YVON TSAFACK
The Bronx
Summary
Results-driven Information Security Analyst with over 7 years of experience conducting risk assessments, performing vulnerability scans, and implementing cybersecurity controls aligned with NIST, ISO 27001, and CIS Controls frameworks. Strong expertise in SIEM, IDS/IPS, endpoint protection, and incident response. Adept at ensuring compliance with FISMA, HIPAA, and FedRAMP, while developing policies, training users, and monitoring enterprise systems to strengthen organizational security posture.
Overview
8
8
years of professional experience
Work History
Information Security Analyst
Cyber Centurion Corporation
Adelphi
01.2021 - Current
- Conduct enterprise-wide risk assessments, vulnerability scans, and SOC audits using NIST SP 800-53, FISMA, and FedRAMP frameworks.
- Develop and maintain cybersecurity policies, security assessment plans, and risk registers.
- Monitor SIEM, IDS/IPS, and DLP systems to identify anomalies and remediate threats.
- Lead incident response activities, including investigation, containment, and recovery.
- Perform continuous monitoring of control effectiveness and compliance readiness.
- Coordinate cross-functional collaboration to improve awareness and implement cybersecurity best practices.
- Report key security metrics and control status to senior leadership.
GRC & Security Risk Analyst
Sibley Memorial Hospital
Washington
10.2017 - 12.2020
- Developed and implemented hospital-wide security policies ensuring HIPAA and HITECH compliance.
- Performed vendor risk assessments, reviewed SOC 2 and ISO 27001 attestations, and managed remediation tracking.
- Conducted risk and vulnerability assessments across EHR, IoMT, and networked medical systems.
- Supported PHI incident response, breach analysis, and corrective action reporting.
- Led cybersecurity awareness and phishing campaigns with measurable incident reduction.
- Maintained dashboards and risk registers in ServiceNow and JIRA for executive reporting.
Education
B.S. -
Computer Science
01.2019
Skills
- Risk Assessment & Vulnerability Management
- NIST CSF 20
- ISO 27001
- CIS Controls
- SIEM
- IDS/IPS
- DLP
- Endpoint Security Tools
- FedRAMP
- FISMA
- HIPAA
- PCI DSS Compliance
- Incident Response
- Threat Analysis
- Security Awareness
- Employee Training
- GRC Tools
- Archer
- ZenGRC
- ServiceNow
- Proofpoint
- KnowBe4
- Cloud Security
- Azure
- AWS
- Policy Development
- Audit Support
Timeline
Information Security Analyst
Cyber Centurion Corporation
01.2021 - Current
GRC & Security Risk Analyst
Sibley Memorial Hospital
10.2017 - 12.2020
B.S. -
Computer Science