Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Nadimee Nembetwa

Raleigh ,NC

Summary

A professional with over 8 years of extensive experience in governance, compliance, consulting, risk management, security assessment, and authorization. Skilled in developing policies, business continuity planning, ongoing monitoring, third-party risk management, and conducting interviews with stakeholders and potential third-party security/risk analysts, focusing on compliance and risk management issues. Possesses excellent written communication and documentation abilities. Proficient in information systems, security risk assessment, and testing security controls based on various standards including SOC 2, ISO 27001:2013, SOX, FISMA, HIPAA, GDPR, NIST 800.53, PCI DSS, and third-party risk management. Demonstrates a steadfast commitment to teamwork and service. Independently handles CIO monthly reports, issue management, drafting executive summaries post-risk assessment, and escalating matters to higher management.

Overview

11
11
years of professional experience
1
1
Certification

Work History

Third Party Risk Analyst

JP Morgan
03.2022 - Current
  • Implemented procedures for monitoring and controlling operational risks.
  • Conduct risk assessment on vendors from end to end and document as necessary.
  • Review and validate all controls at the vendor site to ensure data confidentiality
  • Ensure third party relationship adhere to company's policies procedures and compliant with regulatory guidelines and industry best practices.
  • Facilitate remediation for any third-party related operational issues as needed.
  • Used Excel pivot tables, charts and reports to break down and analyze information.
  • Developed risk management strategies to mitigate financial losses.
  • Documented and reported on key risks and recommended mitigation strategies.

Third Party Risk Assessor

Allora Consulting
01.2019 - 02.2022
  • Created reports summarizing assessment and findings for review by stakeholders.
  • Ensured compliance with applicable laws, regulations, standards, guidelines and ethical principles governing assessments.
  • Act as a remediation analyst to work with vendors in remediating findings discovered during assessments.
  • Administer assessment questionnaires to our vendors.
  • perform continuous monitoring by assessing tools during onsite visits to validate the security questionnaires filled out by the vendors to ensure the protection of data at the vendors site.
  • Advised management of potential risks associated with assessment results and recommended strategies for mitigating them.
  • Conducted assessments and interviews with clients to determine eligibility for services.

Compliance Analyst

IKEA
03.2016 - 12.2018
  • Reviewed and monitored compliance with applicable laws, regulations, and policies to ensure compliance with regulatory requirements.
  • Ensures effective identification and implementation of controls to manage operational, financial, and compliance risks.
  • Provided guidance on legal issues related to products or services offered by the company.
  • Coordinated with internal stakeholders to ensure adherence to relevant rules and regulations.
  • Assisted in drafting contracts and agreements in accordance with applicable laws and regulations.
  • Assisting in the preparation and presentation of new employee and ongoing compliance training.
  • Monitoring firm emails, employees’ personal securities transactions, and other potential conflicts of interest for compliance with the firm’s Code of Ethics.
  • Ensure timely completion of risk and control self-assessment review and risk and control mapping for change management and regulatory change management activities. Monitors the risk and control environment for weaknesses and coordinates with business partners to identify solutions to improve the effectiveness and efficiency of controls.

IT Specialist

CISCO Systems
06.2013 - 01.2016
  • Assisted in the implementation of new technologies and systems to improve efficiency.
  • Provided guidance and answers to customers calling in requesting assistance installation, operation, and troubleshooting by providing resolutions for technical or service-related issues.
  • Responded to client inquiries concerning systems operation and computer system hardware,software, and operator problems both domestically and internationally.
  • Recommended or performed remedial actions to correct problems.
  • Provided updates, status, and completion information to manager, problem request tracking system, and/or users, via voice mail, e-mail, or in-person communication.
  • Assist in interpreting new or revised command policies and objectives to determine their impact on current systems and plans.
  • Document IT processes, workflows, and produce system documentation as needed.
  • Act as a point of contact for Incidents and Service Requests for end-users

Education

Bachelor of Science - Computer And Information Systems

ECPI University

Skills

  • Microsoft Excel
  • Windows 95/98/2000/XP/XP Pro/NT
  • Microsoft Azure
  • Goal Setting
  • Technical Writing
  • HIPAA Compliance
  • Compliance Management
  • Firewall Management
  • Network Security
  • Cybersecurity frameworks

Certification

  • Certified Authorized professional (CAP)
  • Certified information System Auditor (CISA)

Timeline

Third Party Risk Analyst

JP Morgan
03.2022 - Current

Third Party Risk Assessor

Allora Consulting
01.2019 - 02.2022

Compliance Analyst

IKEA
03.2016 - 12.2018

IT Specialist

CISCO Systems
06.2013 - 01.2016

Bachelor of Science - Computer And Information Systems

ECPI University

Similar Profiles

CREATE PROFILE
Nadimee Nembetwa