Pablo Escobar
Cybersecurity GRC
Winnipeg,MB
Summary
Experienced GRC Analyst with 5 years of experience in the Communications and Public Health industries, specializing in cybersecurity and compliance. Expert in conducting NIST CSF and ISO 27001 assessments, developing comprehensive cyber policies, and managing compliance projects. Proven track record of delivering quantifiable improvements in security posture and compliance readiness.
Overview
5
5
years of professional experience
3
3
Certifications
1
1
Language
Work History
Senior GRC Analyst
Rogers Communications
01.2023 - Current
- Conduct comprehensive assessments using NIST CSF and ISO 27001, enhancing cybersecurity frameworks and compliance postures
- Develop and implement robust policies for vulnerability management, incident response, SIEM, IAM, and asset management, resulting in a 40% reduction in identified vulnerabilities
- Conduct Business Impact Analysis to evaluate potential risks and prepare mitigation strategies
- Oversee PCI-DSS readiness assessments, aligning payment security with industry standards.
GRC Analyst
Shared Health Inc.
03.2019 - 10.2023
- Designed and executed ISO 27001 and NIST CSF assessments, identifying and mitigating risks across digital and physical assets
- Specialized in developing and enforcing robust asset management policies, ensuring effective tracking and protection of digital assets
- Built and maintained policies for incident response and vulnerability management, significantly improving response times and reducing the impact of security incidents
- Led the development of comprehensive cyber policies, ensuring alignment with industry regulations and standards
- Administered SIEM solutions, contributing to improved security monitoring and incident management
- Conducted business impact analyses to anticipate and mitigate potential disruptions
- Conducted HIPAA and PCI-DSS readiness assessments, leading to improved compliance and data security measures.
Education
Bachelor of Science in Information Technology -
University of Manitoba
Winnipeg, ManitobaSkills
Frameworks & Standards: NIST CSF, ISO 27001, HIPAA, PCI-DSS
Websites
Certification
Comptia Security+, Expected 06/24
Accomplishments
- Designed and executed a series of targeted assessments, leading to a 30% improvement in threat detection capabilities.
- Collaborated with IT departments to streamline patch management processes, achieving a 40% reduction in patch deployment times
- Analyzed and documented the potential impact of disruptions on essential services, guiding the development of robust recovery strategies.
- Coordinated with cross-functional teams to implement recovery plans, ensuring business continuity during critical incidents.
- Conducted detailed gap analyses to identify compliance shortfalls, resulting in a strategic overhaul of privacy and security measures.
- Implemented targeted training programs for staff, increasing awareness and adherence to HIPAA requirements by 50%
- Identified and addressed over 100 compliance gaps, significantly reducing the risk of data breaches and financial fraud.
- Collaborated with payment processors and IT teams to enhance encryption and access control measures, ensuring a robust security of payment systems
Cybersecurity Enhancement Initiative:
Spearheaded a company-wide vulnerability management program, identifying and mitigating over 500 critical vulnerabilities within the first year, enhancing system resilience against cyber threats.
Risk Management:
Developed and conducted a Business Impact Analysis (BIA) for key communication services, facilitating the establishment of a prioritized incident response strategy that minimized downtime by 25%.
Regulatory Compliance Enhancement:
1. Led a HIPAA readiness assessment project, enhancing the protection of health information for over 10,000 clients by aligning data handling processes with compliance standards.
2. Managed a PCI-DSS readiness assessment for the organization's payment systems, successfully mitigating potential compliance risks and securing transaction data for millions of transactions annually.
Timeline
Senior GRC Analyst
Rogers Communications
01.2023 - Current
GRC Analyst
Shared Health Inc.
03.2019 - 10.2023
Bachelor of Science in Information Technology -
University of Manitoba
Similar Profiles
Rutika TawdeRutika Tawde
Manager - Business Controls at Rogers Communications Inc. (Rogers Bank)Manager - Business Controls at Rogers Communications Inc. (Rogers Bank)
Syed RizviSyed Rizvi
Sales Representative at Rogers CommunicationsSales Representative at Rogers Communications
Kimberley CousinsKimberley Cousins
Assistant Project Manager at Rogers CommunicationsAssistant Project Manager at Rogers Communications
Gurkamal SinghGurkamal Singh
Sales Representative at Rogers Communications Inc.Sales Representative at Rogers Communications Inc.
Gurwinder KaurGurwinder Kaur
Cleaner at Sunrise EnterprisesCleaner at Sunrise Enterprises