Profiles search

Tomika Emeriewen

Information Security Analyst @ Top Group Technologies | Protecting Your Data
Raleigh, NC, United States

Details

Experience: • Conducted regular assessments of third-party vendors and their security controls to identify potential vulnerabilities or weaknesses in their systems.

• Worked with vendors to ensure compliance with industry standards such as HIPAA, , or ISO 27001.

• Developed and executed risk-based approaches to assess and monitor third-party vendors, including continuous monitoring and reporting of risks and issues.

• Conducted on-site assessments of third-party vendors' information security programs to ensure compliance with policies and procedures.

• Developed and implemented third-party risk management metrics and reports to provide insight into vendor risk exposure and trends.

• Maintained knowledge of industry standards and regulatory requirements to ensure compliance with vendor management practices.

• Collaborated with internal teams such as Legal, Procurement, and Information Security to ensure appropriate risk management controls were in place.

• Conducted due diligence assessments for mergers and acquisitions to assess third-party risks and compliance.

• Reviewed and provided feedback on third-party vendor security questionnaires and security control attestations.

2020 : Present

Top Group Technologies

Information Security Analyst

• Monitored use of data files and regulated access to protect secure information.

• Monitored computer virus reports to determine when to update virus protection systems.

• Conducted security audits to identify vulnerabilities.

• Worked with other teams to enforce security of applications and systems.

• Administered and monitored firewalls, intrusion detection systems and anti-virus software to detect risks.

• Reviewed violations of computer security procedures and developed mitigation plans.

• Executed penetration testing to identify security weaknesses and develop disaster recovery plans.

• Analyzed network traffic and system logs to detect malicious activities.

• Researched and developed new computer forensic tools.

• Provided recommendations for remediation actions to mitigate risks associated with third-party vendors.

• Developed and implemented training programs for employees on vendor risk management practices and procedures.

• Manage and track the status of Plans of Actions and Milestones (POAM's) items within CSAM.

2018 : 2019

KSE Consulting Group

Cyber Security / GRC Specialist
Company: Top Group Technologies

About

As an Information Security Analyst at Top Group Technologies, I conduct regular assessments of third-party vendors and their security controls to identify and mitigate potential risks. I work with vendors to ensure compliance with industry standards such as HIPAA, TPRM, or ISO 27001, using tools and frameworks such as NIST SP 800-53, 800-53A, 800-60, 800-30, 800-37, 800-171, FIPS 199, FIPS 200.



With the help of my CompTIA Network+ certification, I monitor and protect the organization's network and systems from cyber threats, using firewalls, intrusion detection systems, anti-virus software, and penetration testing. I also develop and implement third-party risk management metrics and reports to provide insight into vendor risk exposure and trends. I am passionate about cybersecurity and always eager to learn new skills and technologies.