Rene Figgins
Stafford,VA
Summary
A highly motivated individual with 5 years of experience, eager to embrace fresh challenges. Possesses the essential expertise, including a comprehensive grasp of IT general and application controls, along with proficiency in IT operations, risk management, security, and compliance controls. Demonstrates familiarity with prominent IT frameworks such as ISO-27001, HITRUST, PCI-DSS, NIST-80053, COSO, COBIT, and SSAE 16/18. Well-versed in various industry GRC tools like Process Unity, RSA Archer, Tugboat Logic, One Trust, Jira, and ServiceNow. Exhibits a strong work ethic, adaptability, and exceptional interpersonal skills. Capable of working independently and quickly acquiring new skills.
Overview
5
5
years of professional experience
Work History
Compliance Analyst
JPMorgan Chase & Co
01.2022 - 08.2023
- Functioned as primary contact point for responding to Request for Proposal (RFP) inquiries regarding compliance programs and formulates business responses for client-requested compliance details
- Demonstrated capacity to operate within environment handling PHI / PII data
- Supported business in all compliance audits and risk evaluations, both for vendors and internal processes
- Orchestrated allocation of internal and external resources pertaining to 3rd Party Risk Assessments, audits, and compliance initiatives
- Preserved SOC 2 compliance program
- Conducted risk assessments, maintained risk inventory, assigns ownership, tracks risk items, and establishes priority levels for managing risks
- Oversee risk monitoring, supervised risk remediation process, and ensured effective execution of risk treatment plans
- Managed risk reporting by generating reports to inform stakeholders and risk owners
- Streamlined entire lifecycle of third-party risk, including assessments, result reporting, development of findings, and recommended remediation plans, all while delivering outstanding customer service
- Continuously evaluated and assessed third-party performance to ensure alignment with TPRM program, regulatory obligations, and service-level agreements
- Took ownership of and administered Governance Risk and Compliance (GRC) tool for managing vendor and asset risks, such as One Trust, Jira, Smartsheet, and Workday Confluence
- Reviewed SOC 2 Type II reports and compiles findings in report format
- Conducted third-party risk assessments of vendors by collecting, examining, analyzing, and verifying information regarding organization's systems and processes. This included reviewing manuals, policies, reports, financial statements, and conducting interviews with organizational members when necessary.
- Participated in business continuity assessments.
- Prepared documentation and records for upcoming audits and inspections.
- Stayed current with latest changes to applicable regulatory standards and company procedures
- Identified gaps in existing compliance processes and recommended updates.
Cybersecurity Analyst
Sentara Health
11.2019 - 12.2021
- Guaranteed adherence to company policy during onboarding of new vendors, contributing to reduction of potential third-party risks
- Collaborated with leaders from all departments to navigate security control compliance standards and principles of privacy by design, including SOC2, ISO 27001, HIPAA, GDPR, and HITRUST
- Thoroughly examined all audit preparation materials and complete audit tools
- Provided support for both new and recurring compliance activities and certification initiatives, such as HiTrust, HIPAA, and more
- Conducted assessments and presented findings to cross-functional teams, including product, engineering, legal, and IT teams
- Managed classification and tiering of vendors based on their associated risks and potential impacts
- Ensured compliance with regulatory requirements for third- (and increasingly, fourth-) party vendors
- Utilized ServiceNow Tool to its full potential
- Formulated recommendations for process and system enhancements aimed at reducing risk, enhancing performance and productivity, and ensuring organizational compliance with applicable regulations, laws, and standards
- Created audit reports that comprehensively documented audit process and its outcomes
- Kept business process owners and department management informed of audit progress and results throughout audit process.
Vendor Risk Analyst
BankUnited
02.2018 - 11.2019
- Collaborated closely with sourcing and contract management functions
- Collaborated with regulatory officers and auditors when necessary
- Formulated, tracked, and implemented vendor remediation actions, as well as mitigation and contingency plans, in response to identified risks or events
- Maintained adherence to all company policies and procedures
- Offered consultative guidance to information governance or security teams, empowering them to make well-informed risk management decisions
- Orchestrated collection of vendor risk assessment data and prepared risk evaluations for critical-related vendors as required, with intention of sharing and communicating them to stakeholders
- Assumed central role as primary contact for both internal and third-party compliance teams.
Education
Some College (No Degree) - Computer And Information Systems Security
Northern Virginia Community College
Annandale, VAHigh School Diploma -
St. Augustine Community College
Trinidad & Tobago06.2003
Skills
- RSA Archer
- Service Now
- Process Unity
- Internal Assessment
- Security Questionnaire
- Risk Identification
- Audit Coordination
- Policy Review
- Risk Assessment
- Audit Documentation
- Business Continuity
- Compliance Oversight
- Compliance Reporting
- Analytical Abilities
- Risk Management Framework
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Quote
There is a powerful driving force inside every human being that, once unleashed, can make any vision, dream, or desire a reality.
Tony Robbins
Timeline
Compliance Analyst
JPMorgan Chase & Co
01.2022 - 08.2023
Cybersecurity Analyst
Sentara Health
11.2019 - 12.2021
Vendor Risk Analyst
BankUnited
02.2018 - 11.2019
Some College (No Degree) - Computer And Information Systems Security
Northern Virginia Community College
High School Diploma -
St. Augustine Community College
Similar Profiles
PASTELL JENKINSPASTELL JENKINS
Vice President of Operations at JPMorgan Chase, JPMorgan Chase & CoVice President of Operations at JPMorgan Chase, JPMorgan Chase & Co
Supraj CBSupraj CB
Analyst at JPMorgan Chase, JPMorgan Chase & CoAnalyst at JPMorgan Chase, JPMorgan Chase & Co
Noemie VillanuevaNoemie Villanueva
Retail Banking Associate at JPMorgan Chase, JPMorgan Chase & CoRetail Banking Associate at JPMorgan Chase, JPMorgan Chase & Co
Kimberly De La RosaKimberly De La Rosa
Waitress at JPMorgan Chase, JPMorgan Chase & CoWaitress at JPMorgan Chase, JPMorgan Chase & Co
Ibrahim MarufuIbrahim Marufu
Order Selector at Martin BrowerOrder Selector at Martin Brower