Laura Lentz

Details

Education: B.A.

English

Missouri State University

1990 : 1992

Experience: Responsible for leading a team of security specialists and vendor management professionals while maintaining and enhancing the information security program framework.

2022 : Present

OneAZ Credit Union

Information Security Supervisor

Assists in the development and continuous improvement of the information security compliance strategy and security control frameworks while establishing a security baseline in accordance with business and regulatory requirements (NCUA, NIST, COBIT, FFIEC and PCI.)

2021 : 2022

OneAZ Credit Union

Information Security Compliance Analyst III

Responsible for supporting the Vice President of Data Security in a variety of technical writing subject areas including cybersecurity, external IT audits, and bank-wide policies and procedures.

• Collaborated with SMEs in Compliance, Internal Audit, IT, and Vendor Management to create a written Information Security Program document that complies with the Guidelines Establishing Standards for Safeguarding Customer Information as mandated by section 501(b) of the Gramm-Leach-Bliley Act of 1999.

• Identified and created over 40 IT process flows for review by an external auditor in preparation for upcoming FDICIA requirements. Reviewed and assisted with controls, testing plans, and risk and control matrix.

• Worked with other Security team members to review and analyze the Cybersecurity Assessment Tool (CAT) requirements as it pertains to various domains within Credit One Bank.

2019 : 2021

Credit One Bank

IT/Security Technical Writer

Partnered with internal teams to ensure successful security and compliance programs aligned with client and regulatory compliance requirements. Researched, evaluated, and communicated privacy requirements that could impact company’s services process and program improvements.

• Managed client relationships and served as main point of contact regarding security and compliance questions. Also managed Remote Access authorization forms, requirements and expectations.

• Reviewed contract provisions and identified any compliance issues prior to execution, such requests for background checks, drug testing, and granting system access from remote locations.

• Partnered with Human Resources and Legal to establish best practices in ensuring international employee/contractor citizenship restrictions are compliant with client requirements and ensure Personable Identifying Information (PII) is protected from external sources.

• Assisted in completing due diligence assessments and information security questionnaires for prospective and current clients.

• Managed the employee/contractor background check life cycle and ensured all requests and noted discrepancies are completed properly and timely by the team member performing the tasks.

• Completed contract redlines on new sales deals/addendums and identified and tracked any clauses pertaining to information security and compliance that required further investigation and/or follow-up.

2016 : 2017

Rimini Street

Information Security and Compliance Analyst

Dual Role : PCI Security Technical Writer and Security Awareness Program Manager

Responsible for creating and editing various technical and security documentation for the Data and Digital Services (DDS) team in order to meet Payment Card Industry (PCI) compliance requirements. Also responsible for managing the Security Awareness program and ambassadors across Caesars’ properties. Tools utilized : MS Office, MS Visio, SharePoint, and Captivate.

• Responsible for all Security Awareness initiatives including National Cybersecurity Month events; creating Information Security pamphlets, monthly newsbytes, and quarterly newsletters; managing and recruiting Security Awareness ambassadors across the United States.; launching, managing, and analyzing quarterly phishing assessments; performing recurring clean desk checks; and acting as Skillsoft admin for all security awareness training.

• Collaborated with members of multiple technical and security teams to gather requirements for creating internal PCI security documentation and operational processes.

2015 : 2016

Caesars Entertainment Corporation

PCI Security Technical Writer and Security Awareness Program Manager

Company: OneAZ Credit Union

Years of Experience: 16

Skills

Access, Analysis, Business Analysis, Business Process Improvement, Business Requirements, Documentation, Editing, Enterprise Analysis, Flow Diagrams, Gap Analysis, Instructional Design, Learning Management Systems, Management, Microsoft Access, Needs Analysis, Performance Improvement, Process Analysis, project management, Requirements Analysis, Requirements Gathering, Requirements Verification, sharepoint, Software Documentation, technical writing, training, visio, Requirements, Learning Management

About

I am a high-energy, goal-driven professional with a background in technical writing, business analysis, program/project management, Information Security and Data Privacy/PII, as well as regulatory, industry, and contractual compliance ( PCI, SOX, NIST, and GLBA).

Throughout my career, I have demonstrated strong analytical, critical thinking, and problem solving skills resulting in well-reasoned decisions. I also possess superior organizational and time management skills with excellent attention to detail.

I am a people person so I am able to easily build rapport and establish relationships with clients, internal customers, colleagues, executives, stakeholders, and Subject Matter Experts across all levels and cultures. I have the ability to collaborate with others while working on a team as well as independently in high-stress environments. In addition, I have excellent communication and leadership skills as seen in the ability to facilitate one-on-one discussions, interviews, conference calls, group meetings, and completing special projects. I have demonstrated over the years that I have strong project management and people management skills.