I have a total of 5 years of experience in the information security field. I have experience in TPRM, ISO 27001, Risk assessment and SOC1/2 audits. I'm still keen to learn new technology.
Overview
6
6
years of professional experience
1
1
Certification
Work History
Senior Associate
Cvent,Inc
04.2022 - Current
In my current role as a senior associate at Cvent, I specialize in governance, risk, and compliance (GRC), focusing on risk assessments of event vendors. My primary responsibility is to evaluate the security controls of Cvent vendors to ensure compliance with key standards like ISO 27001, GDPR, CCPA, and PCI-DSS. This involves assessing various risk factors, such as vulnerabilities in vendors' systems, the potential impact of security breaches, and their likelihood, to help the organization prioritize risks to its information assets. With over six years of experience in risk assessment, I aim to mitigate threats to data integrity, confidentiality, and availability.
Additionally, I review client security questionnaires and address concerns about Cvent's security posture. I have experience in GRC tools like RSA Archer, OneTrust, Processunity, ServiceNow, etc. I also conduct ISO 27001 and ISO 27701 audits to uphold the highest security standards and ensure our security policies align with current standards and guidelines.
I also perform UAR (User Access Review)on periodic basis and contract review of Cvent clients.
Senior Risk Analyst
FIS, Inc
05.2019 - 04.2022
At FIS, I worked as a senior analyst in third-party risk management, conducting vendor risk assessments to evaluate and monitor the security posture of client vendors. My role involved identifying services and relationships, assessing inherent and residual risks, distributing security questionnaires, analyzing security reports and policies, preparing risk reports, facilitating remediation plans, and monitoring and conducting annual security posture reviews.
Education
MBA - Information Technology Business Management, Information Security