Experience

Vibrant

• Argentina
• Financial Services
• 1 - 100 Employee

• RISK & AUDITOR COMPLIANCE

  • Jan 2020 - Present

  • Proficiency in drafting and documenting risk and compliance activities • Assist with SOP drafting and development of IT policies and procedures standard to mitigate risk • Performed oversight check and challenge of the front line across all operational risk routines including – Planning, identifying and assessing, controlling and mitigate risk, test and validate, monitoring and reporting. Perform Vendor Risk assessment • Had Hand on Experience in audit stages which include :Planning, kick-off meeting, testing of Controls ,closeout) and report recommend Gaps and Remediations • Reporting identify IT controls for significant processes, develop test procedures for SOX readiness. • Evaluated and interpreted SOX IT Audit, PCI DSS and Privacy requirements and provide guidance to process and control owners on the objective / intent of the requirements • Have knowledge of legislation and Regulation changes related to the financial industry and other sectors and privacy regulations and procedures and assist in ensuring the organization remains compliance with such laws and regulations. • Verify user and system security configurations for compliance with internal and external requirements; Collect and maintain appropriate evidence and supporting documentation. • Collaborated with business units to deliver enterprise risk assessment results; and identify solutions to minimize risk exposure. • Communicate identified Risk and results to management or shareholding with suggested recommendation while presenting audit report. Show less



Cyber A Square

• Ashburn Virginia, United States

• Cyber Security Analyst

  • Jan 2018 - Dec 2019

  • Ensured compliance with security policies and procedures following NIST 800-53 and NIST 800-53A.. • Conducted vulnerability assessment using risk assessment tools, e.g. (Nessus, CISM, and XACTA). • Reviewed and updated IT security policies, procedures, standards, and guidelines per private and federal requirements. • Reviewed security controls and provide responses as how the systems were currently meeting requirements. • Planned, assigned, and performed security validation review for C&A documentation, and supervised team members • Reviewed and updated System Security Plans (SSP) against NIST 800-18 and NIST 800-53 requirements. • Determined security controls effectiveness (i.e., controls are implemented correctly, operating as intended, and meeting security requirements). • Completed requirements to assist system owners in achieving ATO's. • Assessed security policies, processes, plans, and templates against NIST guidance. Show less