Keep in touch with meI'm using Intch to connect with new people. Use this link to open chat with me via Intch app
Work Background
Staff Information Security Analyst
DatadogStaff Information Security Analyst
Mar. 2022Lisbon, Portugal• Develop and manage a Customer Trust Program that identifies and reduces financial, reputational and security risk to Datadog as a SaaS provider. • Work on cross-functional teams to create customer facing documentation that will continue to foster Customer Trust and build the Datadog brand. • Participate in the development and scoring of quarterly objectives and key results (OKRs) across the Datadog to introduce process improvements and efficiencies and reportable metrics to scale. • Develop and maintain a Compliance Production Readiness Checklist that is implemented into the SDLC process across Datadog, allowing Engineers to build compliant products and features from idea to deployment. • Perform security architectural reviews of serverless architecture, data pipelines, and containers to align with the existing Datadog security framework and identify security risks. • Conduct research and provide recommendations for improving cloud security and governance. • Support GRC external audits for certification and accreditations. • Providing mentorship and leadership to junior staff and helping them develop into better Security practitioners.
Senior Security Analyst
DatadogSenior Security Analyst
Oct. 2020 - Mar. 2022• Developed a formalized Customer Audit program that allows Datadog customers to perform audits of the internal Datadog Security. • Participate in Datadog vendor assessment process to evaluate third-party risks. • Respond to Customer third-party questionnaires and serve as the point of contact for Customer Audits. • Participate in contract review and negotiations for new customers to ensure security language is in place to ensure data protection and confidentiality. • Participate in privacy assessments, as necessary. Train and mentor junior staff on how to complete a security questionnaire.
Cyber Security Analyst
cyDaptiv Solutions, IncCyber Security Analyst
Nov. 2019 - Aug. 2020Bethesda, Maryland, United States• Implemented the DoD Assess and Authorize (A&A) process IAW DoDI 8510.01 Risk Management Framework (RMF) for DoD Information Technology (IT) • Implemented and oversee the implementation of the RMF process. • Generated Executive reports through eMASS and make available to appointed stakeholders. • Developed and maintain security processes and controls that ensure security posture meets and/or exceeds FISMA and other Federal security standards as required • Created documentation in support of the A&A efforts to include Security Control Assessment Report, System Security Plan and Security Standard Operating Procedures • Fostered an innovative and inclusive team-oriented work environment
Information Security Officer
UndisclosedInformation Security Officer
Mar. 2018 - Sep. 2019Greater Atlanta Area• Established, implemented and maintained an information security governance program while aligning the Kudelski Group corporate security functions, successfully obtaining the ISO 27001 certification and passing the subsequent surveillance audit. • Designed, developed and tested, document and deliver the security governance program for the Company products portfolio. • Established, implemented and maintained an Information Security Governance Program. • Championed new security concepts and proactively review methods of application to proprietary products and services. • Provided continuous security improvements. • Ensured Kudelski systems’ compliance with ISO/IEC 27001:2013 • Assisted Product Managers and Owners translate security features into technical user stories and tasks. • Business Continuity Planning • Business Impact Analysis • Disaster Recovery Planning • Access Control Policy • Supplier Relations Management Policy • Risk Assessments • Gap Analysis • ISMS implementation • Governance Risk and Compliance • Information Security Strategy
Information Assurance Analyst
TEKsystemsInformation Assurance Analyst
Jun. 2017 - Mar. 2018Chamblee, GA•Provide System Authorization and Accreditation (SA&A) support for The CDC throughout the system development life cycle in accordance with NIST, FISMA, FIPS, OMB and other federal standards •Develop and execute security controls assessments • Perform system vulnerability scanning and assess using IBM AppScan •Develop, maintain and update risk assessments and Plan of Action and Milestones (POAM) for non-compliance •Assist the client with the design and implementation of infrastructure security solutions •Client facing consulting •Privacy Impact Assessment •Control reviews and assessments •Interim Team Lead supporting client contract and overall SA&A activities.
