PAUL ZAH
Security Analyst
Somerset,NJ
Summary
Cybersecurity and Information Security Analyst with expertise in RMF processes, Vulnerability Management, threat monitoring, and security policy enforcement. Proven ability to conduct comprehensive risk assessments, implement security protocols, and lead cross-departmental initiatives to strengthen organizational security.
Overview
2025
2025
years of professional experience
3
3
Certificates
3
3
years of post-secondary education
Work History
Security Analyst
Amazon
Somerset , NJ
8 2022 - Current
- Identified 20+ critical issues through vulnerability assessments, achieving a 30% reduction in security risks using SIEM tools like Splunk
- Improved remediation efficiency by 35% through timely scans and management of Qualys and Nessus systems
- Strengthened compliance with GDPR and NIST standards by 25% through developing and enforcing data protection policies
- Enhanced security culture by collaborating with 10+ cross-functional teams, driving awareness and adherence to compliance standards
- Collaborated with IT teams to develop comprehensive cybersecurity strategies, reducing risks from external attacks.
- Assisted in the successful completion of security audits, resulting in a boost of client trust and confidence.
Third-Party IT Risk Assessor
Advanced Auto Parts
Dayton, NJ
01.2020 - 01.2022
- Recommended 15+ corrective actions in technical reports, expediting vulnerability resolutions and reducing risk exposure
- Managed vulnerability processes across 100+ systems using Qualys and Nessus, ensuring comprehensive security coverage
- Assessed third-party security controls with NIST standards, escalating 20+ high-risk issues, which boosted vendor compliance by 25%
- Improved IT compliance by maintaining up-to-date knowledge of 5 regulatory requirements as a subject-matter expert
- Increased security efficacy by coordinating 20 internal resources and third parties for activities execution
- Managed workload effectively by prioritizing tasks according to deadlines while maintaining attention to detail in all aspects of the assessment process.
- Achieved high levels of compliance through regular audits of exemption applications and adherence to established guidelines for qualification determination.
Information Security Analyst
Amazon
Somerset, NJ
01.2019 - 01.2020
- Achieved compliance with industry standards by developing and tracking 15 key security metrics for risk management
- Launched risk programs, overseeing assessments for 5 corporate departments and developing 10 strategic risk treatment plans
- Conducted 300+ security control assessments, ensuring alignment with 3 regulatory standards across the organization
- Elevated risk assessment quality by producing 50+ technical reports with actionable insights for senior management
- Conducted internal audits to identify areas of improvement within the organization's information security program.
- Boosted cybersecurity awareness among employees through effective training sessions and workshops.
Jr. Security Analyst
SoftAfrique
Woodbridge, NJ
01.2016 - 01.2017
- Maintained a 95% compliance rate by efficiently managing POA&M processes for vulnerability resolution
- Documented findings from 50+ vulnerability assessments with Nessus and Qualys, enabling timely remediation efforts
- Supported risk mitigation for 20+ projects by reviewing and assessing key security documentation
- Successfully evaluated 30+ Security Plans, resulting in enhanced risk management strategies
- Conducted 15 Security Assessment Plans, resulting in a significant reduction of vulnerabilities
- Assisted in the development of information security policies, procedures, and standards to maintain compliance with regulations and industry best practices.
- Identified risks in application code through static and dynamic analysis tools, ensuring secure software development practices were followed.
Education
Associate in Applied Science - Computer Specialist - Network Technology
Lehigh Carbon Community College
Schnecksville, PA 04.2022 - Current
Skills
Policy Development
Certification
CompTIA Security+
Timeline
Associate in Applied Science - Computer Specialist - Network Technology
Lehigh Carbon Community College
04.2022 - Current
Third-Party IT Risk Assessor
Advanced Auto Parts
01.2020 - 01.2022
Information Security Analyst
Amazon
01.2019 - 01.2020
Jr. Security Analyst
SoftAfrique
01.2016 - 01.2017
Security Analyst
Amazon
8 2022 - Current
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Quote
The price of anything is the amount of life you exchange for it.
Henry David Thoreau
Similar Profiles
Ruben Frausto JrRuben Frausto Jr
Maintenance Technician III at AmazonMaintenance Technician III at Amazon
Sreeram TRSreeram TR
Catalog Manager at AmazonCatalog Manager at Amazon
Yashvvi JangidYashvvi Jangid
Senior Risk Analyst at AmazonSenior Risk Analyst at Amazon
Vivian MaxwellVivian Maxwell
Associate at AmazonAssociate at Amazon
Reanna MohabirReanna Mohabir
Student Volunteer at Franklin High SchoolStudent Volunteer at Franklin High School