Derek Gray-Cissp

FAQ About Derek Gray-Cissp

• What is Derek Gray-Cissp's address?

  Derek Gray-Cissp is located at
  Salt Lake City, Salt Lake City, United States

• What is Derek Gray-Cissp's job title?

  Derek Gray-Cissp is a
  As an experienced Compliance and Risk Management professional, I am skilled in identifying potential threats to processes and assets, testing controls, and developing practical solutions to mitigate risks. With a thorough understanding of common security frameworks and principles, such as NIST 800-53, ISO 27001, SOC 2, as well as risk analysis methodologies including OCTAVE, FAIR, and NIST 800-30, I have a passion for staying current with industry best practices and security trends. My expertise in managing tasks to meet deadlines, excellent verbal and written skills, and attention to detail enable me to work effectively across different teams and provide detailed updates to stakeholders. In my current role, I have successfully implemented and enhanced compliance programs and routines, resulting in efficient processes and reduced effort in adapting and maturing standards. My ability to identify areas for improvements in security controls while leading the design and implementation of related improvements has earned recognition from colleagues and management. I am proficient in identifying threats to existing processes and assets, performing risk assessments, and developing solutions to mitigate associated risks. With a solid understanding of security frameworks such as NIST 800-53, ISO 27001, SOC 2, and risk analysis methodologies like OCTAVE and NIST 800-30, I work effectively across several internal teams to identify potential threats to critical business assets while identifying opportunities for efficiencies and improvements in security controls. My experience with third-party risk management enables me to evaluate potential third-party vendors' risk profiles and control implementation, manage a questionnaire-based process to log and record assessments and create remediation plans for identified risks. With experience in SOX/ITGC, various audits, and policy documentation, I have made a significant impact across the organizations I have worked for. I am a Certified Sarbanes-Oxley Expert and have led highly visible projects and completed them on time. In addition, I take stewardship of security policies, standards, and processes to ensure they remain in alignment with company objectives, changes to the environment, and regulatory requirements. Lucid Software

• What industry does Derek Gray-Cissp currently work in?

  Derek Gray-Cissp currently works in the
  Lucid Software

• What is Derek Gray-Cissp's area of expertise?

  Derek Gray-Cissp specializes in
  As an experienced Compliance and Risk Management professional, I am skilled in identifying potential threats to processes and assets, testing controls, and developing practical solutions to mitigate risks. With a thorough understanding of common security frameworks and principles, such as NIST 800-53, ISO 27001, SOC 2, as well as risk analysis methodologies including OCTAVE, FAIR, and NIST 800-30, I have a passion for staying current with industry best practices and security trends. My expertise in managing tasks to meet deadlines, excellent verbal and written skills, and attention to detail enable me to work effectively across different teams and provide detailed updates to stakeholders. In my current role, I have successfully implemented and enhanced compliance programs and routines, resulting in efficient processes and reduced effort in adapting and maturing standards. My ability to identify areas for improvements in security controls while leading the design and implementation of related improvements has earned recognition from colleagues and management. I am proficient in identifying threats to existing processes and assets, performing risk assessments, and developing solutions to mitigate associated risks. With a solid understanding of security frameworks such as NIST 800-53, ISO 27001, SOC 2, and risk analysis methodologies like OCTAVE and NIST 800-30, I work effectively across several internal teams to identify potential threats to critical business assets while identifying opportunities for efficiencies and improvements in security controls. My experience with third-party risk management enables me to evaluate potential third-party vendors' risk profiles and control implementation, manage a questionnaire-based process to log and record assessments and create remediation plans for identified risks. With experience in SOX/ITGC, various audits, and policy documentation, I have made a significant impact across the organizations I have worked for. I am a Certified Sarbanes-Oxley Expert and have led highly visible projects and completed them on time. In addition, I take stewardship of security policies, standards, and processes to ensure they remain in alignment with company objectives, changes to the environment, and regulatory requirements.

• Which languages does Derek Gray-Cissp speak? 

  Derek Gray-Cissp speaks the following languages:
  No languages available.

• Which industries has Derek Gray-Cissp previously worked in?   

  Derek Gray-Cissp has prior experience in the following industries:
  Lucid , Lucid , Lumen Technologies , Centurylink , Centurylink , Conduit Sf Com , Conduit Sf Com , Centurylink , Centurylink , Sylvan Connection

• What is Derek Gray-Cissp’s work experience?  

  Derek Gray-Cissp has the following professional experience:
  Lucid Software , Lucid , Lucid , Lumen Technologies , Rocky Mountain Rpg Guild , Centurylink , Centurylink , Conduit Sf Com , Conduit Sf Com , Centurylink , Centurylink , Sylvan Connection .

• How can I find Derek Gray-Cissp on LinkedIn?  

  You can view Derek Gray-Cissp’s
  LinkedIn profile at LinkedIn URL.

• What are Derek Gray-Cissp’s work email addresses?  

  Derek Gray-Cissp’s work email addresses are
  [email protected].

• What company does Derek Gray-Cissp work for?  

  Derek Gray-Cissp works at
  Lucid Software