Samantha K.
Details
Linguistics
George Mason University
• Provide training and education to vendors on GRC policies and procedures.
• Provide expert advice on aspects of Governance, Risk, and Compliance (GRC) to ensure compliance with industry regulations and internal policies.
• Responsible for identifying, assessing, and mitigating information security risks across our clients organizations.
• Identify and assess information security risks across client organizations, including but not limited to IT infrastructure, applications, and data.
• Develop risk management strategies and recommend risk treatment options to mitigate identified risks.
• Collaborate with cross-functional teams to develop and implement security controls to mitigate identified risks.
• Keep up-to-date with emerging trends and technologies in information security risk management.
• Responsible for providing technical expertise in security solutions for our clients and their vendors.
• Perform security assessments and gap analyses for clients to identify security vulnerabilities and risks.
• Provide technical support to clients/vendors on security issues and incidents.
• Responsible for managing the governance, risk, and compliance aspects of mergers and acquisitions (M&A) activities, including risk assessments, and integration planning.
• Develop and maintain strong relationships with key stakeholders, including legal, finance, and compliance teams.
• Develop and maintain GRC metrics to track the effectiveness of the GRC TPRM program and identify areas for improvement.
2022 : Present
BitSight
Information Security Risk Consultant
• Responsible for designing, developing, and delivering effective security awareness training programs to our organization and our clients.
• Develop and deliver security awareness training programs for employees and clients, including but not limited to phishing awareness, password security, and social engineering.
• Collaborate with cross-functional teams to design and develop training materials, including e-learning modules, videos, and presentations.
• Monitor and evaluate the effectiveness of security awareness training programs and recommend improvements.
• Responsible for conducting open source intelligence (OSINT) research and social engineering assessments to identify security vulnerabilities and risks for our clients.
• Conduct open source intelligence (OSINT) research to gather information on target organizations and individuals.
• Conduct social engineering assessments, including phishing, pretexting, and other tactics, to identify security vulnerabilities and risks.
• Develop and execute social engineering campaigns, including designing and sending phishing emails, to test client security posture.
• Provide recommendations to clients on how to mitigate identified risks and vulnerabilities.
• Keep up-to-date with emerging trends and technologies in social engineering.
2021 : 2022
KnowBe4
Security Awareness Training Consultant
• Develop and implement community-based solutions to improve telecommunications infrastructure and services in underserved communities.
• Collaborate with local governments, community leaders, and telecommunications providers to identify opportunities for improving telecommunications access and services.
• Lead the planning, design, and implementation of telecommunications projects, including fiber-optic networks, wireless networks, and broadband services.
• Develop and manage project budgets, timelines, and resource allocation.
• Provide technical expertise and guidance to project teams and stakeholders.
• Manage project risks and issues and develop mitigation strategies.
• Develop and maintain strong relationships with key stakeholders and partners.
• Provide regular project updates to executive leadership and other stakeholders.
2020 : 2021
Spectrum
Director Community Solutions
• Design and implement MDM and IoT security solutions for clients, including but not limited to device management, network security, and data protection.
• Perform security assessments and gap analyses for clients to identify MDM and IoT security vulnerabilities and risks.
• Provide technical support to clients on MDM and IoT security issues and incidents.
• Collaborate with cross-functional teams to identify areas for improvement and implement corrective actions.
• Provide training and education to clients on MDM and IoT security solutions and best practices.
• Keep up-to-date with emerging trends and technologies in MDM and IoT security solutions.
2019 : 2020
Verizon Business
MDM & IoT Security Solutions Consultant
• The Business Development Officer will be responsible for identifying, pursuing, and developing new business opportunities to help drive growth and increase revenue for the bank.
• Identify new business opportunities through research and analysis of market trends, competitive landscape, and customer needs.
• Develop and implement strategic plans to acquire new customers and expand the bank's customer base.
• Build and maintain relationships with key business partners and stakeholders.
• Work closely with other departments within the bank to ensure alignment of goals and objectives.
• Prepare and deliver presentations to potential customers and partners to showcase the bank's products and services.
• Attend industry conferences, events, and networking opportunities to build the bank's brand and reputation.
• Monitor and analyze sales and marketing metrics to measure the effectiveness of business development strategies.
• Stay up-to-date with industry trends and best practices to ensure the bank remains competitive.
2016 : 2019
PNC
Business Development Officer
Skills
Active Directory, Amazon Web Services (AWS), Botnets, Budget Management, Business Continuity, Business Operations, Business Strategy, Contract Negotiation, Cybersecurity, Data Privacy, DNS Management, GRC, HTML5, Incident Response, Information Security, Internet of Things (IoT), ISO 27001, Jira, Knowbe4, Leadership, Linux, Mobile Device Management, Mobile Security, Network Administration, Network Architecture, Network Security, NIST, Nmap, OneTrust, Payment Card Industry Data Security Standard (PCI DSS), Phishing, PostgreSQL, Project Management, Public Speaking, Python (Programming Language), Risk Assessment, Risk Management, Salesforce.com, Sales Management, shodan, Social Engineering, SPF, SQL, Stakeholder Management, Strategic Planning, Third Party Risk Management (TPRM), Transport Layer Security (TLS), virustotal, Vulnerability Assessment, Web Application Security
About
As an experienced cybersecurity professional, I have developed a diverse set of skills in information security, GRC, TPRM, network infrastructure, vulnerability/threat research, security awareness training, and social engineering.
My passion for protecting organizations from cyber threats has driven my career, and I specialize in conducting comprehensive risk assessments, developing risk management strategies, and providing guidance on compliance with industry standards and regulations. My ability to communicate complex security concepts to stakeholders at all levels has helped me build strong relationships and earn trust.
Profile Photo
