Sr. Compliance Analyst
CVS HEALTH
08.2015 - 06.2020
Sr. Information Security Analyst - Consultant
SQA
09.2014 - 08.2015
Information Security Analyst
RBS Citizens
04.2011 - 09.2014
VP Sr. Auditor
HealthCare Analytics
06.2002 - 04.2011
Bachelor of Science - Computer Information Systems
Rhode Island College
No Degree - Aeronautical Science, Aviation Management Technology
Embry Riddle Aeronautical University
Similar Profiles
Josiah CasillasJosiah Casillas
Account Specialist II at JPM ChaseAccount Specialist II at JPM Chase
Misty BeaversMisty Beavers
Associate Data Analyst at JPM ChaseAssociate Data Analyst at JPM Chase
Karl CordovaKarl Cordova
Travel Advisor at JPM ChaseTravel Advisor at JPM Chase
Sai Vivek ViswanadhaSai Vivek Viswanadha
Sr. Salesforce Developer at JPM ChaseSr. Salesforce Developer at JPM Chase
Hannah rudolphHannah rudolph
Study Student Worker at Federal WorkStudy Student Worker at Federal Work