Reading, watching investigative movies, soccer
Michael Abane
Houston,US
Summary
Information security professional with more than 3 years of progressive experience in the cybersecurity industry. Demonstrated skill in identifying business risks and compliance issues and designing proactive solutions. Proficient in documents and policy writing with a background in designing and implementing layered network security approaches. Hands-on experience in third-party risk management, risk assessment, and technical problem-solving. Experienced in various compliances and regulations processes like NIST, CIS, PCI-DSS, GDPR. Conceptual thinker with the ability to work independently and as a team member to successfully achieve project goals and objectives. Proficient in identity, and access management, monitoring and event management, governance and compliance, vulnerability assessment and penetration testing, security monitoring and response.
Overview
5
5
years of professional experience
2
2
Certification
Work History
GRC Analyst
Bank of America
03.2022 - Current
- Prepared, executed, and reported on audit of subset of NIST SP 800-53 cybersecurity controls to include interview, document review, and testing of systems to support compliance audit activities.
- Knowledgeable on NIST Cybersecurity Framework and how the Identify, Protect, Detect, Respond, and Recover categories comprise and facilitate an information security program
- Developed concise, tailored cybersecurity awareness content, improving targeted end-user base cyber hygiene
- Developed Just-In-Time cybersecurity awareness content for emerging threats to reduce operational risk to tailored audiences
- Executed threat modeling exercise to determine higher likelihood threat events to inform cybersecurity risk modeling
- Developed Information Security policy to establish authorized access management and authenticator management for internal and third-party personnel.
- Ensured policy documents are aligned with business objectives, implementable by the organization, and practical for compliance by ensuring purpose, scope, authority, and policy statements incorporate operational perspective and constraints
- Planned, managed, and executed security measures to protect the information in computer systems, databases, cloud-hosted solutions, and transmissions against accidental or malicious damage, modification, or disclosure
- Conducted risk analysis for functional and technical areas relevant to information security
- Led the discovery, response, investigation and resolution of potential security threats
Cybersecurity Analyst
Mastercard
02.2019 - 02.2022
- Reviewed violations of computer security procedures and developed mitigation plans.
- Monitored computer virus reports to determine when to update virus protection systems.
- Reduced risk of cyber attacks by conducting regular vulnerability assessments and penetration testing.
- Conducted comprehensive security audits for identifying potential vulnerabilities, leading to strengthened defense mechanisms.
- Conducted cybersecurity awareness training sessions, increasing staff vigilance against phishing and social engineering attacks.
- Played key role in regulatory compliance projects, ensuring adherence to industry standards and legal requirements related to cybersecurity.
- Conducted regular security risk assessments, enabling proactive identification and mitigation of potential threats.
- Enhanced network security by implementing advanced threat detection and prevention systems.
Education
Master of Science - Information Technology
Eastern University
Wayne, PA08.2025
No Degree - GRC Analyst
Better Cyber Career
Remote10.2024
Skills
- Risk Management
- Regulatory Compliance
- Data Analysis
- Project Management
- Internal Auditing
- Incident Response
- Policy Development
- Communication Skills
- Cybersecurity
- Penetration testing
- Policy Creation
Certification
- C|EH (Certified ethical hacker)
- CompTia Security+ (in progress)
- Professional Scrum Master
Additional Information
Skills
GRC and Audit Control
GRC Tools: ServiceNow
Frameworks and Standards:
PCI DSS / ISO 27001 / CSA / NIST
CyberSecurity Tools
- Kali Linus
- Wireshack
- OpenVas
- Burpsuit
- Nessus
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Interests
Timeline
GRC Analyst
Bank of America
03.2022 - Current
Cybersecurity Analyst
Mastercard
02.2019 - 02.2022
Master of Science - Information Technology
Eastern University
No Degree - GRC Analyst
Better Cyber Career
- C|EH (Certified ethical hacker)
- CompTia Security+ (in progress)
Similar Profiles
Ty'Qwasia MahoneTy'Qwasia Mahone
Senior Client Advocate at Sykes Enterprises, Incorporated / Chase Bank / Bank of AmericaSenior Client Advocate at Sykes Enterprises, Incorporated / Chase Bank / Bank of America
Martha CalzadaMartha Calzada
Client Service Representative III at Bank Of AmericaClient Service Representative III at Bank Of America
Talina HernandezTalina Hernandez
VP; Academy Manager at Bank of AmericaVP; Academy Manager at Bank of America