Information Security Officer
SunTrustInformation Security Officer
Nov. 2015 - May. 2017Greater Atlanta Area• Policy implementation, enforcement and validating of information security policies standards. • Monitored compliance across the enterprise as part of the Third-Party Risk Management program. • Performed risk assessments on information system to including databases, applications and Interactive Voice Response systems. • Assessed data transmissions to protect systems and processes from intentional or inadvertent access or destruction. • Investigated, documented, and resolved information security incidents in conjunction with Incident Management team. • Issue creation and tracking • Risk mitigation • Business Risk Impact Analysis • Liaise with key stakeholders on all levels. • Present reports and information to Senior Level Managers. • General Knowledge of Project Management • Extensive Archer GRC Experience • Online Fraud Assessments
Information Security Consultant
First Information Technology Services, IncInformation Security Consultant
Feb. 2015 - Oct. 2015Seattle• Conducted assessments of existing IT architecture for compliance with security requirements from applicable security frameworks (such as FISMA, ISO 27001, etc.). • Information system authorization/accreditation packages for Microsoft Azure • Developed IT security policies, standards, and guidance. • Reported vulnerability scans from scanning tools such as Qualys and Nessus. • Created plan of action and milestones (POAMs) on behalf of the client. • Performed Audit readiness tasks • Experience working for a 3PAO. • Client facing consulting in Cloud Computing
Technology Information Security Officer
CitiTechnology Information Security Officer
May. 2014 - Feb. 2015Tampa/St. Petersburg, Florida Area• Information Security policies, standards and regulations and compliance (Sarbanes Oxley, OCC, FFIEC, Operational Risk, Cross-border Data Privacy, GLBA, etc.). • Conducted Application Security Assessments on an annual basis. • Liaise with Business Information Security Officers and application development and Senior Level Management • Assisted in identifying and reducing IS risk to acceptable levels. • Monitored risk mitigation process and risk oversight. • Monitored the execution of vulnerability scanning, mitigation or remediation within policy mandated guidelines across the entire department. • Provided Security Risk expertise to application development teams • Investigated persistent access controls for appropriateness • Application On-boarding • Issue creation, tracking and management • Experience using Archer GRC
GFTS Control Officer
CitiGFTS Control Officer
Apr. 2013 - May. 2014Tampa, Fl• Participated in the execution of all control related activities • Risk identification/management • Management awareness via weekly reporting • Corrective action tracking of outstanding control issues • Audit preparedness • Worked directly with the Application/Project/Program Managers and Senior Management and staff to • Ensured implementation of the Compliance programs and relevant controls within the supported portfolios. • Projected managed the risk remediation efforts within development and operational teams • Worked with the vulnerability management program as applicable to the team • Data Privacy • Persistent Access Controls • Archer GRC
Contractor Risk Analyst
RMS Computer CorporationContractor Risk Analyst
Jul. 2012 - Apr. 2013Tampa/St. Petersburg, Florida Area• Monitored risks and implemented controls to effectively mitigate persistent access to applications with sensitive data. • Reported findings of the Persistent User Management Access project • Managed Access Program for all developers and operations personnel. • Control Implementation • SharePoint • Vulnerability management program • Report writing • Archer GRC
Transfer Associate II
Raymond James Financial Inc.Transfer Associate II
Jan. 2012 - Jun. 2012St. Pete• Reviewed and approved client requests to transfer accounts • Screened incoming client requests and verifies all necessary legal documentation • Identifying procedures and policies that are outdated and required updating and review.

Requests

Touchpoint image
0
Looking for a Job
Seeking Information Security Manager Role
Show more
Intch is a Professional Networking App for the Future of Work
300k+ people
130+ countries
AI matching
Get Intch if you'd like to
📝
Get Recommended to New Customers
👋
Connect with Like-Minded People
💸
Raise Capital
🚀
Find a side project
😎
Reach Top Niche Experts
Find Jobs on a Hidden Market
💼
Find a Perfect Co-Founder
🙌
Find a Trusted Mentor
🤝
Hire Top Global Professionals
See more people like Ismaelle on Intch
IT
453430 people
18
Technologist, Project/Program Manager
24
Data Scientist Intern @ Newell Brands
16
Program Manager @ DISH Network
ITSecurity Analyst
25362 people
17
Major Crimes Det/CFCSI (Ret.) Business Owner, MBA @ CID / U of A / Rahbuilds.com
16
Programmer @ Castro Studios
23
Director