Ainhoa Iglesias Díaz

Information Security Risk Analyst at Ingalls
  • Claim this Profile
Contact Information
us****@****om
(386) 825-5501
Languages
  • English Native or bilingual proficiency
  • Spanish Native or bilingual proficiency
  • German -
Skills

Topline Score

Topline score feature will be out soon.

Bio

Generated by
Topline AI

You need to have a working account to view this content.
Join now
You need to have a working account to view this content.
Join now

Credentials

  • MGT512: Security Leadership Essentials for Managers
    SANS Institute
    Feb, 2023
    - Oct, 2024
  • Certified in Cybersecurity (CC)
    (ISC)²
    Dec, 2022
    - Oct, 2024
  • Official (ISC)² Certified in Cybersecurity (CC) Self-Paced Training
    (ISC)²
    Dec, 2022
    - Oct, 2024
  • (ISC)2 Certified in Cybersecurity (CC) Cert Prep
    LinkedIn
    Nov, 2022
    - Oct, 2024
  • Certified in Risk and Information Systems Control™ (CRISC)
    ISACA
    Oct, 2022
    - Oct, 2024
  • ISACA Certified Risk And Information System Controls (CRISC) Course
    Training Camp
    Jun, 2021
    - Oct, 2024
  • SEC566: Implementing and Auditing the Critical Security Controls - In Depth
    SANS Institute
    Aug, 2020
    - Oct, 2024
  • Curso de Introducción al Desarrollo Web/ Introduction to Web Development and Design
    Instituto Internacional de Economía Universidad de Alicante/ Alacant University International Economics Institute
    Dec, 2015
    - Oct, 2024
  • Curso de Programación de Apps Móviles/ Intelligence Device Applications Development
    Universidad Complutense de Madrid/ Complutense University of Madrid
    Dec, 2015
    - Oct, 2024
  • GIAC Security Leadership (GSLC)
    GIAC Certifications
    Mar, 2023
    - Oct, 2024
  • GIAC Critical Controls Certification (GCCC)
    GIAC Certifications
    Sep, 2020
    - Oct, 2024

Experience

  • Ingalls
    • United States
    • Hospitals and Health Care
    • 700 & Above Employee
    • Information Security Risk Analyst
      • Oct 2020 - Present

      Organizational lead to perform IT Risk Analysis on IT assets, processes and third-party vendors for the UChicago Health System.Organization lead to coordinate and direct third-party vendor risk assessments. Lead and coordinate remediation plan with business sponsors and designated third-party vendors to address the identified findings/risks.Primary contact for contract negotiations as it relates to ensuring third-party vendors meet UChicago Medicine security requirements prior to onboarding.Organization lead for corrective action planning and tracking of identified risks, facilitating the mitigation and remediation of identified risks with internal and external business partners throughout the Health System. Examples of this include creation and management of Corrective Action Plans and management of the security risk register, assist leadership in assessing the security and privacy risk posture for the organization, and participate and support organizational risk management governance.Serve as a key stakeholder in coordination with UCM Internal Audit, driving and facilitating organizational Management Responses related to IT audit findings for the UChicago Health System, gathering and analyzing evidence from audit finding owners, and partnering with Internal Audit for closure of Management Responses, including HIPAA Security Risk Analyses.Incident Response Command Center to coordinate, respond and track to completion and remediation of all security incidents affecting the UChicago Health systemPoint of Contact and Information Security Office representative for all things related to Security as the organization took on a transformational project to improve and modernize important foundational business, financial and human resources systems for the Health System by migrating and implementing such systems in the cloud.

    • Information Security Analyst
      • Sep 2017 - Oct 2020

      Participate in the development, communication, and implementation of Information Security Program to ensure the confidentiality and integrity of Ingalls sensitive information as well as to assess current compliance. Created a HIPAA Book of Evidence on the organization’s compliance with HIPAA Privacy, Security and Breach RulesResponsible for conducting vulnerability scanning, analysis and reporting. Assist with the management of remediating vulnerabilities with corresponding IT custodians. Responsible for conducting risk assessments and risk analysis to help the organization develop security standards and policies/procedures that support strategic, tactical and operational objectives on a cost-effective basis. Responsible for Corrective Action Plans process which is meant to support Senior Management with a transparent understanding of what is occurring within the environment through efforts in cross functionality, shared accurate knowledge, updated information, centralization, and standardization. It is also meant as a way to establish and document a plan for remediating identified security issues with appropriate stakeholders. Assist with developing and maintaining security policies, procedures and guidelines that are in compliance with IMH policies and generally accepted information systems control requirements. Oversee the establishment, implementation and adherence to policies and procedures that guide and support the provision of information security services.Assist with the Security Incident Reporting program to ensure the prevention, detection, containment and correction of security deviation(s)/breach(s). Provide the coordination of problem resolutions for security violations/deviations to include investigation of improper information disclosures or security incidents utilizing defined policies/procedures.As SharePoint Administrator, built advanced SharePoint workflows and workflow-based solutions

  • UChicago Medicine
    • United States
    • Hospitals and Health Care
    • 700 & Above Employee
    • Information Security Operations Intern
      • May 2017 - Aug 2017

      Assisted the Security Operations team with the execution of the Information Security Program to ensure confidentiality and integrity of sensitive information Monitor and respond to Information Security operational tickets Assist the Security Operations Center with incident response activities Assist with Risk Management initiatives such as performing cyber-security risks assessments and building remediation plans Responsible for analyzing the results of vulnerability management activities and building corrective action plans Contribute to security awareness and training program by executing phishing awareness campaigns and drafting awareness articles

  • Western Carolina University
    • United States
    • Higher Education
    • 700 & Above Employee
    • Graduate Research Assistant
      • Aug 2012 - May 2014

      Full time graduate student, -Graduate Assistant Professor - at The Kimmel School of Engineering and Construction Management at WCU. Obtained a Master of Science in Technology. The Master's thesis project "Biomechanics of the overhead motion in tennis: Effect of ball impact location on the transfer of linear and angular momentum during game play" consisted on developing an instrumented racket capable of measuring the forces and torques transferred to the wrist as well as developing a mathematical model of a tennis racket to estimate joint reaction forces in the wrist, elbow and shoulder, and provide theoretical foundation for the instrumented racket.

Education

  • Illinois Institute of Technology
    Master in Information Technology and Management, Information Technology
    2016 - 2018
  • Western Carolina University
    Master of Science in Technology
    2012 - 2014
  • Western Carolina University
    Bachelor's degree, Electrical Engineering
    2008 - 2012
  • Colegio Fundación Caldeiro
    1996 - 2008

Community

You need to have a working account to view this content. Click here to join now