KOFI LARBI
Commerce City,CO
Summary
Experienced Security Professional with over 6 years of handling cyber security related issues, such as compliance, vulnerability management and risk assessment. Skill set has been utilized at the Department of Defense where there ought to be continuous monitoring and securing of organizational and federal systems. Analyzing and mitigating risks for commercial entities which involves NIST Risk Management Framework (RMF), Information Assurance, System Monitoring, Regulatory Compliance and Loss Mitigation. FISMA compliance- [categorization through to continuous monitoring] and other commercial frameworks including COSO, and COBIT. The knowledge of industry standards and ability to meet milestone deadlines make me a valuable addition to any organization focused on staying on top of information security matters.
Overview
6
6
years of professional experience
1
1
Certification
Work History
Senior Classified Cybersecurity Engineer (ISSO)
Lockheed Martin
10.2023 - Current
- Directed day-to-day operations of information system security, including the implementation of hardware and software, ensuring seamless compliance with organizational and customer security requirements
- Managed technical administration of information systems in alignment with Risk Management Framework (RMF) and other internal security protocols
- Proactively monitored, analyzed, and responded to network and security incidents to mitigate risks effectively
- Documented compliance actions using automated systems and collaborated with the Information Systems Security Manager (ISSM) to develop Plans of Action and Milestones (POA&Ms) for addressing non-compliance issues within designated timelines
- Ensured all systems were operated, maintained, and disposed of in adherence to established security plans and policies
- Balanced priorities across multiple customer programs, maintaining effective service delivery under competing demands
- Conducted detailed auditing processes to evaluate and maintain system security integrity, contributing to the improvement of organizational cybersecurity frameworks
- Utilized industry-standard Information Assurance tools to perform vulnerability assessments and implement best practices
- Applied Secure Technical Implementation Guide (STIG) best practices to ensure compliance for classified and unclassified information systems, networking equipment, and associated software/applications
- Conducted detailed vulnerability and risk assessment analyses to support system authorization and accreditation processes
- Performed regular reviews and evaluations to ensure adherence to required IS policies and procedures, driving improvements in security compliance
- Supported and facilitated IS security inspections, testing, and reviews to identify and mitigate potential security risks
- Tool - Splunk, Nessus, P3,Trellix, McAfee, EPO, BitLocker, PowerShell, PuTTY, SolarWinds, Wireshark,Ivanti
- Validate assessment and authorization artifacts, assessment procedure test results, and technical test results (ACAS, STIG, SCAP output) to ensure level of risk is within acceptable limits for each software application, system, and network
- Utilize eMASSter and Navy Authorizing Official Standard Operating Procedures to ensure eMASS package compliance for authorization
- Performed validation efforts while ensuring accreditation packages includes all required artifacts e.g., STIGs
Network Security Analyst
Comcast / TEKsystems
07.2021 - 10.2023
- Created and executed automated software test plans, test cases, and test scripts to uncover, identify and document software problems and causes
- Troubleshoot and resolve CPE and Core equipment issues as needed during software installation and configuration
- Work with other service providers on activating offnet, Federal government, and cell towel orders
- Run DMM (CFM, OAM), and RFC tests on new installs and conduct research to test and analyze feasibility, design, operation, and performance of equipment, components, and systems
- Demonstrated proficiency in all services (ENS, EPL, EVPL) and equipment types (CIENA, JUNIPER, CISCO, NOKIA, Cable modems)
- Validate and implement CPE configurations for the new Metro Ethernet service
- Provide tier support across organizations
- Proactively and consistently support all efforts to simplify and enhance the customer experience
- Responsible for the implementation of approved network architecture and designs
- Integrates communication architectures, topologies, hardware, software, transmission, and signaling links and protocols into complete network configurations
Information Security Analyst
CenturyLink (lumen) / Ascent
07.2020 - 07.2021
