Your Name
Summary
A highly passionate, detail-oriented and self-motivated Cyber Security Analyst with extensive experience in both FISMA and NIST Special Publications. Possess an in-depth understanding of security control implementation and enforcement. Provide effective skills to proactively complete projects and assignments on time while working autonomously or in teams in a fast-paced environment Goal-oriented IT professional with significant success in planning, analyzing and implementing of security plans and initiatives. Excel in developing comprehensive, secure network designs and systems.
Overview
14
14
years of professional experience
1
1
Certification
Work History
INFORMATION SYSTEM SECURITY OFFICER
Raytheon Technologies Corp
New Kent, VA
02.2019 - Current
- Develop an awareness of changes in IT audit practices, regulatory requirements, and IT Risk frameworks to understand their impact to Auditing (e.g. NIST Framework)
- Evaluated and uploaded Plan of Action and Milestones (POA&Ms) into Enterprise Mission Assurance Support Service (EMASS) and validate artifacts specified to remediate POA&M items
- Select and tailor the appropriate controls that are applicable to the system.
- Generate vulnerability reports from scans detailing critical, high, medium, and low vulnerabilities that are needed to be remediated and collaboratively worked with system administrators’ team to ensure vulnerabilities are remediated
- Verify FISMA documentations are in compliance including CP, CPT, SP, FIPS 199, e-Auth, PTA and PIA 022
- Develop System Security Plan (SSP) to provide an overview of system security requirements and describe the controls in place or planned by information system owners to meet those requirements
- Analyze audit logs and alerts on a daily/weekly and monthly basis and report any suspicious activities to the SOC Team
- Provide independent assessments of the control environment over IT infrastructure, systems, and data through the execution of risk analysis, control evaluation, and innovative audit testing procedures ds.
- Conducted risk assessments regularly; ensured measures raised in assessments were implemented in accordance with risk profile, and root-causes of risks were fully addressed following NIST 800-30 and NIST 800-37
Compliance Analyst
Empower Retirement
CO, State
03.2016 - 02.2019
- Provided subject matter expertise with the development of security policy documentation that follows Federal Information Security Management (FISMA) requirements, and National Institute of Standards and Technology (NIST)
- Provided subject matter expertise and proficiency using tools for security assessments
- Developed and provided all documentation necessary for performing a Security Control Assessment
- Developed, reviewed and updated Information Security System Policies, System Security Plans and Security baseline in accordance with NIST, FISMA, and OMB App
- Conduct third-party risk assessments, and manage third-party risk and remediation.
- Provide on-going evaluations and validation of IT control effectiveness and internal business processes as they relate to compliance activities within areas of responsibility.
Cybersecurity Analyst
City Of Fresno, Ca
Fresno, CA
06.2013 - 03.2016
- Tested, analyzed, and interpreted Security Assessment Results for all systems
- Spearheaded kick-off meetings with the IT client team to gather evidence, develop test plans, and test procedures
- Managed controls post-authorization to ensure continuous compliance with the security requirements
- Categorized Information System and developed SP based on NIST 800-60 and NIST 800-18
- Played a key role in security incident management to mitigate or resolve confidential events
- Review technical security controls and provide implementation responses as to if/how the systems are currently meeting the requirements
- Documentation that follows Federal Information Security Management (FISMA) requirements, and National Institute of Standards and Technology (NIST)
IT HELPDESK SUPPORT ANALYST
Naphcare
Dayton, OH
12.2010 - 05.2013
- Respond to customer issues via phone, email and computer chat
- Install, make changes and repair computer hardware and software
- Follow-up with customers to ensure issues are resolved
- Managed, tracked, and coordinated problem resolution and escalation processes in order of priority for timely documentation and escalations to maintain optimum up-time
- Provided information and/or technical assistance to users concerning the development and maintenance of the computer network or for resolution of special problems
- Responsible for problem tracking and resolution of all trouble ticket and assigned tickets to the appropriate organization for resolution
- Responded to phone calls, emails and other request for technical support.
Education
Bachelor of Science - Computer Science
Kwame Nkrumah University of Science And Technology
Ghana Kumasi05.2009
Skills
- Vendor Management
- Risk Mitigation
- Risk Assessment
- Critical Thinking
- Team Building
- MS Office
- Nist publications-800-37,800-53rev4,800-137,800-60,800-34
- Risk Management Tools;XACTA,CSAM,
- Vulnerability Tool-nesus,Tenable OI,Splunk,webInpect,DB Protect
- Documentations: System Security Plan(SSP),System Assessment Report(SAR), Plan of Action & Milestone(POAM)
- PCI DSS, HIPAA
Certification
- CompTIA Security+
- SCRUM MASTER
- AWS DEVELOPER
Additional Information
- Basketball Soccer Tennis
Languages
English
Professional
TWI
Professional
Timeline
INFORMATION SYSTEM SECURITY OFFICER
Raytheon Technologies Corp
02.2019 - Current
Compliance Analyst
Empower Retirement
03.2016 - 02.2019
Cybersecurity Analyst
City Of Fresno, Ca
06.2013 - 03.2016
IT HELPDESK SUPPORT ANALYST
Naphcare
12.2010 - 05.2013
Bachelor of Science - Computer Science
Kwame Nkrumah University of Science And Technology