Open to opportunities

Rockynson Garraud

@rockynsongarraud

Message

Experienced IT Security Analyst specializing in risk management and compliance.

United States

Message

What I'm looking for

I am looking for a role that values strategic risk management and compliance, fostering a culture of security and resilience.

I am an experienced IT Security Analyst and Risk Management Professional with nearly a decade of expertise in IT risk, controls, and consulting across technology, healthcare, and financial sectors. I have a proven track record in safeguarding organizational assets and ensuring regulatory compliance through strategic risk assessments, robust information security practices, and effective project management.

My skills include conducting due diligence, implementing comprehensive audit methodologies, and proactively managing risks to address evolving threats. Known for delivering measurable results, I have enhanced organizational resilience and maintained security in high-stakes environments, consistently ensuring compliance with industry standards and regulations.

Experience

Work history, roles, and key accomplishments

Vendor Risk Consultant

Bridgewater Bank

Mar 2024 - Jun 2024 (3 months)

Drafted Assessment Procedure Guidelines for critical vendors and reviewed information security policies, integrating enhancements for ongoing and new assessments. Defined Security Control Questionnaires and established requirements for critical vendors, leveraging internal policies and industry standards.

IT Risk Management Vendor Assessment Policy Development NIST

Third Party Risk Vendor Consultant

Truist Bank

Mar 2023 - Dec 2023 (9 months)

Facilitated assessment processes using RSA Archer and documented findings and artifacts within the system. Supported transaction data migration with SAP BODS, LSMW, Migration Cockpit, and SAP Information Steward, ensuring data integrity and security.

RSA Archer Data Migration ISO 27001 NIST GDPR

Third Party Risk Analyst / Security Control Assessor

Santander Bank

Jan 2021 - Mar 2023 (2 years 2 months)

Worked with vendors to ensure adequate tiering based on data access levels and administered questionnaires to determine control effectiveness. Conducted onsite and virtual risk assessments to continuously determine the security posture at vendor sites.

Vendor Risk Management Risk Assessment Regulatory Compliance RSA Archer SAP BPC SOX GDPR CCPA

Third Party Risk Analyst

Capital One Bank

Nov 2018 - Dec 2020 (2 years 1 month)

Administered assessment questionnaires to vendors and performed continuous monitoring during onsite visits to validate security questionnaires. Conducted on-site risk assessments based on agreed-upon procedure guidelines and reviewed critical vendor-provided documentation.

Risk Assessment Vendor Management Data Loss Prevention SSAE 18 Type II Access Control

IT Auditor

Citi Bank

Oct 2014 - Nov 2018 (4 years 1 month)

Performed audits of IT general and application controls, information security, and systems development. Led the integrity and adherence of the financial and management reporting process, ensuring compliance with SOX and client-specific requirements.

IT Audit SOX Compliance Information Security Change Management Business Continuity Disaster Recovery

Education

Degrees, certifications, and relevant coursework

Osun State University

Bachelor of Science, Information Technology

Completed a Bachelor of Science degree in Information Technology. Gained foundational knowledge in IT principles and practices.

Long Island Business Institute

Bachelor of Arts, Business Management

Completed a Bachelor of Arts degree in Business Management. Developed skills in business operations, management principles, and organizational strategies.