Nancy Telfer CISSP, PCI-ISA, CRISC, PMP

Senior IT Cyber Security Governance, Risk and Compliance Professional

Webster, NY, United States

Details

Education: Bachelors of Science in Information Technology - Highest honors

Concentration in Networking and Systems Administration

Rochester Institute of Technology

1996 : 2002

Mini MBA

Busines

Rutgers University

2008 :

Mini MBA

Rutgers Graduate School of Education

Experience: 2023 : Present

Nexo Group, LLC

Senior CyberSecurity Consultant

2021 : 2023

Frontier Communications

Director of Governance Risk and Compliance

2019 : 2022

Frontier Communications

Director of IT Security - Technology Risk

2017 : 2019

Windstream

Senior IT Audit and Compliance Manager

2015 : 2017

EarthLink

Principal IT Internal Auditor

Company: Nexo Group, LLC

Years of Experience: 28

Skills Business Continuity, Business Process Improvement, Change Management, CISSP, Computer Security, Cross-functional Team Leadership, Data Center, Disaster Recovery, Firewalls, Governance, Information Security, Information Technology, INFOSEC Professional, NSTISSI NO. 4011, Leadership, Linux, Management, Network Architecture, Networking, Network Security, NIST Risk Management Validator, Penetration Testing, PMP, Process Improvement, Product Development, Project Management, Project Planning, Requirements Analysis, Risk Management, SAP, SDLC, Security, Senior IA Systems Manager, CNSSI NO. 4012, Servers, Software Development, Software Development Life Cycle (SDLC), Software Documentation, Solaris, Troubleshooting, Windows Server, Cross-functional Team, NIST Risk Management, INFOSEC Professional, Senior IA Systems

About IT professional with over 12 years of experience with a fortune 500 company in the Information technology field focusing on securely supporting information systems and networks, IT audit, risk and compliance, IT project management and people management with a desire to continue to grow in the IT security, Risk management and Compliance field.

Professional Profile Summary:

IT Audit: develop risk based test plans and auditing for SOX, PCI, Operational audits, and Financial audits.

Risk Management: evaluate, implement and oversee information security processes and IT infrastructure.

IT Governance & Compliance: develop and ensure information security, privacy policies and standards.

Training and Awareness: perform compliance training and audit security awareness programs.

Data Analytics: perform data driven analysis for root cause determination and continuous improvement.

Vendor Management: perform audits, assessments, and management of third party vendors.

Business Impact Analysis: effectively evaluate the potential effects of an interruption to business operations as it relates to business continuity planning and disaster recovery.

Vulnerability Management: effective use of tools to identify, determine risk and ensure remediation of IT vulnerabilities in applications, networks, and systems.

Project Management: focus on resource, budget, risk and time management of projects and audits.

Customer Focus: effective design and implementation of efficient, secure and maintainable solutions to meet customer needs.

Communication Skills: effective written and verbal skills to all levels of management.

Supervisory Skills: experience leading, motivating and mentoring highly technical cross functional teams.

Key Training:

• NSTUSSI No. 4011 - FISMA / NIST Information Systems Security Professional

• CNSSI No. 4012 - FISMA / NIST Senior IA Systems Manager

• Kodak Operating System Practitioner - Lean Six Sigma Kaizen techniques