Scott Petru
Sr. Information Security Analyst at First National Technology Solutions- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
Topline Score
Bio
Nick Harrahill
Scott is a diligent, conscientious analyst who provides consistent effort and support to his team and supporting parties. Scott's experience in Fraud and DLP in the Financial Services industry provides for a comprehensive risk perspective.
Nick Harrahill
Scott is a diligent, conscientious analyst who provides consistent effort and support to his team and supporting parties. Scott's experience in Fraud and DLP in the Financial Services industry provides for a comprehensive risk perspective.
Nick Harrahill
Scott is a diligent, conscientious analyst who provides consistent effort and support to his team and supporting parties. Scott's experience in Fraud and DLP in the Financial Services industry provides for a comprehensive risk perspective.
Nick Harrahill
Scott is a diligent, conscientious analyst who provides consistent effort and support to his team and supporting parties. Scott's experience in Fraud and DLP in the Financial Services industry provides for a comprehensive risk perspective.
Experience
-
FNTS
-
United States
-
IT Services and IT Consulting
-
1 - 100 Employee
-
Sr. Information Security Analyst
-
Apr 2018 - Present
ACCOMPLISHMENTS: -Promoted to audit Project Manager -Improved functionality of the Role Matrix for audits & supporting just-in-time access mechanisms by linking users to roles then structuring into managed teams -Implemented compliance data mapping of SSAE 18 SOC 2 Type 2 controls into the following frameworks or risks: AICPA 2017, ISO 27001/2, NIST 800-53 and Archer RESPONSIBILITIES: Identifying and reducing organizational risks through the compliance and governance… Show more ACCOMPLISHMENTS: -Promoted to audit Project Manager -Improved functionality of the Role Matrix for audits & supporting just-in-time access mechanisms by linking users to roles then structuring into managed teams -Implemented compliance data mapping of SSAE 18 SOC 2 Type 2 controls into the following frameworks or risks: AICPA 2017, ISO 27001/2, NIST 800-53 and Archer RESPONSIBILITIES: Identifying and reducing organizational risks through the compliance and governance program ensuring the organization meets requirements and successfully completing audits *Responsible for all assigned audits from planning, initiation, close & improvements: SSAE 18 SOC2 Type 2, PCI DSS, Physical Access, Logical Access, Role Matrix review and Risk Self Assessments. *Structure audit & compliance through Service Now by completing or assigning evidence tasks, facilitating walkthrough meetings, and performing quality control analysis on all evidence prior to submission *Manage audit controls and evidence request language, ensuring the verbiage is up to date and accurate *Conduct annual review of Information Security Policies, updating and creating new policies as needed Accountable for investigating, escalating, processing and reporting: security policy violations, exceptions and acceptable risks *Present awareness training through a variety of in-person & remote mechanisms to bolster knowledge and accountability throughout the organization *Developed & implemented exception, acceptable risk & risk management tracking mechanisms Show less ACCOMPLISHMENTS: -Promoted to audit Project Manager -Improved functionality of the Role Matrix for audits & supporting just-in-time access mechanisms by linking users to roles then structuring into managed teams -Implemented compliance data mapping of SSAE 18 SOC 2 Type 2 controls into the following frameworks or risks: AICPA 2017, ISO 27001/2, NIST 800-53 and Archer RESPONSIBILITIES: Identifying and reducing organizational risks through the compliance and governance… Show more ACCOMPLISHMENTS: -Promoted to audit Project Manager -Improved functionality of the Role Matrix for audits & supporting just-in-time access mechanisms by linking users to roles then structuring into managed teams -Implemented compliance data mapping of SSAE 18 SOC 2 Type 2 controls into the following frameworks or risks: AICPA 2017, ISO 27001/2, NIST 800-53 and Archer RESPONSIBILITIES: Identifying and reducing organizational risks through the compliance and governance program ensuring the organization meets requirements and successfully completing audits *Responsible for all assigned audits from planning, initiation, close & improvements: SSAE 18 SOC2 Type 2, PCI DSS, Physical Access, Logical Access, Role Matrix review and Risk Self Assessments. *Structure audit & compliance through Service Now by completing or assigning evidence tasks, facilitating walkthrough meetings, and performing quality control analysis on all evidence prior to submission *Manage audit controls and evidence request language, ensuring the verbiage is up to date and accurate *Conduct annual review of Information Security Policies, updating and creating new policies as needed Accountable for investigating, escalating, processing and reporting: security policy violations, exceptions and acceptable risks *Present awareness training through a variety of in-person & remote mechanisms to bolster knowledge and accountability throughout the organization *Developed & implemented exception, acceptable risk & risk management tracking mechanisms Show less
-
-
-
PayPal
-
United States
-
Software Development
-
700 & Above Employee
-
OFAC Sanctions Investigator II
-
Nov 2017 - Mar 2018
Ensure activity within the PayPal system is compliant with Anti-Money laundering regulations *Conduct end-to-end meticulous reviews of cases pertaining to potential illegal activity, global watch lists, or activity in violation of the economic and trade sanctions administered by OFAC *Exercise good judgement, making decisions or recommendations in relation to case investigation Ensure activity within the PayPal system is compliant with Anti-Money laundering regulations *Conduct end-to-end meticulous reviews of cases pertaining to potential illegal activity, global watch lists, or activity in violation of the economic and trade sanctions administered by OFAC *Exercise good judgement, making decisions or recommendations in relation to case investigation
