ENONGENE GERVASE MBESSEH
FRIDLEY
Summary
Proven Cloud Administrator and Risk Analyst with a solid background in Azure administration and third-party risk management, notably at Thanos Consulting. Excelled in enhancing security protocols and streamlining vendor analysis, leveraging strong analytical skills and effective communication. Achieved significant improvements in IT risk compliance and project management efficiency.
Overview
7
7
years of professional experience
Work History
CLOUD ADMINISTRATOR,
Thanos Consulting,
01.2022 - Current
- Core Accountabilities
- Azure Administration:
- Installing, Configuring, and managing Virtual Machines with Windows platforms in Azure portal
- Installing and Configuring Virtual networks
- Implementing various virtual network interconnectivity
- Provided high availability for IAAS VMs and PAAS role instances for access from other services in the VNET with Azure Internal Load Balancer
- Create and Configure Storage Accounts
- Configure Azure file share
- Implement and manage Azure backup
- Create and configure Network security group
- Subscription Management:
- Provisioning different Subscriptions like Pay-as-you-Go, Enterprise Agreement Subscriptions etc
- Managing different Azure Policies for different subscriptions
- Making use of Management Groups to have proper governance in place
- Requesting different quotas for different services in azure subscription wise
- Managing RBAC policies for subscription
- Managing billing for an Azure subscription
- Virtual Machine Management:
- Troubleshoot of VM using Azure serial access console
- Creation of Azure VM with the help of Azure Portal or Power Shell
- Creation of Azure VM in an Availability Set or Availability Zone with Portal or Power Shell
- Migration of Azure VM within different V Nets, Resource groups or different regions
- Creation of Custom Image of an Azure VM using Managed Disks or Unmanaged Disks
- Azure Storage:
- Creating Azure Storage accounts like Standard/Premium, GPv1 or GPv2
- Understanding the Replication options in Storage account for data redundancy purpose
- Understanding the importance of using Standard Storage account and Premium Storage account
- Working with blobs, tables, queues, and file storage services
- Migrating disks from Standard storage account to Premium storage account and vice-versa
- Migrating disks from one storage account to another storage account of same region as well as different region
- Protecting Azure Storage accounts with the help of Service endpoint or firewall
- Managing external access to an Azure storage account with the help of Shared Access Signature
- Creating Azure File shares and working with the quotas of an Azure file share
- Managing different types of data in Azure Storage account with the help of Access tiers like Hot, Cool & Archive tiers Using Storage Management tools like Azure Storage Explorer or AZ copy to manage the data.
Internal, Risk and Vendor Analyst
Argo Consulting Firm
09.2019 - 04.2022
- Identification of third-party service relationships across the enterprise
- Presentation of risk metrics for the vendor and internal risk assessment process
- Review and interpret vendor due diligence materials, including audit reports and security control questionnaires
- Identification of potential business impacts from security-related issues
- On-going monitoring of issue remediation efforts
- Promote development of security and risk management culture throughout the organization via various communication channels
- Travel required up to 30% of the time
- Perform other duties as assigned by management
Senior Analyst
Shanghai Yucui
07.2017 - 08.2019
- Perform vendor documentation review and analysis
- Assess current business practices and identify opportunities to promote effective third-party risk management
- Document and report risk to Vendor Assessment, management team, business partners, and vendors
- Perform onsite assessments of vendor facilities
- Review completed SIG questionnaires based on vendor inherent risk
- Document risks and recommendations based on vendors lack controls
- Identify and measure risk associated with vendor security controls
- Provide recommendations to remediate control gaps and assist with project management on remediation efforts
- Lead security awareness training for new employees on vendor risk assessment
- Performs quality assessment(Q&A) of submitting inherent risk questionnaires and working with the various partners to ensure accuracy
- Analyze vendors SOC 2 reports to match answers to SIG questionnaires and follow up on management to ensure that all vulnerabilities are remediated to an acceptable level
