Summary
Overview
Work History
Skills
Timeline
Generic

Tochi E

Laurel

Summary

Experienced cybersecurity professional with a proven track record in safeguarding information systems and preventing data breaches. Recognized for a collaborative approach and unwavering dedication to achieving tangible results. Possess essential skills in network security, incident response, and risk management. Highly regarded for reliability and ability to adapt to evolving threats.

Overview

9
9
years of professional experience

Work History

Cyber Security Specialist

FireShot USA
06.2021 - Current
  • Strategically integrated the NIST Cybersecurity Framework (CSF) by conducting in-depth assessments, aligning organizational practices with CSF guidelines, and implementing tailored controls, thereby fortifying the company's cybersecurity posture, and ensuring alignment with industry best practices alongside ISO27001
  • Spearheaded the alignment of existing security measures with ISO27001 standards by conducting a comprehensive review, collaborating cross-functionally to address identified gaps, and implementing policies and procedures to fortify the company's information security management system
  • Orchestrated successful ISO27001 certification audits through meticulous risk assessments, employee education initiatives, regular internal audits, and proactive stakeholder engagement, fostering a culture of continual improvement and ingraining compliance within the organizational fabric for sustained resilience against evolving cyber threats
  • Championed a culture of security awareness by delivering impactful Cyber Security training to staff, fostering adherence to best practices across the organization.
  • Maintained up-to-date knowledge of emerging threats, providing proactive solutions for potential vulnerabilities.
  • Contributed to the development of company-wide policies on information security, privacy, and acceptable use of technology resources.
  • Collaborated with IT teams to ensure secure implementation of new software applications and systems.
  • Reduced cyber risks by conducting regular vulnerability assessments and penetration tests.
  • Managed patch management procedures effectively, ensuring timely updates to mitigate vulnerabilities in the organization''s systems.
  • Enhanced network security by implementing advanced threat detection and prevention tools.
  • Advised executive leadership on current threat landscapes, providing strategic guidance on improving overall cybersecurity posture.

Cyber Security GRC Consultant

Purple fox-Technologies
04.2017 - 06.2021
  • Supported the design and implementation of a comprehensive Governance, Risk, and Compliance (GRC) framework for the organization.
  • Developed and implemented policies, procedures, and protocols that align with industry standards and regulations.
  • Championed compliance and security integrity by conducting risk assessments and security architecture reviews to ensure alignment with NIST CSF, PCIDSS, HIPAA, and other regional regulations governing data protection and financial transactions.
  • Instituted robust monitoring systems, vendor compliance checks, and stringent security protocols, creating an ecosystem that not only met regulatory demands but also bolstered customer trust by safeguarding sensitive financial information and transactions.
  • Supported security policy alignment and harmonization post-merger with Credit Suisse, ensuring seamless integration and enhanced cyber resilience.
  • Utilized expertise in cybersecurity governance, risk, and compliance to ensure effective management of cyber threats and adherence to industry best practices.
  • Successfully executed business continuity plans during crisis scenarios, thereby safeguarding ongoing operations from disruption.
  • Conducted thorough audits and identified areas for improvement, leading to enhanced internal controls and risk management practices.
  • Conducted gap analysis exercises for clients, identifying areas requiring attention to achieve complete adherence to requisite standards.
  • Facilitated cross-functional collaboration for the development and implementation of comprehensive GRC programs.
  • Developed tailored GRC solutions for client organizations, resulting in increased security and reduced exposure to risks.
  • Championed a culture of continuous learning through regular training sessions, workshops, and knowledge-sharing initiatives aimed at enhancing staff competencies within the GRC domain.

