Eve Gorrell

• Developed a light weight cybersecurity program for small business tax professionals seeking to implement the IRS mandated Written Information Security Plan (WISP).
• Built a website with membership tiers for tax professionals. This included creating website content, writing blog content, and SEO generation.
• Created the necessary components for the IRS WISP: Information Security Policies, Security Incident Response Process, Roles & Responsibilities tracking, an Asset and Inventory Management tool, a Risk Assessment & Compliance Roadmap tool, Security Incident Response Log, and Online training courses. All of these components were designed to work together as a comprehensive cybersecurity program for small business tax professionals.
• Implemented a document management system and review process.

As an independent consultant, I delivered specialized technical writing and cybersecurity business analysis services. I focused on crafting clear and concise documentation communicating intricate technical details to diverse audiences effectively. Within this role, I conducted in-depth analyses of cybersecurity practices and procedures, identified process gaps and devised strategic enhancements to fortify overall security posture. I guided clients in managing risk, advanced their business maturity, and ensured ongoing compliance by undertaking the following key responsibilities:

• Developed and implemented Information Security Policies and Standards.
• Created and implemented industry-standard Cybersecurity processes, procedures, and SOPs for the following: Incident Response, Vendor Management, Asset and Inventory Management, Security Awareness training, and Change Management.
• Performed gap analysis on existing procedures and provided recommendations for developing and implementing new processes and procedures.
• Developed and maintained document management systems that include standardized templates, document libraries, version control, and release processes and procedures.
• Proved successful working within tight deadlines and a fast-paced environment.
• 
  

Enhanced technical writing and cybersecurity business security analysis services by delivering clear and concise documentation to effectively communicate complex technical information across a broad audience. While contracted with Hunt Companies, Texas Mutual, and TradeZero, I accomplished the following:

• Lead and executed a comprehensive Security Awareness program, covering curriculum development, annual security training deployment, vendor assessment and management, Created a Security Ambassador program. Took over an unsuccessful Security Awareness program and successfully deployed and completed Annual Security Awareness training. Implemented Phishing training program that increased employee phishing awareness and reduced malware attacks via email and social engineering by 85%.
• Developed policies and procedures (SOPs) for a range of Security services, including Security Incident Response, Vulnerability Management, Security Awareness, Governance, Asset Management, Perimeter Control, Vendor Risk, and Escalation. Gathered metrics based on these policies and procedures that allowed for continuous process improved across the organization.
• Created and implemented Escalation processes and procedures.
• Established metrics for the Security Awareness program to measure effectiveness.
• Collaborated with Sr. Security Analyst on operational tasks related to vulnerability management, incident response, investigations, and policy and device configuration research, aligning with ISO and NIST standards and compliance.
• Designed and implemented Smartsheet dashboards for help desk integrations, which increased the availability of help documentation and decreased time help desk personel were on calls with clients.
• Collaborated with project management to develop internal Information Security processes and procedures, ensuring timely delivery of release deliverables through Agile methodologies.

As an independent consultant, I provided technical writing and business analysis services.

• Collaborated with clients to create documentation and instructional materials that effectively communicated technical information.
• Conducted business analysis to identify process improvements and develop solutions to optimize efficiency and productivity.
• Provided basic website develop services and content creation
• Coordinated with subject matter experts to ensure the accuracy of technical content in documentation projects.
• Maintained consistency across company documents by adhering to established style guidelines and templates.
• Enhanced user experience by simplifying complex technical concepts into easy-to-understand documentation.

• Researched, developed, and implemented Policies and SOPs in adherence to ISO standards.
• Generated comprehensive security design assessments.
• Tested security software, recommended, and implemented software solutions based on requirements.
• Facilitated the translation of requirements between engineers and business users across international teams.
• Managed projects concurrently across multiple groups.

• Established and documented processes and procedures.
• Conducted team training sessions.
• Researched, developed, and edited various end-user books utilizing FrameMaker 5.5 and Structured FrameMaker 7.0.
• Managed, tested, and developed new software installation procedures for the Structured FrameMaker conversion project.
• Assisted in addressing change management issues within the conversion project, including testing and implementing solutions to resolve team concerns.
• Coordinated with subject matter experts to ensure the accuracy of technical content in documentation projects.
• Enhanced user experience by simplifying complex technical concepts into easy-to-understand documentation.
• Developed detailed technical documents and user guides for technical products.
• Edited and proofread technical documents for accuracy and consistency.
• Created comprehensive release notes detailing new features, bug fixes, and known issues for each software update cycle.
• Maintained consistency across company documents by adhering to established style guidelines and templates.
• Managed version control and timely updates of documents through effective project tracking and organization skills.
• Collaborated with cross-functional teams to gather information for accurate and comprehensive documentation.