- Handled computer Network troubleshooting and provided technical support regarding transmission and TCP/IP standard telecommunication practices and technologies: Ethernet Switching, IP Routing, BGP, MPLS, Spanning
- Managed network errors with an analytical approach focused on troubleshooting Lumen's network device Juniper, Cisco, Adtran, and Alcatel-Lucent, diagnosing and resolving each problem
- Managed customers' expectations of support and technology functionality to provide a positive user experience
- Developed and maintained strong client relationships to deliver exceptional customer service and problem resolution
- Performed day-to-day LAN and WAN administration, maintenance, and support
- Configured networks for smooth, reliable operation to meet business processes and objectives
- Backed up company data to distributed storage centers to avoid massive data loss in network breach or failure
- Installed, configured, and supported local area network (LAN), wide area network (WAN), and Internet system
IT Support (ISSO)
US Army Reserve
08.2018 - 07.2020
- Provide support for a system or enclave's information assurance program through validation of security assessment and authorization activities in compliance with RMF
- Develop Security Assessment Plans (SAP) to guide assessment of controls and draft Security Assessment Report Executive Summaries (SAR ES) based on risk information resulting from validation
- Ensure plans of actions and milestones (POA&M) and mitigation/remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc
- Utilize eMASSter and Navy Authorizing Official Standard Operating Procedures to ensure eMASS package compliance for authorization
- Register software and request approval through DADMS
- Assisted the command's ISSM and ISSE in developing system accreditation packages for command's Amy ATO
- Reviewed and documented changes in system security plans and plans of action and milestones (POA&Ms)
- Reviewed and analyzed system hardware and software list for security assessment plan efforts
- Performed validation efforts while ensuring accreditation packages includes all required artifacts e.g., STIGs
- Tracked RMF authorization packages from initial process to submission, and authorization to operate (ATO) approval
- Assisted scoping and tailoring system security controls in compliance with applicable DoD security requirements
- Monitored systems security controls in compliance with the system security plan and ATO approved system life cycle
- Interfaced with command's upper management for security related issues and risk mitigation plan for site packages
Education
Bachelor of Science - Project Management
Colorado Christian University
Denver, CO12.2023
Skills
- ISO/IEC 17799
- ISO/IEC 27001
- NIST
- COBIT
- ITIL
- Access Control List (ACL)
- Configuration
- Tenable (ACAS/Nessus)
- IT Project Management
- Troubleshooting
- Risk Assessment Report (RAR)
- Vulnerability Analysis
- System Development Life Cycle
- System Security Plan (SSP)
- Virtualization
- Zero Trust
- Information Assurance
- Network
- Infrastructure Management
- Risk Management Framework (RMF)
- Risk and Vulnerability Assessment
- Proficient in router & switch configuration
- Identity Management Systems
- Disaster Recovery
- Networking
- Monitoring
- Vulnerability tool (eg, Wireshark)
- DISA STIGS
- Malware Analysis
- IT Compliance
- Evaluate STIG
- SCAP Tool
- EMASS
- DADMS
- Creation of Azure Point-to-Point VPN
- PowerShell
- Office 365 Administration
- Java
- Linux
- Windows 10
Clearance
Top Secret Clearance
Certification
- CISM - Certified Information Security Manager
- CompTIA Security+ (CASP+ CE)
- Cisco Certified Network Associate (CCNA)
Timeline
Senior Classified Cybersecurity Engineer (ISSO)
Lockheed Martin
10.2023 - Current
Network Security Analyst
Comcast / TEKsystems
07.2021 - 10.2023
Information Security Analyst
CenturyLink (lumen) / Ascent
07.2020 - 07.2021
IT Support (ISSO)
US Army Reserve
08.2018 - 07.2020
Bachelor of Science - Project Management
Colorado Christian University
Similar Profiles
Jeremy PaughJeremy Paugh
Electrical Installer-C at Lockheed Martin SikorskyElectrical Installer-C at Lockheed Martin Sikorsky
Sam GilbertSam Gilbert
Warehouse Inventory Assistant at Lockheed MartinWarehouse Inventory Assistant at Lockheed Martin
Bridgette JonesBridgette Jones
Sr. Sheet Metal Assembly at Lockheed MartinSr. Sheet Metal Assembly at Lockheed Martin
MARIESSA JACOBSMARIESSA JACOBS
Systems Engineer Senior Field Technician at Lockheed MartinSystems Engineer Senior Field Technician at Lockheed Martin
Jesse PercifullJesse Percifull
Swing Reach Operator at LKQ Corporation Inc.Swing Reach Operator at LKQ Corporation Inc.