Information Security Analyst
Apr 2015 - Present
Security Remediation Initiative
- Guide and assist in architecting a multi-tier network, supplemented with network segmentation to improve access controls and reduce threat surface
- Review application design for information security standards and assist development teams in sound security framework
- Document, prioritize, and analyze security threats, incidents and key metrics.
- Champion Annual SSAE16 audit process.
- Periodically review, re-certify, and update company policies, standards and specifications to ensure compliant, effective data management with clients and external vendors
- Manage and maintain vulnerability scanning and reporting as part of the overall vulnerability and patch management process.
- Responsible for detecting and tracking vulnerabilities through the vulnerability life cycle, consulting with internal teams and business units to, assess threats, associated risks and remediate accordingly.
- Prepare comprehensive, customized reports based on risk ratings of vulnerabilities, severity and business impact. Present findings and propose countermeasures to senior technology executives.
- Lead the planning, implementation and management of application whitelisting solution across all enterprise workstations to better prevent, detect and respond to malware and advanced threats.