Chai Yang, CISSP, MS

Chai Yang, CISSP, MS has over 9 years of professional experience in the Information Technology and Security field. In 2022, Chai Yang began working as a Compliance and Security Analyst for Atomic Data, where they implemented and maintained vulnerability management programs for clients utilizing Tenable. IO/Nessus Professional and security awareness programs for clients using Knowbe4, Lucy, or O365 Attack Simulator. Chai Yang also managed a portfolio of 15+ clients and performed 2nd/3rd tier incident response handling duties.

In 2021, Chai Yang began working as an Information Security Analyst for Jostens, where they served as primary system administrator of various GRC platforms and Training Management System, facilitated audits and security assessments to determine compliance with published standards (NIST, SOX, PCI-DSS, CCPA, SOC 2), and developed and maintained cybersecurity plans, strategy, and policy.

From 2013-2021, Chai Yang worked for Wells Fargo in various roles, including IT Auditor (Enterprise Technology Audit Group), Operational Risk Specialist / Business Support Associate (Risk Engine Production Support), Production Support - Online Property Underwriting System (Loan Doc Specialist II), and Production Support - Post Delivery Services (Operations Processor III - Contractor). In these roles, Chai Yang engaged in technology partner walkthroughs to identify IT processes, risks, and controls, evaluated whether IT controls were designed appropriately to mitigate risks, performed control effectiveness testing to determine if IT controls were consistent, complete, reliable, timely, and operating effectively to mitigate risks, provided third tier technical support for end users of the automated underwriting system (Risk Engine), identified and escalated defective Risk Engine coding business rule sets, and noted any operational, credit, or regulatory risk impacts. Chai Yang also conducted data entry on NTS software, corrected data entry errors on NTS and SMS software, and provided training as needed.

In 2018, Chai Yang worked as a Business Systems Consultant (Grad Project / Intern) for The Sanneh Foundation, where they collected user stories from stakeholders and subject matter experts, gathered functional, usability, and technical system requirements, and developed a mobile app high resolution design using a Balsamiq prototype.

Chai Yang obtained an Associate of Arts (AA) in General Studies from Century College between 2008 and 2011. Chai then obtained a Bachelor of Science (BS) in Business Management from Metro State University between 2011 and 2013. Yang then obtained a Graduate Certificate in Information Assurance and Information Technology Security from Metro State University between 2015 and 2017, followed by a Master's degree in Management Information Systems from the same university between 2015 and 2018. Chai also holds a Certified Information Systems Security Professional (CISSP) from (ISC)², a LogRhythm Security Analyst - LRSA Certification from LogRhythm obtained in August 2022, and a Pre Security Learning Path from TryHackMe obtained in June 2022.