CSM, CC-ISC2, CCT

Jimmy Mullick

Cyber Risk Analyst & Governance Leader

Over 10 years of progressive experience in enterprise technology risk management, cybersecurity compliance, and regulatory assurance across financial services and consulting environments.

Charlotte, NC
214-263-0129
Email
View Experience Download Resume
Jimmy Mullick Headshot

Experience

10+ Years

Current Role

Caprizo Consulting Logo

Founder & CEO

Caprizo Consulting

Visit Company Website

Executive Profile

Results-driven Cyber Risk Analyst and Governance Leader with deep expertise in performing risk assessments, maintaining technology risk registers, driving remediation activities, and delivering executive-level risk reporting that aligns cyber, technology, and enterprise risk postures.

Deep knowledge of global regulatory frameworks (NIST CSF, ISO 27001, SOX, DORA, COBIT) and risk assessment methodologies. Skilled in collaborating with cross-functional domain owners (cyber, AI, supply chain, product) and coordinating with internal audit, legal, and corporate risk teams to integrate security risks into enterprise frameworks.

Experienced supporting audits (internal, external, regulatory) and managing risk/policy data in GRC platforms such as Archer. Currently pursuing CISSP and CISM certifications.

Capabilities

Core Competencies & Skills

Risk Mgmt & Frameworks

  • Third-Party Risk Lifecycle & Vendor Onboarding
  • Regulatory Governance & Cloud Security
  • Audit Support & Remediation
  • COBIT, HIPAA, GDPR, CIS
  • Vulnerability Mgmt & Defense Lines
  • NIST AI RMF

Security Standards

  • ISO 27001, 27034, 27035, 27036
  • NIST SP 800-53, 800-61, 800-161
  • SOC 2, OWASP, NIST SSDF
  • IT Security Controls & Automated Design
  • Incident Response & Threat Modeling
  • Identity & Access Management (IAM)

Tools & Threat Intel

  • Tenable, SentinelOne, Balbix
  • JIRA, Toad Data Point, Postman
  • ETL/Data Validation & AI QA Automation
  • Archer (GRC) & SailPoint
  • MITRE ATT&CK, Cyber Kill Chain
  • Agile/SAFe Methodologies

Career Journey

Work Experience

Jun 2023 - Present

IT Risk Manager

Caprizo Consulting Huntington Bank

  • Led end-to-end risk lifecycle management, calculating inherent/residual risk, and driving treatment decisions.
  • Owned and evolved the risk register, enhancing tooling and driving automation.
  • Enabled risk-informed business decisions via executive briefings and dashboards.
  • Coordinated with ERM, Legal, and Compliance to ensure global risk governance (ISO 27001, NIST CSF, DORA).
  • Championed org-wide tech risk rollout and supported regulatory audits under tight deadlines.
Mar 2023 - May 2023

Risk & Compliance Analyst

Bank of America

  • Developed backend automation scripts to support compliance controls for Mortgage LOS platform scalability (NIST SP 800-53, SOC 2).
  • Drove compliance documentation under SAFe Agile practices, decreasing defect escape rate by 30%.
  • Conducted test case validation for ITGC and vendor access review processes.
  • Analyzed performance rating data across financial branches, improving processing time by 20%.
Jun 2017 - Mar 2023

Vendor Risk Testing Lead

Tata Consultancy Services (TCS)

Clients: Bank of America, Bakkt, East Dil, etc.

  • Conducted vendor security reviews, ensuring compliance with ISO 27001, SOC 2, and NIST 800-53 standards.
  • Validated IAM privilege class settings via SailPoint & Postman to meet security governance protocols.
  • Led Tech Connect meetings with Product/Dev teams, driving alignment on compliance features.
  • Supported SOX and internal audit readiness by maintaining 99.5% detection accuracy.
  • Executed performance testing of SSIS interfaces (reduced load times 50%) and supported C2 clearance upgrades.
Sep 2013 - Jun 2017

Third-Party Risk Tester

UST Global

Clients: Vanguard, Lowes, Wells Fargo

  • Uploaded test cases to Quality Center and managed comprehensive defect records ensuring traceability.
  • Maintained defect closure rate of 95% through disciplined regression and system testing.
  • Delivered Agile UAT for Java-based e-Brokerage systems, achieving 98% story completion.
  • Executed functional test coverage across Java web apps for institutional finance clients.

Certifications & Training

CISSP In Progress
CISM In Progress
Certified Scrum Master CSM Completed
CCST Networking & Cyber Cisco Completed
Cybersecurity Certificate ISC2 Completed
Six Sigma Black & Green Belt

AI Leadership & Workshops

  • AI Senior Leader Panel

    Jan 2026

  • Workshop: Prompt Engineering

    Feb 2026

  • Workshop: AI Agents & Context

    Mar 2026

  • Workshop: AI Risks & Governance

    Apr 2026

  • AI Forward Conference

    Oct 2025, May 2026

Education

BS in Information Systems

University of Texas at Arlington, TX

Professional Affiliations

Accountability and Hopeful Fridays (AHF)

Board Member | Nov 2024 - Present

Lake Norman IT Professionals

Ambassador / Head of Logistics | Jul 2023 - Present

Tech After Five

Ambassador | Feb 2023 - Present

ISC2 Charlotte Chapter / ISSA.org

Member & Ambassador | 2024 - Present

Conferences & Symposiums

SecureWorld & UNC Charlotte | Vol. 2023-2026