NKEGOAH BLESS
Glendale,MD
Summary
Detail-oriented team player with strong organizational skills. Ability to handle multiple projects simultaneously with a high degree of accuracy. Hardworking and passionate job seeker with strong organizational skills eager to secure entry-level risk Analyst position. Ready to help team achieve company goals. To seek and maintain full-time position that offers professional challenges utilizing interpersonal skills, excellent time management and problem-solving skills. Hardworking and passionate job seeker with strong organizational skills eager to secure entry-level [Job Title] position. Ready to help team achieve company goals. Organized and dependable candidate successful at managing multiple priorities with a positive attitude. Willingness to take on added responsibilities to meet team goals.
Overview
7
7
years of professional experience
Work History
Privacy Risk Analyst
Navy Federal Credit Union
07.2022 - Current
- Identify and drive process improvements for third party privacy risk assessments and data transfer authorizations conducted data mapping and classification exercises to identify sensitive information within company's systems.
- Developed and implemented data privacy policies and procedures in accordance with GDPR and CCPA regulations.
- Provided training to employees on data privacy policies and procedures.
- Work with vendors to discuss appropriate remediation actions and deadlines for all identified gaps.
- Work with legal, financial and procurement team in reviewing vendor’s contracts and making sure necessary security clauses are included within contract.
- Engage with Procurement, Risk Partners and Supplier Managers to develop criteria for monitoring suppliers' risk and performance effectiveness.
- Provides visibility into current compliance status through timely tracking, trending, and escalation of issues.
- Manages and communicates key compliance milestones for critical systems and complex processes.
- Demonstrated respect, friendliness and willingness to help wherever needed
- Passionate about learning and committed to continual improvement
- Proven ability to learn quickly and adapt to new situations
- Self-motivated, with a strong sense of personal responsibility
Vendor Risk Analyst
MBA TECH
01.2018 - 11.2018
- Create Vendor Risk Assessment Report and escalate issues when necessary.
- Drive security best practices and ensure both regulatory and compliance requirements are met (PCI, SOX, HIPAA, ISO27001 EU GDPR, NIST 800-53, NIST 800-171, NIST CFS, Privacy and HITRUST).
- Review SOC 2 Reports, SIG Core, and SIG Lite and gather evidence to complete vendor security assessment.
- Work with legal, business, and procurement team to conduct properly due diligence in order to determine right vendor for onboarding.
- Work with legal, financial and procurement team in reviewing vendor’s contracts and making sure necessary security clauses are included within contract.
- Analyze vendor’s processes to determine deficiencies within their controls that could violate applicable law, regulation, framework or internal policies and procedures.
- Identify gaps and create risk treatment plan/corrective action plan to track gap remediation process as well as providing recommendations and working with vendors to make sure risks are being remediated in timely manner.
- Training new employees on Vendor Risk Assessment best practice.
- Conducted risk assessments and identified potential risks to company's data and collaborated with cross-functional teams to ensure compliance with data privacy regulations.
- Identifies problems and professionally presents findings, recommends mitigations via new technology, alternative compensating controls, enhanced processes, or policy modifications to improve overall security posture.
- Used critical thinking to break down problems, evaluate solutions and make decisions
- Developed and maintained courteous and effective working relationships.
Compliant/GRC Analyst
Speedway LLC
02.2016 - 01.2018
- Assisted in development, review, and maintenance of internal organization policies and procedures in accordance with applicable regulations such as ISO 27001, NIST 800- 53 Framework Controls, HIPAA and PCI DSS.
- Implement Information Technology General Control (ITGC) within our GRC Archer tool for new Applications.
- Worked as liaison between my organization and external auditors by gathering and providing auditors with security evidence.
- Coordinate and manage Third Party risk assessments on set schedules and ensure appropriate remediation activities.
- Updated incidence response plan and developed new incident response tabletop exercise.
- Review vulnerability scan report and work with engineers to develop and track remediation plan.
- Identifies problems and professionally presents findings, recommends mitigations via new technology, alternative compensating controls, enhanced processes, or policy modifications to improve overall security posture.
- Works effectively as member of GRC Team to Track compliance metrics and generate quarterly reporting.
- Collecting audit evidence for internal or external auditors to Manage scheduled meetings and ensure remediation timeline is up to date before audit closure.
- Identify and evaluate risk exposures and determine effectiveness and efficiency of controls and visibility into current compliance status through timely tracking, trending, and escalation of issues.
- Organized and detail-oriented with a strong work ethic.
- Passionate about learning and committed to continual improvement.
- Worked flexible hours across night, weekend and holiday shifts.
- Cultivated interpersonal skills by building positive relationships with others.
Education
Certified Information systems Manager (CISM) -
ISACA
2023
Certified Information Systems Auditor (CISA) -
ISACA
2021
CompTIA Security -
ComPTIA
2021
Bachelors - computer science
University of Buea
Buea Cameroon 2013
Skills
- Experience in standards, frameworks and regulations, such as ISO 27001, EU GDPR, NIST 800-53, NIST 800-171, NIST CFS, HIPAA and HITRUST
- Experience in conducting and/or participating in IT audits
- Experience completing or managing projects, tasks and deliverables with minimal supervisory oversight
- Strong communication skills with proven ability to drive solutions across all organizational
- Microsoft Office (Word, PowerPoint, Excel, Outlook, OneNote), GRC Archer, Security ScoreCard
- Excellent organizational skills with ability to multi-task, plan and prioritize in a high-volume environment with competing demand
- Team Player, devoted, Hardworking, Good Verbal and Written Techniques, punctual, Goal Driven, Reliable and striving under pressure
Timeline
Privacy Risk Analyst
Navy Federal Credit Union
07.2022 - Current
Vendor Risk Analyst
MBA TECH
01.2018 - 11.2018
Compliant/GRC Analyst
Speedway LLC
02.2016 - 01.2018
Certified Information systems Manager (CISM) -
ISACA
Certified Information Systems Auditor (CISA) -
ISACA
CompTIA Security -
ComPTIA
Bachelors - computer science
University of Buea
Similar Profiles
Kimberly BekieszKimberly Bekiesz
Member Service Representative III at Navy Federal Credit UnionMember Service Representative III at Navy Federal Credit Union
GENEVA CASTANEDAGENEVA CASTANEDA
Member Service Representative III - MLO at Navy Federal Credit UnionMember Service Representative III - MLO at Navy Federal Credit Union
LeAnda BarberLeAnda Barber
MSR Mentor/ Member Service Representative at Navy Federal Credit UnionMSR Mentor/ Member Service Representative at Navy Federal Credit Union
David WhitleyDavid Whitley
Fraud MSR II at Navy Federal Credit UnionFraud MSR II at Navy Federal Credit Union
Shawn MorrisShawn Morris
Leadman at Concrete Pipe & PrecastLeadman at Concrete Pipe & Precast