Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Qiana Shauntee Thompson

McDonough,GA

Summary

Experienced in Information Technology Security Identity Access Management with a passion for driving organizations to new heights. Skilled in Enterprise Identity access, risk management, and governance. Eager to contribute to the growth of a forward-thinking company.

Overview

17
17
years of professional experience
1
1
Certification

Work History

IAM Cybersecurity Lead

Deluxe Corporation
09.2019 - Current
  • Lead & train IAM team of Analyst on enterprise wide platforms, Microsoft Active Directory Okta, CyberArk, Azure AD, SSO etc). Implementation of authentication protocols (e.g., SAML, OAuth, OpenID Connect). Maintained IAM solutions, including user provisioning, de-provisioning, access requests, and role-based access controls (RBAC). Administer identity lifecycle management processes, ensuring timely and accurate provisioning and de- provisioning of user accounts and access rights.
  • Configure and manage authentication mechanisms, such as singl e sign-on (SSO), multi-factor authentication (MFA), and federated identity management.
  • Lead offshore junior team members by providing technical guidance and mentorship of the OPs team daily tasks which allows them to demonstrate key daily operational procedures for IAM.
  • Conduct & lead regular access reviews and audits to ensure compliance with regulatory requirements and internal security policies for PCI-DSS, SOC1, SOC2, SOX, ensuring IAM activities, processes, and procedures meet defined requirements, policies, and regulation compliance standards.
  • Collaboratewith cross-functional teams to integrate IAM sol utions with enterprise applications, directories, and infrastructure components.
  • Evaluate business impact and risk exposure based on the l evel of access granted and make recommendations where improvements should be made.
  • Maintain understanding of business processes to aid in managing enterprise identity and access. Troubleshoot IAM-related issues, investigate root causes, and implement corrective actions to maintain system availability and integrity.
  • Develop and maintain documentation, procedures, and guidel ines rel ated to IAM operations and processes.
  • Stay informed about emerging IAM technologies, trends, and best practices, and make recommendations for continuous improvement.

Information CyberSecurity Analyst IAM

Common Spirit Health (CHI)
09.2015 - 09.2019
  • Responsible for Total Access governance (TAG), implementations of role based account creation, role based build, steady state support, governance access review, and policy creation. Identity access management, active directory, along with domain structures building out security policies and perform application/solution design and administration. Develop and train new user(s) training for TAGS, Develop and advance IT Security policies, standards and procedures in conjunction with the application and technology teams responsible for the day-to-day TAGS configuration and operation.
  • Perform assessments of current security technology and authentications systems and evaluate against HIPAA, Federal and State Information Protection and Privacy regulations, CHI Information Security Policies, and other relevant regulations pertaining to the protection of Enterprise information assets with respect to information security.
  • Participate in the development and advancement of CHI Information Security policies, standards and procedures in conjunction with the application and technology teams responsible for the day-to-day systems configuration and operation.
  • Perform the assessment and review of new and existing technology infrastructure to identify key risk areas.
  • Participate and sometimes lead the consultative process and advise personnel in IT departments to coordinate Information Security activities.
  • Support Regional Information Security Officers in Information Security activities as needed. Update skills as necessary to support CHI Information Security and remain knowledgeable of industry standards and advancements.

Information CyberSecurity Risk Analyst

Kentucky State Cabinet of Technology
09.2014 - 09.2015
  • Responsible for protecting sensitive data, information security policies, procedures, and services to protect the confidentiality, integrity, and availability of the information within the COT infrastructure. Also responsible for identifying security risks and recommending mitigation strategies while documenting risk factors and advising on vulnerability attacks from a variety of sources and procedures for protection of systems and applications, particularly those risks and vulnerabilities inherent to cloud based environments.
  • KEY ACCOMPLISHMENTS
  • Perform Risk & Compliance assessments of current security technology and authentications systems and evaluate against NIST 800-53 framework, HIPAA, Federal and State Information Protection and Privacy regulations, COT Information Security Policies, and other relevant regulations pertaining to the protection of Enterprise information assets with respect to information security.
  • Coordinates the development, implementation, and administration of Enterprise security policies, practices, standards and processes.
  • Assess and review current technology infrastructure to identify key risk areas, and ensure adequate levels of controls are in place to address those risks.
  • Implement suitable vulnerability and threat management in order to safeguard the information assets.
  • Support compliance efforts, including validation of security assessments and, test or assessment results, and assist management with the determination of the effectiveness of controls designed and operating in the internal control environment.
  • Perform hands-on support for a wide range of security technologies such as SIEM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensics.
  • Participate in security audits and data collection, analysis, and management for client assessments and client requests.
  • Perform security reviews for vendors, projects, and technical/ad hoc process implementations.
  • Represent Information Security with various organizational project teams, at management meetings and with external organizations
  • Analyzes and monitors security violations, alerts and intrusion detection reports prepared by a third party vendor and acts as a liaison regarding all security vulnerabilities reported.
  • Incident handler-investigating and mitigating possible security exceptions and incidents.

