Summary
Overview
Work History
Education
Skills
Timeline
ADDITIONAL STRENGTHS
Generic

Roland Nzoh

Waldorf,MD

Summary

TARGETED Job Cybersecurity Analyst

Overview

5
5
years of professional experience

Work History

GRC & Third-Party Risk Analyst

Process Insights LLC
01.2017 - 01.2022
  • Conducted detailed third-party risk assessments for new and existing vendors, including security questionnaires, evidence reviews, and external ratings.
  • Managed the vendor lifecycle, from onboarding to continuous monitoring and re-assessments.
  • Supported the development and maintenance of organizational GRC frameworks, policies, and control libraries.
  • Monitored compliance with industry standards such as SOC 2, ISO 27001, NIST CSF, PCI DSS, and internal governance requirements.
  • Collaborated with Information Security, Legal, Procurement, and IT teams to ensure alignment on risk ownership and remediation timelines.
  • Performed internal risk assessments, maintained risk registers, and tracked mitigation efforts.
  • Assisted in audit preparation and evidence gathering, improving the efficiency of SOC 2 and internal audit cycles.
  • Analyzed vendor security documentation including SIG, SOC reports, penetration tests, and vulnerability assessments.
  • Prepared meetings, dashboards, and reports to communicate risk posture to management.
  • Participated in Business Continuity and Disaster Recovery planning and review.
  • Key Achievements:
  • Reduced third-party onboarding times by 30% by streamlining workflows and improving questionnaire templates.
  • Improved vendor reassessment compliance from 65% to 90% within one year.
  • Successfully supported 3+ annual compliance audits with zero major findings.

Education

Cybersecurity Analyst - Security+ Certification

Certificate Degree program - Customs, Compliance and Foreign Trade Management

University of Applied Science Augsburg
Augsburg, Germany
01.2014

Vocational Training - Certificate

01.2009

Skills

  • Third-Party Risk Management (TPRM)
  • Governance, Risk & Compliance (GRC)
  • Vendor Due Diligence & Assessments
  • Risk Register & Controls Management
  • Policy Development & Compliance Frameworks
  • Regulatory Compliance (SOC 2, ISO 27001, NIST, PCI, HIPAA, GDPR)
  • Audit Support & Evidence Collection
  • Business Continuity & Disaster Recovery
  • Risk Reporting & Metrics/KPIs
  • Data Privacy & Security Best Practices
  • Issue Tracking & Remediation
  • Cross-functional Collaboration
  • Tools: OneTrust, Arcar, ServiceNow GRC, BitSight, SecurityScorecard, Jira, Confluence, Workiva, ZenGRC, SAP(MM, SD) modules

Timeline

GRC & Third-Party Risk Analyst

Process Insights LLC
01.2017 - 01.2022

Certificate Degree program - Customs, Compliance and Foreign Trade Management

University of Applied Science Augsburg

Vocational Training - Certificate

Cybersecurity Analyst - Security+ Certification

ADDITIONAL STRENGTHS

  • Excellent written and verbal communication
  • Strong analytical and problem-solving skills
  • Ability to work with highly technical teams
  • High attention to detail and strong documentation practices

Similar Profiles

CREATE PROFILE
Roland Nzoh