As an Risk Management Analyst have the following responsibilities and functions: Mastery of BMS security risk assessment tools and question sets.
Conducts risk assessments on BMS high security risk applications. Understanding of application architectures (including web, client server, mobile & controls around cloud deployments). Responsibilities included vulnerability testing using web scanning tools like Webinspect and/or Appscan. Documents all residual risk; provides security risk advice; gets business approval for remaining residual risk. Prepared operational metrics, trend analysis, risk assessments reports for senior management. Developed understanding of the implementation and adherence to COBIT, HIPPA, PCI, Sarbanes–Oxley Requirements, Action Plans, Substantiations, and Compliance. Provided training and awareness; keeps OneBMS portal materials updated; perform training sessions as needed.
Executed dynamic risk-based assessment plans that identifies value-added recommendations to enhance Company processes and controls. Worked with a highly skilled team environment to secure U.S.-based operations, international company subsidiaries, strategic initiatives, critical business processes and key third-party outsourcing arrangements. Conducted pre-audit interviews included reviewing testing business processes and monitoring compliance with company policies, procedures, regulations (e.g., U.S. Foreign Corrupt Practices Act, interactions with healthcare professionals) and master services agreements. Strategic assessments include the Company’s social media programs, data privacy and sustainability reporting. Throughout the assessment, the Risk Manager responsible for interacting with senior management.