GRC Analyst Master Class
- Prepared, executed, and reported on audit of subset of NIST SP 800-53 cybersecurity controls to include interview, document review, and testing of systems to support compliance audit activities.
- Knowledgeable on NIST Cybersecurity Framework and how the Identify, Protect, Detect, Respond, and Recover categories comprise and facilitate an information security program
- Developed concise, tailored cybersecurity awareness content, improving targeted end-user base cyber hygiene
- Developed Just-In-Time cybersecurity awareness content for emerging threats to reduce operational risk to tailored audiences
- Semi-quantitatively analyzed cybersecurity risk using NIST SP 800-30 methodology to identify highest risk weaknesses for a system
- Executed threat modeling exercise to determine higher likelihood threat events to inform cybersecurity risk modeling