Lindsey Mitros

• Played a key role in proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies for effective security management
• Maintain system authorization by following the NIST RMF and Authority to Operate (ATO) security and privacy controls throughout the Target Life Cycle (TLC) to ensure continuous compliance
• Support onboarding system applications to Platform as a Service (PaaS) and cloud platforms to leverage automation of ATO and robust control inheritance for enhanced security
• Evaluate security solutions to ensure they comply with security requirements for processing classified information, protecting sensitive data, and maintaining confidentiality
• Conduct vulnerability/risk assessment analysis to support certification and accreditation processes and ensure security controls are up to date
• Manage changes to the system and assess the security impact of those changes to ensure the security posture remains effective
• Report and manage IT Security and Privacy incidents following RMF and federal policies to minimize risks and improve security
• Deliver training sessions for new ISSOs to enhance their understanding of security policies, procedures, and best practices

• Member of the Cyber Planning & Risk Analysis team building analytics on the Firm’s critical assets to detect malware, insider threat fraudulent activities, patching against vulnerabilities, and modifying controls
• Investigate and research a threat’s tactics, techniques, and procedures (MITRE framework)
• Ensured compliance with applicable laws, regulations, policies, and procedures throughout the life cycle of each project.
• Identified risks associated with each project and developed strategies for mitigating those risks.
• Presented findings from data analysis in a clear, concise manner that was easily understood by stakeholders at all levels of the organization.
• Collaborate with the machine learning research team to detect Cyber and Fraud anomalies to develop
• Created YAML based Sigma rules that can identify unusual, malicious or problematic activities while examining log files.

• Manage the Firm’s Operations Information Security Program involving the entitlements risk management (Identity and Access Management), Information Security, and Incident Management related programs, processes, and policies
• Ensure the effectiveness of our internal controls and processes with continuous monitoring with a particular emphasis on ISO 27001 and FinTech RMFs.
• Conduct various thematic Risk Analysis on root causes from various types of incidents and identify lessons learned to mitigate risk
• Monitor and report on key Field information security metrics to identify patterns, trends, and areas where increased supervisory controls are warranted
• Collaborate and work with internal/external audits assessing risks and ensuring mitigations are in place with new controls
• Partner with key stakeholders to analyze Information Security processes and identify opportunities for development and delivery of focused training
• Conducted risk assessments to identify and evaluate potential threats to the organization's operations, personnel, assets and reputation.
• Reviewed existing policies and procedures related to risk management and recommended changes where necessary.
• Facilitated meetings between stakeholders to discuss risk-related issues, develop action plans and track progress towards goals set out in the Risk Management Plan.
• Conduct training sessions on best practices in the areas of Phishing, Social Engineering, and Malware.

• Execute entitlement certifications using SailPoint IdentityIQ on federal audited (SOC1 and SOX) applications and corporate identified high-risk applications loaded into the tool
• Collaborate with business sectors to determine risk and problems/issues associated with identity and access management for their specific sector
• Cooperate with Senior Information Risk Officers to implement policies and processes to mitigate these risk and problems/issues
• Manage the Risk and Control Self-Assessments (RCSAs) required by Risk Managers to ensure all controls and procedures are within compliance with corporate standard and federal regulations
• Perform daily monitoring task based on company policies revolving around identity and access management of employees, contractors, vendors, and clients

• Develop and implement governance process and procedures in accordance with corporate policies and federal regulations
• Handle internal and external audit inquires involving user and application access certification and governance processes
• Create and update user guides and training to ensure clients have accurate and informative guidance on all processes

• Responsible examining and executing client and internal instructions
• Communicate daily with custodians, portfolio managers, and operational personnel
• Responsible for resolution of issues and related inquiries within established timeframes
• Local “Spotlight” Award 2013 Recipient
• Provide professional support to Investment Managers and clients through timely and accurate processing of trade instructions for various transactions including global and domestic securities, foreign exchanges, incoming and outgoing wire transfers, and currency movements
• Accountable to recognize and escalate any potentially fraudulent activities

• Managed over 12 print-on-demand, variable products, and inventory management storefront sites for mid to large-sized Fortune 500 companies
• Provide solutions and cost-saving methods associated with customers to manage and distribute their marketing materials
• Managing, processing, and manipulating address data for our mailing services at our digital press center
• File prep and merge data with our digital jobs using custom-programmed Visual Basic applications
• Assist in testing development with the programmer for continuous improvement of our data services using Visual Basic

• Completed 3-month rotations in printing management, fulfillment, data analysis, accounting, bindery, quality control, prepress, customer service, estimating, purchasing, and sales support for one of the nation's leading commercial printers
• Recruiter at career fairs and conduct interviews with college grads as candidates in the program
• Created content for various learning materials including manuals, handouts and presentations.