Cassandra Brown

Experience

• 

  HealthSpring of Alabama

  Aug 2006 - May 2007

  Enrollment Specialist

  • Data entry of Medicare updates• Corrections of benefits and medical changes • Enrollment and disenrollment of members• Make changes from reports received• Create and mail necessary letters to members• Various office duties such as filing typing and faxing• Worked with Medicare to correct insurance issues by submitting retro’s for organizational customers

• 

  Regions Financial Corporation

  May 2007 - Jul 2011

  • Reviewed documentation for commercial loans 2.5 million dollars and above.• Determined if appropriate documentation was received for loan.• Ensured that the loan documentation was in compliance with Federal rules and regulations and that all signatures were provided and legitimate.• Work on Daily Reports to ensure that loan were current and not in default.• Assisted with special projects to develop more efficient reviewing processes. • Provided customer service to loan officers by correcting mortgage loan information in the system.• Answered calls and emails from loan officers to provide rate information and updates for mortgage loans.• Worked on daily reports and imputed rate information into the system daily in order for mortgage loan officers to know current rates for all loan types.

  • Commercial Loan Review Analyst

    Nov 2008 - Jul 2011

  • Secondary Marketing Representative

    May 2007 - Nov 2008
• 

  BBVA Compass

  Jul 2011 - Dec 2017

  Oversight of the Role Management and Certification team charged with the management and documentation of application/technical and business roles. Additionally, manage all of the access reviews/ certifications required for compliance purposes. Finally provide application on-boarding coordination within the IAG department. Lead the hiring team members FTE and contractors alike and ensure that the staff possess the proper level of competencies and skills to complete the assigned tasks. Responsible for monitoring operational tasks ensuring that requests and ticket are being completed within established SLA's.Leading and completing IAG projectsRecommend continuous improvements as it relates to the team's customer experience, workflow, and inefficiencies. Manage roles and reviews within the current attestation product. Show less Responsible for monitoring the operational tasks and ensuring that requests and tickets are being processed and completed within established SLA's.Leading and completing small projects.Recommending continuous improvements as it relates to the team's customer experience, workflow, and inefficiencies.Responsible for instilling innovation, collecting improvements recommendations from customers and team members alike, and building a strategy to meet reasonable suggestions.Lead the hiring team members FTE and contractors and also ensuring the staff possess the proper level of competencies and skills to complete the assigned tasks. Show less • Make decisions on Sarbanes Oxley (SOX) controls for security administration through testing methodologies and compliance with guidelines.• Create overviews for banking applications to provide to Auditors with an understanding of user access and permissions to applications.• Develop procedures for all banking applications for analyst to use as a guide to performing application recertifications. • Work with IT Compliance to train application owners/ administrators on documentation and application recertification processes for their perspective applications. • Consults with business units, technical units, and vendors on data security access considerations, policies, strategies, and standards; works closely with each to ensure appropriate data security access is implemented across all platforms.• Work closely with IT Risk, application owners, application administers and bank executives in training sessions provide information on the recertification process and compliance rules and regulations.• Use project management skills to develop a process and schedule for the annual recertification project.• Train incoming contractors and employees on the application recertification process.• Hold bi-weekly meetings with application recertification team and application project team to ensure that supports is being provide to analyst and team goals are accomplished.• Manage the application recertification area in Security Transformation and Recertification department by distributing of assignments, providing support and reviewing of completed tasks of the analyst.• Review user access to assigned banking application to determine is access is appropriate.• Remove user access from banking applications when access is determined to be inappropriate.• Advise members of the team on the appropriate recertification processes for applications and approve written procedures and overview documents. Show less • Make decisions on Sarbanes Oxley (SOX) controls for security administration through testing methodologies and compliance with guidelines.• Create overviews for banking applications to provide to Auditors with an understanding of user access and permissions to applications.• Develop procedures for all banking applications for analyst to use as a guide to performing application recertifications. • Work with IT Compliance to train application owners/ administrators on documentation and application recertification processes for their perspective applications. • Consults with business units, technical units, and vendors on data security access considerations, policies, strategies, and standards; works closely with each to ensure appropriate data security access is implemented across all platforms.• Perform research to make recommendations concerning appropriate or best practices for user security access policies and standards• Work closely with IT Risk, application owners, application administers and bank executives in training sessions provide information on the recertification process and compliance rules and regulations.• Use project management skills to develop a process and schedule for the annual recertification project.• Train incoming contractors and employees on the application recertification process.• Hold bi-weekly meetings with application recertification team and application project team to ensure that supports is being provide to analyst and team goals are accomplished.• Manage the application recertification area in Security Transformation and Recertification department by distributing of assignments, providing support and reviewing of completed tasks of the analyst.• Review user access to assigned banking application to determine is access is appropriate.• Remove user access from banking applications when access is determined to be inappropriate. Show less • Permit and remove bank system application for bank employees and contractors• Work on daily reports to ensure system accuracy• Train incoming contractors and employees in the Data Security and Transformation Security Department• Assist in bank conversion project with parent bank in Spain• Work with other departmental managers and executives on the bank disaster recovery team• Train incoming contractors and employees on the application recertification process.• Created documentation and procedures for bank managers in order to perform recertification’s• Worked closely with bank managers and executives on recertification & Alnova/ Core projects• Communicate through email, fax, phone and meetings about Data Security and Recertification procedures.• Created Vendor database through Access to track vendors working within the bank.• Designed Work log spreadsheet to track daily work distribution in Data Security.• Assist in bank conversion project with parent bank in Spain• Work with other departmental managers and executives on the bank disaster recovery team• Worked with CCR to provide certain employees and contractors with specific CCR Mainframe access to aid them in performing their job duties.• Performed quarterly SOX testing to ensure that processes had been performed correctly based on the request that was provided for the user samples that were being tested. Show less

  • Identity Access Manager, VP

    Oct 2017 - Dec 2017

  • Vice President, Role Management & Certification Manager

    Aug 2016 - Oct 2017

  • Operational Manager IV (Data Security)/VP Identity Access Management and Governance

    Apr 2016 - Aug 2016

  • Data Security Analyst Lead

    May 2015 - Apr 2016

  • Data Security Analyst III

    Sept 2012 - May 2015

  • Data Security Analyst II

    Jul 2011 - Sept 2012
• 

  Guidewire Software

  Jan 2018 - now

  Senior Security Risk & Compliance Analyst

  Responsibilities Include:• Assist with audit coordination and data/ documentation gathering for ISO 27001, PCI DSS, SOC1, and SOC2 audits.• Assist with coordination and data/ documentation gathering for customer audits.• Develop and perform proactive audits.• Work with all various departments and all levels of management to complete audits. • Respond to RFI/RFPs.• Respond to customer security questionnaires.• Write whitepapers and datasheets for the products.• Pre-sale presentations and interviews.• Maintain proficiency with applicable laws, regulations, and standards. Show less