Jessica Frazier
Details
Information Technology Security
St. Petersburg College
2010 : 2012
Bachelor of Science (BS)
Public Safety and Security
St. Petersburg College
2003 : 2006
Associates in Science
Internet Related Investigations
St. Petersburg College
Associates in Science
Crime Scene Investigations
St. Petersburg College
Centene Corporation
Information Technology Supervisor (Security)
2017 :
WellCare Health Plans
Information Security Analyst, Sr.
2016 : 2017
The Depository Trust & Clearing Corporation (DTCC)
Vendor Risk Management Analyst
• Maintain security compliance and regulatory needs;
• Managed and implemented formal procedures for SSAE16 compliance;
• Complete and maintain all client Due Diligence assessment needs;
• Maintain, Review, and update all Security Programs, Policies, and Standards to ensure compliance with current information security best practice, laws and regulations including but not limited to :
• Information Security Policy;
• Data Classification Policy and Program;
• Low and Critical Security Incident Management Program and Policy;
• Change Management Program;
• Data Encryption Policy;
• Patch Management Policy;
• Network Security Standards and Policy;
• Application Development Lifecycle;
• Systems Development Lifecycle;
• Assist in Managing IT Risk remediation efforts including :
• Risk identification and escalation;
• Risk Assessments;
• Business Impact Assessment;
• Manage third-party security assessment scheduling and remediation efforts including :
• Application Vulnerability Scanning;
• Client Site vulnerability Scanning;
• Conduct continuous assessments of applications, systems, and processes for information security risks;
• Participate as a member of the Change Management Program;
• Create formal secure programs and policies based on company informal processes which I audit;
• Work closely with the Director of Internal Audit and Systems Engineers to ensure continuous improvement in security endeavors;
Training and Oversight of Quality Assurance;
• Quality Assurance and Development liaison;
• Quality Assurance Post-Mortems and Process Updating;
• Create, Implement, and Manage the Quality Assurance Department;
• Quality Assurance Process Development utilizing the Agile methodology and OWASP testing standards;
• Test creation and execution;
• Create and Implement all Quality Assurance Documentation;
• Bug creation, management, and tracking;
2015 : 2016
AmeriLife Group LLC
Information Quality and Security Lead
• Maintain security compliance and regulatory needs;
• Maintain daily security checks for international system changes, approvals, and logging
• Participate in international project meetings to ensure SSAE16, SOCI, SOCII, SOCIII and SAE3402 compliance at the foundation level;
• Manage and maintain all nine international client SSAE16 and SEO3402 certifications;
• Validate all required internal controls are remediated for each client’s certification;
• Meet with and provide external audit evidence for internal compliance;
2014 : 2015
Tech Data
IT Governance
Skills
Access Control Management, Administrative Law, Agile Methodologies, Analytic Problem Solving, Asset Managment, Bug Tracking, Business Continuity Planning, CIA, Computer Forensics, Conflict Management, Data Analysis, Data Classification, Defense In Depth, Disaster Recovery, Document Review, Due Diligence, GLBA, Incident Investigation, Incident Response Planning, Information Security Awareness, Information Security Management, Internal Audit, Internet Investigations, Linux, Microsoft Excel, Microsoft Office, Network Security, Online Privacy, PCI Standards, Physical Security, Policy Analysis, Policy Writing, Project Management, Quality Assurance, Quality Assurance Review, Quality Management, Quantitative Risk Analysis, Regulatory Compliance, Risk Assessment, Risk Management Plans, Sarbanes-Oxley Act, Security Incident Response, Security Policy Development, Software Testing Life Cycle, Technical Documentation, Technical Writing, Trademark Law, Trademarks, Vulnerability Assessment, Vulnerability Research, Business Continuity, Information Security, Access Control, Security Policy, Software Testing Life, Quantitative Risk, Incident Response, Security Incident
Profile Photo