Junior Cyber–Security Analyst

ERNEST CONSULTING
09.2015 - 08.2017
  • Performed Information Assurance function including preparation of system Security Plans (SSPs), security briefings, security audits and inventory
  • Provided information assurance support for the development and implementation of security architectures to meet new and evolving security requirements
  • Performed Vulnerability assessment and Risk Analysis for various applications also implemented security controls to mitigate the high risk
  • Maintained security posture/awareness by applying information assurance policies, compliance, and security best practices to deter and mitigate vulnerabilities and cyber-threats
  • Generated security documentation, including security assessment reports; system security plans; contingency plans; and disaster recovery plans
  • Reviewed, documented, analysed, and evaluated the business system of Authorization and Accreditation (A&A) and Plans of Action and Milestones (POA&Ms) in accordance with FedRAMP
  • Provided security support and evaluation to development teams to integrate information assurance/security throughout the System Life Cycle Development of major and minor application releases
  • Provided security engineering support and consulting services to the Designated Approval Authority (DAA) regarding current and future security infrastructure implementations and changes
  • Provides input and tracking matrixes for IAVA management and other Information Assurance and Vulnerability reports.
  • Collaborated with IT teams to integrate security measures into the development and deployment of new applications.
  • Analyzed security incidents post-resolution, identifying areas for improvement in both technical controls and incident response processes.
  • Performed regular reviews of user access rights, minimizing the risk posed by insider threats or compromised accounts.
  • Streamlined communication during incidents by establishing clear protocols for reporting potential threats or breaches in a timely manner.
  • Assisted in the design and implementation of secure cloud environments, ensuring proper controls were in place to protect sensitive data from unauthorized access.
  • Optimized security monitoring processes by implementing automated tools for real-time threat detection and analysis.
  • Improved incident response times by developing and maintaining cybersecurity playbooks for common attack scenarios.

Skills

  • Network protocols
  • Application security
  • Patch management
  • Secure development lifecycle
  • Cybersecurity frameworks
  • Cloud security
  • Compliance auditing
  • Business continuity planning
  • Problem-solving abilities
  • Security risk assessment
  • Multitasking
  • Reliability
  • Multitasking Abilities
  • Team building
  • Professionalism
  • Time management abilities
  • Security assurance

Timeline

Cyber Security Specialist

FireShot USA
06.2021 - Current

Cyber Security GRC Consultant

Purple fox-Technologies
04.2017 - 06.2021

Junior Cyber–Security Analyst

ERNEST CONSULTING
09.2015 - 08.2017

Similar Profiles

  • CLAY Lewi Siosi

    CLAY Lewi SiosiCLAY Lewi Siosi

    Fellow at American Association of Hand Surgery (AAHS) – Scripps Hand Surgery Clinics, Valley Hand Surgery Centre, San Diego, California, USA. OrthoCarolina Hand Surgery, South Charlotte, North Carolina, USA. Texas Childrens Hospital, Houston, USA.Fellow at American Association of Hand Surgery (AAHS) – Scripps Hand Surgery Clinics, Valley Hand Surgery Centre, San Diego, California, USA. OrthoCarolina Hand Surgery, South Charlotte, North Carolina, USA. Texas Childrens Hospital, Houston, USA.

  • Raghavendra Walkhinde

    Raghavendra WalkhindeRaghavendra Walkhinde

    Senior Executive at Joined Escorts/Goetze Ind Ltd/Federal mogul USA/Tenneco USA/Apollo USASenior Executive at Joined Escorts/Goetze Ind Ltd/Federal mogul USA/Tenneco USA/Apollo USA

  • Tiffani Kirksey

    Tiffani KirkseyTiffani Kirksey

    CNA, Mother Baby/Trauma Center at USA Medical Center/ USA Children's & WomenCNA, Mother Baby/Trauma Center at USA Medical Center/ USA Children's & Women

  • ZMARION COOLEY

    ZMARION COOLEYZMARION COOLEY

    Team Member at JacksTeam Member at Jacks

  • Logan Cogdell

    Logan CogdellLogan Cogdell

    News Anchor/Sports Reporter at ATV NewsNews Anchor/Sports Reporter at ATV News

CREATE PROFILE
Tochi E