YVETTE TARH

-Performed risk and vulnerability assessments, conducted vulnerability assessments, and penetration testing to identify and mitigate potential security vulnerabilities in Bank of America, 's hybrid computer systems.
- Developed and implemented strategies to mitigate identified vulnerabilities, utilizing industry-standard methodologies such as CVSS to prioritize remediation efforts.
- Managed and maintained vulnerability scanning tools and related software, staying up-to-date with emerging threats and vulnerabilities to proactively identify potential risks.
- Provided recommendations for security improvements based on vulnerability assessments and threat intelligence, creating reports and presentations to communicate identified vulnerabilities and their potential impact to stakeholders.
- Conducted training sessions for employees on the importance of vulnerability management and how to report potential security risks, while also providing technical guidance and support to other security and risk management IT teams.
- Demonstrated expertise in security testing tools and techniques, including Nessus, Nmap, Metasploit, and Burp Suite, and strong knowledge of security standards and protocols such as ISO 27001, NIST, and PCI-DSS.
- Designed and implemented processes for the assignment, tracking, and reporting of vulnerability remediation status, while also participating in incident response and disaster recovery planning and testing.
- Collaborated with other members of the IT security team to ensure that security measures are consistently applied across the organization, working with other teams, including IT, Operations, and Compliance, to ensure that security policies and procedures are followed throughout the organization.
- Conducted regular security assessments and audits to identify vulnerabilities and threats to company data and systems, and researched and evaluated new security technologies and solutions to improve the organization's overall security posture.
- Developed and implemented security policies, procedures, and best practices to minimize risk and ensure compliance with industry standards, and partnered with the compliance team to develop and implement security policies that comply with regulatory requirements.
- Demonstrated the ability to work independently and as part of a team to achieve organizational goals and objectives, with excellent communication and interpersonal skills, the ability to clearly convey technical information to non-technical stakeholders, and the ability to work in a fast-paced environment, managing multiple tasks simultaneously.
- Had strong analytical and problem-solving skills, with excellent attention to detail, and the ability to identify potential vulnerabilities others may have missed.

- Conducted data analysis, developed reports, and presented findings to senior management.
- Performed risk and vulnerability assessment of the Deloitte Technology system in a hybrid environment.
- Maintained the security of Deloitte computer systems by identifying and mitigating potential vulnerabilities.
- Conducted vulnerability assessments and penetration testing to identify security flaws in systems, networks, and applications.
- Developed and implemented strategies to mitigate identified vulnerabilities.
- Collaborated with other members of the IT security team to ensure that security measures are consistently applied across the organization.
- Stayed up-to-date with emerging threats and vulnerabilities to proactively identify potential security risks.
- Provided recommendations for security improvements based on vulnerability assessments and threat intelligence.
- Created reports and presentations to communicate identified vulnerabilities and their potential impact to stakeholders.
- Conducted training sessions for employees on the importance of vulnerability management and how to report potential security risks.
- Utilized industry-standard methodologies such as CVSS (common vulnerability scoring system) to prioritize remediation efforts.
- Strong knowledge of security standards and protocols such as ISO 27001, NIST, and PCI-DSS.
- Experience in developing and implementing security policies, procedures, and guidelines for an organization.

- Successfully managed and remediated security vulnerabilities across multiple clients and systems
- Developed and implemented vulnerability management programs, policies, and procedures
- Conducted comprehensive vulnerability assessments and penetration testing to identify security gaps and risks
- Collaborated with cross-functional teams to mitigate vulnerabilities and enhance overall security posture
- Provided technical guidance and support to clients on vulnerability management best practices
- Stayed up-to-date with the latest security threats and vulnerabilities to ensure proactive risk mitigation
- Utilized industry-standard tools and technologies to automate vulnerability scanning and reporting
- Conducted regular security awareness training for employees and stakeholders to promote a culture of security
- Maintained and updated vulnerability databases and tracking systems for accurate reporting and analysis.
- Demonstrated experience in governance, risk, and compliance (GRC) functions, including policy development, risk assessment, and audits.
- Strong knowledge of regulatory requirements and industry standards such as SOX, HIPAA, GDPR, and ISO 27001.
- Experience conducting risk assessments to identify potential threats and vulnerabilities and implementing appropriate mitigation controls.
- Proven ability to develop and maintain policies and procedures that align with regulatory requirements and industry best practices.
- Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams to achieve organizational goals.
- Strong analytical and problem-solving skills with the ability to identify and analyze complex issues and provide solutions.
- Demonstrated ability to work independently as well as part of a team to achieve organizational goals and objectives.
- Experience in conducting compliance audits and providing recommendations to improve compliance posture.
- Proven ability to stay up-to-date with emerging regulatory requirements and industry standards to ensure the organization remains compliant.