MATARR GAYE
Winnipeg,MB
Summary
Organized and dependable candidate successful at managing multiple priorities with a positive attitude. Willingness to take on added responsibilities to meet team goals.
Overview
3
3
years of professional experience
Work History
Information Security Analyst
Sobeys
06.2022 - Current
- Review ISO 27001 and ISO 27002 standards to identify potential gaps in required documentation and processes.
- Work with business units, internal IT and 3rd party vendor teams to promote and adopt security best practices.
- Contribute to the continuous improvement of the information security management system (ISMS) in accordance with ISO 27001 and NIST SP 800-53 Standards.
- Assist in document gathering and evidence collection for audit purposes.
- Document security gaps identified as findings that required remediation and continuous monitoring.
- Review SOC 2 type 2 report, pentest report, internal vulnerability scan report, Incident response report, to make sure it is current and operating effectively.
- Control documents for easy tracking and accountability. Create standard templates for recording data.
- Performed Risk Assessment and Business Impact Analysis to identify risks that need to be remediated or continuously monitored.
Third Party Risk Analyst
Cameco
01.2021 - 06.2022
● Performed due diligence on vendors as part of third party risk assessments.
● Monitored 3rd party operational risk trends and provided analysis of data and other operational risk metrics using Security Scorecard.
● Conducted risk assessments using the GRC tool Archer and tracked concerns found with the assistance of mitigating measures.
● Performed assessment of third-party security and related due diligence documentation (such as SOC, SIG Questionnaire, PCI, policy)
● Develop and implement risk mitigation and issue remediation strategies for identified third-party risks or issues.
● Facilitate the review of risk subject matter experts and other business stakeholders when appropriate throughout the lifecycle of an engagement from onboarding to termination.
● Gather information security controls evidence from third-parties on behalf of our clients.
● Review SOC 2 type 2, pentest report, Internal vulnerability scan report, Incident response report, to make sure they are current and operating effectively.
● Document finding, generate report and communicating reports to the business unit.
Education
Bachelor of Science - Applied Computer Science
University of Winnipeg
Winnipeg, MB12.2023
Associate of Science - Engineering
Wake Technical Community College
Raleigh, NC12.2018
Skills
- Java
- JavaScript
- Networking
- Database
- Tableau
- Information Security
- Project Management
- System Analysis and Design
Languages
English
Full Professional
Timeline
Information Security Analyst
Sobeys
06.2022 - Current
Third Party Risk Analyst
Cameco
01.2021 - 06.2022
Bachelor of Science - Applied Computer Science
University of Winnipeg
Associate of Science - Engineering
Wake Technical Community College
Similar Profiles
Jeanne MuhawenimanaJeanne Muhawenimana
Front Desk / Customer Service at SobeysFront Desk / Customer Service at Sobeys
Gabriel GonzoGabriel Gonzo
Float Pharmacist at SobeysFloat Pharmacist at Sobeys
Jery Martin JoseJery Martin Jose
Deli Cook at SobeysDeli Cook at Sobeys
Harmanjot KaurHarmanjot Kaur
Administration Manager at SobeysAdministration Manager at Sobeys
Gurwinder KaurGurwinder Kaur
Cleaner at Sunrise EnterprisesCleaner at Sunrise Enterprises