Implementation Cybersecurity Analyst

Appriss Inc
10.2011 - 08.2014
  • Responsible for the implementation and support of approved projects of a high profile nature. Responsible for managing and implementing changes to interfaces with customer equipment by analyzing requirements, providing solutions, testing new and existing application solutions and designing software scripts. Also, responsible for implementing product configuration changes
  • KEY ACCOMPLISHMENTS
  • Report on project requirements/objectives as appropriate to project manager and supervisor.
  • Communicate with customer to confirm/obtain project and product deliverables.
  • Configure a project for testing by setting up necessary structure and files on Appriss servers, and making sure that data is flowing from the site.
  • Test the implementation of a project for accuracy and adherence to customer expectations and written design specification.
  • Facilitate communications with customer during the testing process.
  • Consistently meets defined productivity and quality standards.
  • Acts as the interface to the customers to effect real time problem analysis and resolutions.
  • Works with the customer service organization to provide consistent service delivery to our customers.
  • Provides problem solving and technical expertise, collects detailed information to determine method of resolution.

Business Data Analyst

SHPS Inc
10.2008 - 10.2011
  • Analyze data and summarizes performance using summary statistical procedures, interpret, and evaluate data to improve business processes using Excel, SQL and Access. Functions as a liaison between Contact Center Operations and SHPS IT departments, partner with other areas of the Command Center, to develop Contact center level reporting, ad-hoc reporting, and the distribution of these reports to internal/external clients
  • KEY ACCOMPLISHMENTS
  • Use a centralized approach to develop and distribute Contact Center reporting daily, monthly, quarterly and yearly to multiple departments within the organization. Provide ad-hoc reporting, analysis of data, and recommendations Using Microsoft Excel, Cognos products and databases.
  • Provide guidance to Product Team Leadership and VP of Contact Center on effective and efficient approaches to achieve project objectives
  • Work with Contact Center Product Leadership, IT, Telecom, and other departments to coordinate interdependencies, gather requirements and resolve issues
  • Gather and define business requirements, Analyze and map processes (current state/future state), Produce high quality documentation both written and work flow designs
  • Report status and issues to the Product Leadership teams and VP of Contact Center
  • Contribute to enterprise architecture development from a business needs point of view, Coordinate the quality review and testing of data to ensure that programs meet all the requirements based on specifications and verify data integrity; including creation of ad hoc reports to assist in process.

DRU Technology Analyst

PNC Bank
06.2008 - 09.2008
  • Managed network security operations for the Fraud System, prepared information security evaluation for new projects. Provide Administration, secure and dynamic portal for the information delivery of Lotus Notes based applications and granting support, and access security rights on Windows 2000 and 2003 servers troubleshooting and administrating Active Directory, served as the Information Security Operations liaison for IT initiatives in the DRU department. Project manager for the Deposit recovery unit to install system upgrades to the fraudulent claims database as well as produce adhoc reporting needs. Partner with other business areas within PNC Bank to understand application requirements and develop programming specifications for development staff. Project improvement documentation, delivered process documentation.
  • KEY ACCOMPLISHMENTS
  • Developed Databases using the Lotus Notes Domino server to produce reports that provided issue resolution for Anti-money laundering system.
  • Develop enhancements, resolve issues, coordinate testing of statement releases and oversee regular production efforts including data extracts, data warehouse feeds from the AS/400 server, utilizing databases such as Excel pivot tables, Access Databases.
  • Translate business needs into technological systems, design specifications and solutions with UNIX command driven interface.
  • Partner with other associates to analyze, design, develop, implement, and integrate moderate and complex business systems using SQL and Access.

Education

Associates - Information Technology

University of Phoenix Online

Bachelors - Information Technology

University Of Phoenix
01.2012

Skills

  • Identity & Access Management
  • NIST standards
  • SSO
  • Information Security
  • Identity & access management
  • RBAC
  • AWS
  • Vulnerability management
  • PCI
  • Active Directory
  • Cybersecurity
  • Security Analysis
  • Authentication
  • PAM/CyberArk
  • MFA

Certification

CPR Certification

Timeline

IAM Cybersecurity Lead

Deluxe Corporation
09.2019 - Current

Information CyberSecurity Analyst IAM

Common Spirit Health (CHI)
09.2015 - 09.2019

Information CyberSecurity Risk Analyst

Kentucky State Cabinet of Technology
09.2014 - 09.2015

Implementation Cybersecurity Analyst

Appriss Inc
10.2011 - 08.2014

Business Data Analyst

SHPS Inc
10.2008 - 10.2011

DRU Technology Analyst

PNC Bank
06.2008 - 09.2008

Associates - Information Technology

University of Phoenix Online

Bachelors - Information Technology

University Of Phoenix

Similar Profiles

CREATE PROFILE
Qiana Shauntee Thompson