Diane Reiter
Details
Spanish, minor - Economics
Franklin & Marshall College
Certificate
Accounting
Norwalk Community College
2009 : 2011
• Create control procedures that map to company standards (Examples are : Control Procedures Process, Security Control Standards Management, Asset Risk Assessment Program, Asset-Based Testing Procedure, Data Transfer Authorization Process)
• Cite appropriate regulatory, compliance and company references
• Work with Business Unit SMEs and secure approval from applicable Procedure Owner
• Tools used : Azure DevOps Kanban boards, MS-Word, MS-Visio, SnagIt, SharePoint
2023 : Present
Navy Federal Credit Union
Sr. Cybersecurity Technical Writer/BA, SGR
Document 35 Critical IT Security Controls for AWS and Google Workspace platforms :
• Create, edit, and maintain cybersecurity compliance and implementation documentation for current and future applications (AWS, Google Workspace)
• Support internal peer review and quality assurance efforts, assemble documentation for audits and ensure that documentation is compliant with governance policies
• Research and evaluate new documentation needed
• Follow an established style guide and work with other technical writers to improve
• Collaborate with platform analysts, project managers and subject matter experts to collect and interpret their input for security compliance guides (scg)
• Use scgs and Responsibility matrix to write Google Workspace System Security Plan (SSP), Privacy Threshold Assessment/Privacy Impact Assessment (PTA/PIA), Contingency Plan, and Configuration Plan.
• Perform interviews and review sessions with security professionals (including CISO level) to understand the details of control implementation or remediation needed
• Collect evidence and produce diagrams as applicable for above scgs
• Align controls to NIST SP 800-53 and consult AWS Operational Best Practices for NIST 800-53 rev 5
2022 : 2023
Apex Systems for State of Maryland
Control Implementation Specialist/Technical Writer
Working for Data and Analytics Governance, Commercial Information Management and Operational Analytics to support strategies and documentation requirements for Customer Excellence and Operations group :
• Create and update process documentation : Data Acquisition and Procurement Process; Data Sharing Between Biogen and Sage; Data Deletion process (GDPR), RADAR intake process (allows users to request reports and extracts from the Operational Analytics and Data Management teams); Patient NBA (Next Best Action); understand workflows and process to create these documents
• Identify documentation needs for Patient Engagement NBA (next best action) model; Document use cases for same- patient interventions generated from data ingestion, ML tactics, business rules, factors, and features
• Edit and update MDM (Master Data Management) SOPs and flow diagrams for validating HCO and HCP data in VEEVA and Gaine : DCR (Data Change Request, DQR (Data Quality Review), KAM (Key Accounts Management), BBU, MD Alignment. And generic SOPs : ServiceNow, HCO Manual Merge. Audience is the Data Steward team.
• Update PowerBI dashboard template with descriptive information about 80 dashboards including description, owner, filters, data objects used, metrics used, sql query, etc.
2022 : 2022
SSI People for Biogen
Governance/Data Analytics Documentation Specialist
Under the direction of the Sr. Manager, IT Compliance, GRC, create IT Information Security Standards and Implementation Guides : research industry standard, work with GRC team and SMEs to review and approve documents.
• Standards completed : Oracle Database Security Standard, Windows Server Security Standard, Apache Web Server Security Standard, MS IIS Web Server Security Standard, MS SQL Server, Windows 10 Security Standard, Active Directory Security Standard, Logging Security Standard, WebSphere Security Standard, Oracle Enterprise Linux Security Standard, Amazon Linux Standard, MongoDB Security Implementation Guide, Couchbase Security Implementation Guide, DNS (Domain Name System) Security Standard, Database Security Standard, VMware Security Standard, AWS Cloud Security Standard
• Use CIS Benchmarks, NIST SP 800-53, 800-171, SP-81-2, and vendor information as source material for standards
• Work with technical member of GRC team to determine customized settings for standards based on Qualys PC recommendations
• Use Axonius to determine server version information for end of life support
2021 : 2022
Pinnacle Group, Inc. for United Airlines
Cybersecurity Technical Writer - IT/GRC
• Documentation support for lift and shift of ERP from AX2012 to D365 Commerce and Finance & Operations : responsible for external audit requests including solution architecture information, interfaces, application support, process narratives, Fastpath configurations for access control. Solution aligned with APQC.
