Profiles search
Mauricio Bobadilla
Information Security Analyst
Dallas, TX, United States
Details
Experience:
Working within Citi's established Third Party Information Security Assessment (TPISA) process and framework. Responding and covering all types of IS risks.
-Obtain and review supplier responses and supporting documentation to validate supplier appropriate implementation of Information Security controls. Analyzing the information to identify Information Security weaknesses or non-compliance with Citi standards.
-Perform threat analyses of gaps identified and communicate supplier Information Security issues to stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks.
-Actively review and support the execution of the IS program and other plans developed by the Business relating to Operations and Technology risks, and control management.
-Provide guidance related to access, usage, storage, and sharing of all data including existing and emerging data.
-Identifying key risks to applications and understanding business risk tolerance in order to identify solutions and provide guidance.
-Interact with businesses IS teams on current issues and overall status of the Information Security program.
-Report IS issues/risks to the Business as applicable with appropriate documentation and support the response to security events.
-Work with the Business to develop processes and procedures to ensure Information Security policies and standards are integrated, and are according to Security Policy and Practices established by Citigroup.
-Review Vendor Security Questionnaires and/or Vendor Onsite Security Reviews. Guide the business in development of action plans while reporting and tracking to closure of all Information Security issues resulting from Security Assessments, Audit, Risk Assessment, Ethical Hacks, Vendor Reviews, etc.
-Support documentation and maintenance of TPISA procedures, newsletters and Quick Reference Guides to promote awareness of current policies and standards, as well as revisions and developments.
2017 : Present
Citi
Information Security Analyst
• Work with enterprise customers/partners to ensure security in their environment.
• Help with the creation of rules for data loss protection to avoid leakage of confidential information.
• Eliminate Malware using McAfee products and Microsofts’ Autoruns from Sysinternals to scrub the machines, and create VSE access protection polices to implement containment during virus outbreak.
• Help with ePO management for installing/uninstalling, upgrading ePO versions, and its products.
Creating tasks & polices, and troubleshooting issues by finding errors within the product logs(MER).
• Troubleshoot, isolate, and reproduce issues with software on high severity cases so that they can be escalated to the development team to create a fix.
• Use basic knowledge of security and information gathering tools like nslookup, traceroute, hping, wireshark, tcpdump, and netstat.
• Conduct fault isolation in regards to diagnosing and remediating network connectivity issues with the product.
• Supporting the roll-out of new applications and how to do a proper migration to the new release.
2015 : 2017
Intel Security
Information Security Analyst
• Administering and troubleshooting windows client/server operating systems
• Worked with company related software and provided how-to assistance.
• Worked with remote users troubleshooting VPN issues and assuring they followed company data security policies.
• Helped customers protect against spamming emails and ransomware cases such as cryptolocker.
• Used Microsoft Exchange Management Console to disable/delete needed accounts. Also set rules to forward emails of employees no longer working in the company to their manager.
• Assisted with active directory, email recovery, and creating PSTs in outlook.
• Troubleshoot a wide range of products from mobile handheld devices, portable printers, Scanners, thin clients, and access points.
2014 : 2015
Fujitsu
Helpdesk Analyst
-Obtain and review supplier responses and supporting documentation to validate supplier appropriate implementation of Information Security controls. Analyzing the information to identify Information Security weaknesses or non-compliance with Citi standards.
-Perform threat analyses of gaps identified and communicate supplier Information Security issues to stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks.
-Actively review and support the execution of the IS program and other plans developed by the Business relating to Operations and Technology risks, and control management.
-Provide guidance related to access, usage, storage, and sharing of all data including existing and emerging data.
-Identifying key risks to applications and understanding business risk tolerance in order to identify solutions and provide guidance.
-Interact with businesses IS teams on current issues and overall status of the Information Security program.
-Report IS issues/risks to the Business as applicable with appropriate documentation and support the response to security events.
-Work with the Business to develop processes and procedures to ensure Information Security policies and standards are integrated, and are according to Security Policy and Practices established by Citigroup.
-Review Vendor Security Questionnaires and/or Vendor Onsite Security Reviews. Guide the business in development of action plans while reporting and tracking to closure of all Information Security issues resulting from Security Assessments, Audit, Risk Assessment, Ethical Hacks, Vendor Reviews, etc.
-Support documentation and maintenance of TPISA procedures, newsletters and Quick Reference Guides to promote awareness of current policies and standards, as well as revisions and developments.
2017 : Present
Citi
Information Security Analyst
• Work with enterprise customers/partners to ensure security in their environment.
• Help with the creation of rules for data loss protection to avoid leakage of confidential information.
• Eliminate Malware using McAfee products and Microsofts’ Autoruns from Sysinternals to scrub the machines, and create VSE access protection polices to implement containment during virus outbreak.
• Help with ePO management for installing/uninstalling, upgrading ePO versions, and its products.
Creating tasks & polices, and troubleshooting issues by finding errors within the product logs(MER).
• Troubleshoot, isolate, and reproduce issues with software on high severity cases so that they can be escalated to the development team to create a fix.
• Use basic knowledge of security and information gathering tools like nslookup, traceroute, hping, wireshark, tcpdump, and netstat.
• Conduct fault isolation in regards to diagnosing and remediating network connectivity issues with the product.
• Supporting the roll-out of new applications and how to do a proper migration to the new release.
2015 : 2017
Intel Security
Information Security Analyst
• Administering and troubleshooting windows client/server operating systems
• Worked with company related software and provided how-to assistance.
• Worked with remote users troubleshooting VPN issues and assuring they followed company data security policies.
• Helped customers protect against spamming emails and ransomware cases such as cryptolocker.
• Used Microsoft Exchange Management Console to disable/delete needed accounts. Also set rules to forward emails of employees no longer working in the company to their manager.
• Assisted with active directory, email recovery, and creating PSTs in outlook.
• Troubleshoot a wide range of products from mobile handheld devices, portable printers, Scanners, thin clients, and access points.
2014 : 2015
Fujitsu
Helpdesk Analyst
Company:
Citi
Spoken Language:
English, Spanish
About
Skilled Information Security Analyst with expertise in risk management, data loss protection, and a wide range of vulnerabilities and threats. Well-versed in direct and remote analysis with strong critical thinking, communication, and people skills.
Profile Photo