- Present gap analyses and follow up to ensure that the gaps identified are remediated
- Making sure that all the vendors remediate their deficiencies
- Develop and maintain currency of supporting procedures and documentation to provide a reference source for ensuring consistency of future activities
Education
bachelor’s - law
University of Cameroon
law - political science
Shanghai university
Master’s degree - law
Certified Scrum MasterCertified Comp TIA security plus Microsoft Certified: Azure Administrator Associate (AZ-104) – Certification #: 992814597 Microsoft Certified: Azure Fundamental (AZ-900) – Certification #: 90083704 -
Skills
- CORE SKILLS
- Maintain strong knowledge of security-related regulations and standards (eg, HIPAA, PCI DSS, HITRUST, CCPA, GDPR, NIST CFS and NIST171)
- Great understanding of security control structures (eg, ISO 27001/27002
- Strong analytical and problem-solving skills
- Excellent communication (oral, written, presentation)
- Interpersonal and consultative skill
- Ability to manage multiple projects and meet deadlines with various contracts
- Ability to take initiative and make a sound decision
- Knowledge of building and maintaining spreadsheet and data applications
- IT risk and compliance mindset with the ability to identify and communicate risk, solution, and impact
- Knowledge of third-party vendor management, information security protocols and regulatory requirements
- Maintaining a high-quality work standard with a strong attention to details
- Highly flexible and adaptable to change
- TOOLS
- Communication tools (Skype for business, Microsoft teams, WebEx, Zoom, Slack)
- Proficient in Microsoft office suites (Microsoft word, excel, powerpoint, projects)
- Technical tools (Service now, Zen GRC, Process unity, TerraTrue, Bit Sight, Tanable io, Scout, Okta, Xacta, Workday, SharePoint)
Additional Information
- Dedicated and outside-the-box strategic thinker with 5-year expertise in third party vendor risk management, information security management, change management, business information security management, vulnerability management, conflict resolution, and time management. Experience in planning and conducting security and compliance risk assessment for all third-party vendors/suppliers. Also coordinate response to all third party risk for all clients by building a centralized response library/database which is use to assess and monitor third party lifecycle activities (risk assessment, due diligence, contract negotiation, consent obligation, ongoing monitoring and termination), provide guidance to vendor relationship owners, client audits team and partners, partner with internal parties in mitigating risk identified through monitoring activities, update policies and procedures and work instructions to align with client guidelines, help develop and maintain a client and vendor risk management playbook, monitor and assess vendor performance to ensure compliance with regulatory requirement and client service level agreements, work with stakeholders to document appropriate corrective action plan to reduce identified risk, collect supporting documentation for external audit request of SOC1 and SOC 2, NIST, ISO, HIPAA, PCI frameworks and requirements. Escalate security issues where appropriate. Collaborate with the vendor relationship owner, purchasing, and general counsel office during the evaluation of potential vendors and during contract renewal for existing vendors. Identify opportunities for process improvements to increase operational efficiency.
Timeline
CLOUD ADMINISTRATOR,
Thanos Consulting,
01.2022 - Current
Internal, Risk and Vendor Analyst
Argo Consulting Firm
09.2019 - 04.2022
Senior Analyst
Shanghai Yucui
07.2017 - 08.2019
law - political science
Shanghai university
Master’s degree - law
Certified Scrum MasterCertified Comp TIA security plus Microsoft Certified: Azure Administrator Associate (AZ-104) – Certification #: 992814597 Microsoft Certified: Azure Fundamental (AZ-900) – Certification #: 90083704 -
bachelor’s - law
University of Cameroon
Similar Profiles
Jacqueline WilliamsJacqueline Williams
Hostess/cashier at Thanos Family ResturantHostess/cashier at Thanos Family Resturant
Erik ThanosErik Thanos
Founder at Thanos Music StoreFounder at Thanos Music Store
Jayden AdamsJayden Adams
Faculty Member at CrossFit ThanosFaculty Member at CrossFit Thanos
Montrell PouncyMontrell Pouncy
Production Operator at RAO ManufacturingProduction Operator at RAO Manufacturing
Diamond HarrisDiamond Harris
Certified Nursing Assistant at GrapeTree Medical StaffingCertified Nursing Assistant at GrapeTree Medical Staffing