Morgan Moore
Madison Heights
Summary
Information risk and compliance analyst with experience in conducting audits, performing risk assessments, and managing third-party vendor risk. Expertise in implementing ISO 27001, NIST, and GDPR frameworks to enhance compliance and governance. Proven ability to reduce organizational risk through effective risk management strategies.
Overview
5
5
years of professional experience
Work History
Third Party Risk Specialist
Connexus Credit Union
Wausau
10.2025 - Current
- Executed Third-Party Risk Management program, ensuring vendor compliance with regulatory, security, and compliance requirements.
- Manage the full vendor lifecycle, including onboarding, risk tiering, due diligence, ongoing monitoring, and offboarding.
- Conduct vendor risk assessments by reviewing security documentation (SOC reports, policies, insurance, BC/DR, etc).
- Partner with relationship managers and business stakeholders to gather required documentation and drive due diligence completion.
- Monitored vendor performance and risk posture, escalating issues and tracking remediation to ensure timely resolution.
- Contributed to development and improvement of TPRM processes, workflows, and documentation standards to enhance program effectiveness.
Information Risk and Compliance Analyst
Dinsmore & Shohl
Cincinnati
02.2025 - 09.2025
- Managed daily operations of Vendor Risk Management Program, ensuring compliance with regulatory, contractual, and cybersecurity requirements.
- Oversaw the full vendor lifecycle, including onboarding, risk assessments, contract review, ongoing monitoring and termination, to align with organizational risk and compliance goals.
- Collaborated with stakeholders to align Governance, Risk, and Compliance initiatives with organizational risk goals, strengthening security operations.
- Proposed enhancements to GRC processes and tools, improving risk oversight and streamlining security operations.
- Supported cyber resilience efforts by contributing to incident response processes and business continuity planning, ensuring timely detection and mitigation of security events.
Information Risk and Compliance Analyst
Robert Bosch
Farmington Hills
10.2021 - 02.2025
- Utilized strategic and analytical skills to lead ISP-related projects, conduct comprehensive risk assessments, identify vulnerabilities, and support incident analysis efforts, ensuring customer requirements were securely implemented while mitigating risks and maintaining compliance.
- Conducted detailed risk assessments and investigations to identify security vulnerabilities, recommending actionable remediation strategies to strengthen the information security framework.
- Ensured compliance with GDPR and other data privacy regulations by performing privacy impact assessments and aligning information security practices with legal requirements.
- Supported ISO audits and reporting, ensuring adherence to ISO 27001 standards and driving continuous improvement of Information Security Management System.
- Developed and delivered training programs to promote best practices in data protection and incident response, raising cybersecurity awareness across the organization.
- Built stakeholder relationships to address ISP-related issues, enhancing security posture and fostering customer trust.
- Acted as the primary point of contact for assigned business units on information security, privacy, and compliance matters, integrating security operations with risk management strategies.
Education
Bachelor of Arts & Science - Cyber Defense and Information Assurance
Tiffin University
Tiffin, Ohio01-2020
Timeline
Third Party Risk Specialist
Connexus Credit Union
10.2025 - Current
Information Risk and Compliance Analyst
Dinsmore & Shohl
02.2025 - 09.2025
Information Risk and Compliance Analyst
Robert Bosch
10.2021 - 02.2025
Bachelor of Arts & Science - Cyber Defense and Information Assurance
Tiffin University