-
-
-
LinkedIn
-
United States
-
Software Development
-
700 & Above Employee
-
Safety Operation Support Specialist - Contractor ZeroChaos
-
Oct 2016 - Jul 2017
Investigated LinkedIn accounts violating the user agreement. *Reviewed identification documentation for password resets while identifying account takeover *Decreased email queue volume by redirecting misrouted customer inquiries while documenting reclassifications for queue refinement, improving overall accuracy and creating a spreadsheet containing the misrouted information Investigated LinkedIn accounts violating the user agreement. *Reviewed identification documentation for password resets while identifying account takeover *Decreased email queue volume by redirecting misrouted customer inquiries while documenting reclassifications for queue refinement, improving overall accuracy and creating a spreadsheet containing the misrouted information
-
-
-
PayPal
-
United States
-
Software Development
-
700 & Above Employee
-
Insider Threat - Information Security Analyst 3 - Team Lead
-
Feb 2008 - Sep 2016
ACCOMPLISHMENTS: -Created award-winning processes for detecting employee fraud on employee personal accounts -Collaborated with HR and Legal to strengthen, create and implement new policies -Recovered more than $30,000 by identifying employee-owned charged-off accounts -Hired and onboarded a new international Israel team, led incident response training -Streamlined false positive report processing, reducing security incident false positive rates by… Show more ACCOMPLISHMENTS: -Created award-winning processes for detecting employee fraud on employee personal accounts -Collaborated with HR and Legal to strengthen, create and implement new policies -Recovered more than $30,000 by identifying employee-owned charged-off accounts -Hired and onboarded a new international Israel team, led incident response training -Streamlined false positive report processing, reducing security incident false positive rates by 75% RESPONSIBILITES: Monitoring and Alert Remediation: correlated and analyzed data from multiple systems. Specialized in internal employee fraud investigations by alert monitoring of sensitive data, behavioral abnormalities, abuse of company tools, sabotage and/or work place violence *Escalated employee incidents by reporting documented suspicious incident findings to management and/or HR for termination, disciplinary action, or reeducation *Forged strong, collaborative relationships across the organization, including HR and executive level management *Developed new threat criteria for evolving incident monitoring policy development and refinement *Created escalation templates, privacy knowledge base, reports, team training material, and provided incident quality assurance across the team
-
-
Fraud Analyst (Account Review)
-
2004 - 2008
Performed appeal risk assessments on limited customer accounts by determining the legitimacy of accountholder & activity by reviewing documents, transaction histories, IP addresses, researching linked accounts and closing identified fraudulent accounts
-
-
Member Services
-
2003 - 2004
Educated customers on product information and navigation of the PayPal website.
-
-
-
Pinnacle Property Management Services
-
Business Consulting and Services
-
700 & Above Employee
-
Property Management
-
Apr 1991 - May 2011
APPLE CREEK APARTMENTS *Marketed Pinnacle management properties in Nebraska and Illinois communities. *Organized resident functions and activities. * Performed opening and closing procedures, processed leases, collected rent, handled maintenance calls and led property tours for potential/future tenants. *Maintained and communicated information between office staff and maintenance team. APPLE CREEK APARTMENTS *Marketed Pinnacle management properties in Nebraska and Illinois communities. *Organized resident functions and activities. * Performed opening and closing procedures, processed leases, collected rent, handled maintenance calls and led property tours for potential/future tenants. *Maintained and communicated information between office staff and maintenance team.
-
-
-
Enterprise
-
United States
-
Travel Arrangements
-
700 & Above Employee
-
Manager Trainee
-
2000 - 2001
*Responsible for all customer/client inquiries including rental agreements, contract negotiations, service and repair issues *Marketed to insurance companies and automobile dealerships *Responsible for administrative procedures including dealing with adjusters, car repair, garage maintenance, service warranties and contract liabilities *Responsible for all customer/client inquiries including rental agreements, contract negotiations, service and repair issues *Marketed to insurance companies and automobile dealerships *Responsible for administrative procedures including dealing with adjusters, car repair, garage maintenance, service warranties and contract liabilities
-
-
-
Pier 1
-
United States
-
Retail
-
700 & Above Employee
-
Assistant Manager
-
Jan 1999 - Dec 1999
Assisted clients with home decor selection of furniture, artwork, lighting, draperies, blinds, area rugs, bath, kitchenware and accessories. *Consulted customers on interior design aspects such as color schemes, color coordinations and product styles. *Conducted daily opening and closing operations, including inventory management, shrinkage, and security procedures * Performed customer direct sales & services, hiring, training and managing Pier 1 Imports team Assisted clients with home decor selection of furniture, artwork, lighting, draperies, blinds, area rugs, bath, kitchenware and accessories. *Consulted customers on interior design aspects such as color schemes, color coordinations and product styles. *Conducted daily opening and closing operations, including inventory management, shrinkage, and security procedures * Performed customer direct sales & services, hiring, training and managing Pier 1 Imports team
-
-
Education
-
University of Nebraska at Omaha
Bachelor of Science (B.S.), History -
Millard North
General Studies, General Studies