Profiles search

Princy John

IT/Information Security Risk Management
Detroit, MI, United States

Details

Education: BS

Computer Science

Wayne State University



MIS

Information Systems

Walsh College of Accountancy and Business Administration
Experience: 2022 : Present

Northwestern Mutual

Information Security Risk Management Lead

Lead and designed an information security risk management program for a family of companies. Established the enterprise risk tolerance level, risk oversight, risk status, and trends to various working groups including stakeholders and executive leadership. Launched a risk liaison role with multiple departments across the enterprise, including legal, privacy, internal audit, and client relations. Founded and coordinated an information security working group and executive committees for oversight of internal and third-party risk management. Drove concerted risk reduction effort through risk treatment plans, oversight, and coordination with risk owners.

-- Achieved over 60% closure rate of identified internal legacy risks with a continued 20-30% annual

closure rate.

-- Remediating newly identified internal risks at 30% annually.

2019 : 2022

Emergent Holdings

IT/Information Security Risk Management

Senior security analyst within IS GRC supporting Risk Management. Responsibilities include risk identification, assessment and treatment for both internal and third-party, special projects, IS compliance activities, and internal audit review assistance. Assisted in the rebuilding of the IS risk management program. Implemented new GRC tool for risk for the capturing, assessing, and treatment of identified risks. Knowledge of SOX, PCI-DSS, NIST CSF, and HIPPA requirements.

2012 : 2019

Trinity Health (HQ Michigan)

Senior Security and Risk Analyst

-User account maintenance in Active Directory, Exchange, Lotus Notes, SAP BPC, and other enterprise systems

- Provide Identity Management system support

- Participate in SOX compliance activities with the Compliance Team

- Coordinated audit preparation and remediation for the team

- Assist in developing, updating, and maintaining global policies and procedures

- Managed multiple security-related projects throughout the year in addition to daily tasks

2008 : 2012

Federal Mogul

Information Security Analyst

- Security administrator for external customer portal access

- Ran SOX compliance audits for external customer portals

2005 : 2008

Gates Corporation

Associate Services Analyst
Company: Northwestern Mutual
Years of Experience: 19

Skills

Active Directory, Information Security, Microsoft Exchange, Network Security, Security, Servers, SharePoint, Software Documentation, Technical Support, Troubleshooting, Visio, VPN

About

A results-driven leader in Information Security Governance and Risk Management. Managed risk in highly regulated industries. Over 10 years of experience building IS risk management programs, including internal and third-party. Strong team building and communication skills. Maintained industry-standard certifications. Enthusiastic to tackle new and challenging environments and implement process improvements in existing programs. My goal is to partner between information technology, business partners, and vendors to ensure business objectives are being met in a security-driven environment.