Nancy Telfer CISSP, PCI-ISA, CRISC, PMP
Education:
Bachelors of Science in Information Technology - Highest honors
Concentration in Networking and Systems Administration
Rochester Institute of Technology
1996 : 2002
Mini MBA
Busines
Rutgers University
2008 :
Mini MBA
Rutgers Graduate School of Education
Experience:
2023 : Present
Nexo Group, LLC
Senior CyberSecurity Consultant
2021 : 2023
Frontier Communications
Director of Governance Risk and Compliance
2019 : 2022
Frontier Communications
Director of IT Security - Technology Risk
2017 : 2019
Windstream
Senior IT Audit and Compliance Manager
2015 : 2017
EarthLink
Principal IT Internal Auditor
Company: Nexo Group, LLC
Years of Experience: 28
Professional Profile Summary:
IT Audit: develop risk based test plans and auditing for SOX, PCI, Operational audits, and Financial audits.
Risk Management: evaluate, implement and oversee information security processes and IT infrastructure.
IT Governance & Compliance: develop and ensure information security, privacy policies and standards.
Training and Awareness: perform compliance training and audit security awareness programs.
Data Analytics: perform data driven analysis for root cause determination and continuous improvement.
Vendor Management: perform audits, assessments, and management of third party vendors.
Business Impact Analysis: effectively evaluate the potential effects of an interruption to business operations as it relates to business continuity planning and disaster recovery.
Vulnerability Management: effective use of tools to identify, determine risk and ensure remediation of IT vulnerabilities in applications, networks, and systems.
Project Management: focus on resource, budget, risk and time management of projects and audits.
Customer Focus: effective design and implementation of efficient, secure and maintainable solutions to meet customer needs.
Communication Skills: effective written and verbal skills to all levels of management.
Supervisory Skills: experience leading, motivating and mentoring highly technical cross functional teams.
Key Training:
• NSTUSSI No. 4011 - FISMA / NIST Information Systems Security Professional
• CNSSI No. 4012 - FISMA / NIST Senior IA Systems Manager
• Kodak Operating System Practitioner - Lean Six Sigma Kaizen techniques