Open to opportunities

Louis Fobih

@louisfobih

Message

Results-driven Security Compliance and Vendor Risk Analyst.

United States

Message

What I'm looking for

I am seeking a role that challenges my skills in cybersecurity and risk management while offering opportunities for professional growth and collaboration.

I am a results-driven Security Compliance and Vendor Risk Analyst with extensive expertise in third-party risk governance and threat intelligence platform management. Overseeing systems like BitSight, RiskRecon, and Recorded Future, I have successfully managed risk for over 4,000 organizations. My efforts have led to a 30% reduction in compliance documentation time through workflow automation and a 25% improvement in evidence accuracy. I excel in intelligence production, drafting actionable alerts, and advisories that keep stakeholders informed of emerging cyber threats.

In my current role at SmartThink LLC, I conduct comprehensive cybersecurity assessments, identifying vulnerabilities and implementing strategies that have reduced overall risk exposure by 30%. My commitment to maintaining compliance with NIST, PCI DSS, and ISO standards has resulted in a 100% compliance rate during annual assessments. I am passionate about enhancing organizational security and compliance posture, consistently delivering a 95% issue closure rate and improving visibility across third-party entities.

With a Master’s Degree in Information Systems and multiple certifications, including PCI DSS Qualified Security Assessor and Certified Information Systems Auditor, I am dedicated to continuous learning and professional growth. I thrive in environments that challenge my skills and allow me to contribute to the overall security and risk management strategies of an organization.

Experience

Work history, roles, and key accomplishments

Current

Security & Vendor Risk Analyst

Current

SmartThink LLC

Jan 2019 - Present (6 years 6 months)

Conducted comprehensive cybersecurity assessments on IT infrastructure and third-party vendors, identifying vulnerabilities and implementing remediation strategies. Managed third-party risk assessment processes and developed cybersecurity strategies, ensuring compliance with NIST and PCI DSS standards. Achieved a 100% compliance rate during annual assessments and maintained daily alert management

Third Party Risk Management NIST PCI DSS Vulnerability Management Risk Management Incident Response Alerting Data Integration Stakeholder Engagement

Security Consultant

British Airways

Jan 2016 - Jan 2019 (3 years)

Created customized cybersecurity training and implemented vulnerability scanning solutions, significantly reducing phishing attack success rates and unpatched software vulnerabilities. Conducted risk assessments and designed a secure cloud migration strategy, ensuring compliance with industry standards and improving incident response times.

Vulnerability Scanning Solutions Risk Assessment Incident Response Security Awareness

IT Risk Analyst

PwC

Jan 2015 - Jan 2016 (1 year)

Developed a risk management framework that improved IT risk identification and mitigation. Collaborated on third-party vendor risk assessments and created automated risk monitoring dashboards, enhancing reporting accuracy. Conducted digital forensics and scenario analysis to improve business continuity planning.

Risk Frameworks Digital Forensics Business Continuity GDPR Compliance