• Runbook for D365 Back office site move configurations – audience is IT App Support and IT Security team.
2021 : 2021
Isphere for Mattressfirm
Sr. Technical Writer
Skills
Business Analysis, Business Requirements, CIS Benchmarks, Compliance PCI, Compliance SOX, Confluence, Cybersecurity, Cybersecurity Standards, Google Meet, Information Technology, Integration, IT Audit, IT Governance, IT Security Policies, JIRA, Management, Microsoft Office, Microsoft Word, monday.com, MS-Visio, MS-Word, Network Security, NIST, NIST 800-53, Payment Card Industry Data Security Standard (PCI DSS), PowerPoint, Proofreading, Recruiting, Requirements Gathering, SDLC, SharePoint, SnagIt, Software Documentation, SOX 404, Standard Operating Procedure (SOP), Talent Acquisition, Teams, Technical Documentation, Technical Writing, Training, Veeva, Vendor Management, Visio
About
Accomplished in cybersecurity technical writing, writing for IT security controls implementation, and business analysis for IT projects. Strong written and oral communication skills. Experience working in large corporate environments. Knowledge of NIST 800-53, IT Security Controls, SOX, PCI, IAM, AWS.
Currently working as a Cybersecurity Technical Writer for Navy Federal Credit Union where I'm writing Control Procedures that align to company Information Security Standards.
I also have recent experience as an AWS Technical Writer under the Sr. Director, AWS Cloud Services where I produced a Style Guide for Technical Writers, AWS MAP Assessment template, CloudCheckr Onboarding and Credentialing procedures, and CloudCheckr Dashboard Configuration documentation.
For previous jobs, I wrote IAM process documentation and updated security policies for the Carrier separation project which involves the migration of all Cybersecurity applications and processes from UTC to Carrier so that Carrier can function as a separate entity.
Prior experience includes Regeneron where I was part of the IT Shared Services dept. There I used Confluence, Jira, Visio, Word, PowerPoint, and ServiceNow. Weight Watchers under the VP of Global CyberSecurity and earlier Sr. Director of IT Security & Compliance where I lead the SOX and PCI Audit initiatives from IT perspective. Strong knowledge of SOX controls and evidence required for justification and remediation. Strong knowledge of PCI requirements and have worked with external and internal QSA to provide evidence. Knowledge of PCI DSS v3.3, SOC1, SOC 2, PCI ROC, and Service Providers.
Prior experience: various long and short term assignments as a Tech Writer in the IT dept. at companies such as Moody's, Avon (PCI), L'Oreal, DSNY (NYC Dept of Sanitation), BNYM, Con Edison, Boerhinger Ingelheim, and Unilever. Documents I wrote/updated include technical design documents, User Guides, Process documents, Policies, SOPs, Work Instructions, Operations Runbooks, System Maintenance Guides, Test Plans, Training Plan, Implementation Plans, Architecture Solutions, etc.
Also experienced in SDLC and Agile and all deliverables, user guides, technical references, process/procedure and flows, runbooks, SOX, SOPs, WIs (Work Instructions), etc.
Tools used: Confluence, Jira, Word, Visio, Excel, SnagIt, XML, FrameMaker, Sharepoint, ServiceNow, Google docs.
Skills/Knowledge; SOX, PCI, IT Compliance & Security, Technical Writing, Business Analyst, SDLC, Agile, Sarbanes-Oxley IT controls, pharma (SOPs), Work Instructions
Profile Photo
