Profiles search

Lahoucine Boutam

💻 Cybersecurity Associate In GRC Space, NIST Framework, PCI DSS, and HIPAA Framework | 🔖 certified |🔐 Safeguarding organizations from cyber threats through Threat Intelligence, and Risk Management.
Winthrop, MA, United States
Details

Education: Bachelor's degree

Computer/Information Technology Administration and Management

Southern New Hampshire University

2023 : 2025

Healthcare It, system information

Information Technology

Bunker Hill CC

2020 : 2023

Certificate

Cyber-security GRC Compliance

My It University

2022

Associate's degree

Data processing / Information Systems

Euriatech Institute

2001 : 2003

Economics and science

Economics

Kaddy Ayad University - Marrakech

2000 : 2002

Experience: • Ensure strong oversight of all third-party risks and provide Business Partners

visibility of existing and emerging risks

• Continually reassess the operational risks associated with Third Party

Risk Management and inherent in the business, taking account of changing

economic or market conditions, legal and regulatory requirements, operating

procedures and practices and the impact of new technology

• Ensure that Third Party Risk Management activities and actions are in

accordance with all relevant policies and procedures as contained in the Group

Instruction Manual (GSM & FIMs) and Regional Third-Party Risk Management

Procedures

2022 : Present

Top Group Technologies

Information Security / Third-Party Risk Analyst

• Assisted in developing, defining, and maintaining HIPAA information security

policies, standards and procedures relating to Solar System (surgical tracking System),

• Provide education and guidance to clinicians as necessary to navigate Solar

Surgical Tracking system.

• Perform Security Risk Assessment as required by the HIPAA Security Rule and the Centers for Medicare and Medicaid Service (CMS) Electronic Health Record (EHR) Incentive Program.

• Performed vulnerability assessment, making sure risks are assessed and proper, actions taken to mitigate them.

• Conducted IT controls risk assessments including reviewing organizational policies, standards and procedures and providing advice on their adequacy, accuracy, and compliance with industry standards.

2015 : 2022

Saint Elizabeth Hospital, Inc.

Information System/ Compliance

Company: Top Group Technologies

Years of Experience: 8

Skills Access Control, Communication, Computer Networking, Computer Science, Coordinate Meetings, Cybersecurity, Data Analysis , Databases, EDR, French, GRC, Healthcare Compliance, Healthcare Information Technology (HIT), Hipa, Identity & Access Management (IAM), Identity and Access Management for Health Information Exchange, Information Security, Information Security Management, Information Systems, Information Technology, Internet Protocol Suite (TCP/IP), Intrusion Detection, ISO 27001, IT Security Assessments, Linux, Microsoft Excel, Microsoft Office, Networking, Network Security, NIST, NIST 800-53, Payment Card Industry Data Security Standard (PCI DSS), Python (Programming Language), Qualys, Report Writing, Security Information and Event Management (SIEM), Security Plus, ServiceNow, Splunk, Splunk Enterprise Security, SQL, Tenable Nessus, Vulnerability Assessment, Vulnerability Management, Wireshark
About As a cybersecurity analyst, I am passionate about keeping organizations safe from cyber threats. I have a strong technical background in vulnerability assessments, penetration testing, and risk management. My expertise also includes GRC (governance, risk management, and compliance), NIST framework, PCI DSS, and HIPAA framework.



Throughout my career, I have worked with organizations of all sizes, to develop and implement effective cybersecurity strategies. I am skilled in identifying and analyzing potential security risks and developing comprehensive solutions to mitigate them.



My goal is to leverage my experience and technical knowledge to help organizations strengthen their cybersecurity posture and protect against a constantly evolving threat landscape. If you are looking for a dedicated and knowledgeable cybersecurity analyst, I would love to connect and discuss how I can help your organization stay safe and secure.