Shah Shahid
@shahshahid
Experienced Third-Party Risk Management Analyst and cybersecurity professional.
United StatesWhat I'm looking for
With over 10 years of experience in Third-Party Risk Management and cybersecurity, I excel in conducting risk assessments, compliance, and vendor management. My strong background allows me to translate technical risks into business impacts effectively, ensuring that organizations can navigate the complexities of cybersecurity with confidence.
At Ford Motor Company, I perform in-depth third-party risk assessments using the Prevalent platform, focusing on supplier responses and industry-standard certifications. My proactive engagement with suppliers and internal stakeholders has driven significant improvements in risk mitigation and operational efficiency. I am passionate about refining TPRM workflows and enhancing communication strategies to foster collaboration across teams.
Previously, I served as a Senior Security Analyst at Ankura, where I developed incident response plans and conducted thorough risk assessments. My commitment to continuous improvement and my ability to lead cross-functional initiatives have consistently resulted in enhanced security posture and compliance across organizations.
Experience
Work history, roles, and key accomplishments
Third Party Risk Management Analyst
Ford Motor Company
Sep 2022 - Present (2 years 10 months)
Performed in-depth third-party risk assessments using the Prevalent platform, focusing on supplier SIGLite questionnaire responses, risk levels, and industry-standard certifications. Actively engaged with suppliers to clarify responses, collect compensating controls, and help remediate high-risk items identified in the risk register.
Senior Security Analyst (GRC)
Ankura
Dec 2020 - Present (4 years 7 months)
Developed and maintained incident response plans in accordance with NIST 800-53 & 800-61. Conducted third-party risk assessments using the SIGLITE questionnaire, reviewing SOC2, HIPPA, PCI and ISO 27001 reports.
Information System Security Analyst
VeriSign, Inc.
Aug 2015 - Present (9 years 11 months)
Conducted system risk assessments and led development of incident response protocols, ensuring alignment with NIST SP 800-37 and SP 800-53 Rev. 4. Authored and maintained key A&A documentation (SSP, SAR, POA&M) and collaborated with engineers to validate technical control implementations.
Security Analyst
VeriSign, Inc.
Jan 2012 - Present (13 years 6 months)
Developed and maintained security policies, procedures, and incident response plans aligned with NIST Cybersecurity Framework and regulatory requirements. Conducted vulnerability assessments and partnered with MSSPs to improve incident response capabilities and remediation strategies.
Education
Degrees, certifications, and relevant coursework
American Public University
Bachelor’s in Business Administration, Information Systems
Completed a Bachelor's in Business Administration with a concentration in Information Systems. Gained foundational knowledge in business principles and information technology.
Tech stack
Software and tools used professionally
Availability
Location
United StatesAuthorized to work in
Job categories
Interested in hiring Shah?
You can contact Shah and 90k+ other talented remote workers on Himalayas.
Message ShahFind your dream job
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
