William Twumasi
Laurel,MD
Summary
Dedicated Third Party Risk Analyst professional with history of meeting company goals utilizing consistent and organized practices for the past five years. Skilled in working under pressure and adapting to new situations and challenges to best enhance organizational brand. Specialized in third Party Vendor Risk assessment, Vulnerability management using FISMA, applicable NIST standards, commercial and international standards such as GDPR, CCPA, PCI DSS and ISO CERTS 27001. Excellent in review of SOC 2, SIG questionnaire, examination, test and evaluation of various technical operating systems.
Self-Initiate to research, solve, synthesize, organize, plan, negotiate and deliver solutions on problems, new concepts and topics individually and as a team.
Overview
10
10
years of professional experience
1
1
Certification
Work History
Third Party Risk Analyst
Weichert Realtors
North Bethesda, MD
03.2016 - Current
- Initiate and lead risk assessment from intake stage to completion.
- Support risk assessment process as subject matter expect.
- Perform engagement risk analysis to determine overall risk of vendor engagement.
- Collaborate with business units in gathering necessary information about new and existing vendors.
- Leverage industry security frameworks as part of vendor risk assessment process.
- Identify areas of risk and non compliance to be presented to management to make business decisions.
- Maintain strong understanding of global regulations for compliance, data privacy and vendor management.
- Perform vendor classification based on business criticality and data sensitivity.
- Analyze vendors processes to determine deficiencies within their controls that could violate applicable law.
- Develop standard procedure for conducting third-party risk assessment, and document as part of TPRM document process
- Perform all activities in accordance with departmental standards police and procedures
Security Control Assessor
Foreground Security
2214 Rock Hill Rd # 210, Herndon , VA
05.2016 - 06.2016
- Prepare and review Authorization packages, Security assessment plans (SAP) Security Assessment report (SAR), Security Control Assessment (SCA)
- Develop Audit plans and conduct interviews, test, examinations and analyze scans to gather facts about information systems
- Assisted system owners in preparing assessment and Authorization packages for information systems
- Provide support to internal and external audit teams in gathering evidence to validate information system control updates.
- Encrypted data and erected firewalls to protect confidential information.
- Performed risk analyses to identify appropriate security countermeasures.
- Able to build collaborative and trusted relationships with IT stakeholders.
Information Assurance Analyst
9 Solutions Inc
Largo , MD
01.2013 - 02.2015
- Support Assessment and Authorization activities by developing overall system
- Developed and maintained documentation outlining systems operating environment for assigned systems.
- Coordinated and Conducted regular security audits in support of compliance with overall system security plan to maintain authority to operate
- Reviewed and updated system security plans (SSP) using NIST SP 800-53 Rev 4 requirements
- Achieved FISMA compliance and Authority to operate (ATO) for systems using guidance from NIST SP 800-37 Risk Management Framework (RMF)
Education
BBA - Business Administration
Christian Service University
Kumasi- Ghana 07.1997
Skills
- Computer skills
- Self-motivated professional
- Good listening skills
- Negotiation skills
- Interpersonal Communication
- Analytical skills
- Microsoft Office
- Share point
- Jira
- Nessus Scan, Web Inspect , App Detective, Pen Test, NIST 800-37
- TPRM SOC2, ISO CERT 27001, SOC1, PCI DSS,GDPR, CCPA
Accomplishments
- Documented and resolved management disapproval of a vendor, i had approved to be onboard by using ISO Certs 27001 which led to misunderstanding. But after showing management statement of applicability, which details controls that were tested by independent auditor and working as intended, the vendor was finally approved . Since then management team have approved and adopted ISO CERT 27001. They thought it to be worthless at first.
Affiliations
ISACA
Comptia USA
Certification
Certified Information Security Manager(CISM)
Scrum Master
Security Plus
Linux Fundamentals
Timeline
Security Control Assessor
Foreground Security
05.2016 - 06.2016
Third Party Risk Analyst
Weichert Realtors
03.2016 - Current
Information Assurance Analyst
9 Solutions Inc
01.2013 - 02.2015
BBA - Business Administration
Christian Service University
Similar Profiles
Pius AdomakoPius Adomako
Realtor Associate at Weichert RealtorsRealtor Associate at Weichert Realtors
Shayli KoubaShayli Kouba
Transaction Coordinator / Referral Agent /Assistant Property Manager at Weichert Realtors Tower PropertiesTransaction Coordinator / Referral Agent /Assistant Property Manager at Weichert Realtors Tower Properties
Samantha SproutSamantha Sprout
Real Estate Agent at Weichert RealtorsReal Estate Agent at Weichert Realtors
Reese CahalanReese Cahalan
Director of Business Development at Weichert Realtors - ShorelineDirector of Business Development at Weichert Realtors - Shoreline
Lonell WilliamsonLonell Williamson
Senior Closeout Specialist - Project Manager at Jefferson Solutions – Department of Transportation Federal Railroad AdministrationSenior Closeout Specialist - Project Manager at Jefferson Solutions – Department of Transportation Federal Railroad Administration