ACHOGE COLINS NWUNNEH
Houston,TX
Summary
Information Security professional with comprehensive experience in risk assessment, compliance, and mitigation strategies. Expertise in regulatory frameworks, threat analysis, and vulnerability management. Achieved and maintained FedRAMP Authorization, increasing client trust by 55%.
Overview
7
7
years of professional experience
1
1
Certification
Work History
Security Control Assessor
Solventum
11.2023 - Current
- Prepares and lead planned or ad hoc Security Control Assessments (SCA)
- Documents the Plan of Action and Milestone POA&M and follow up with respective teams for remediation
- Continuously analyzes system compliance scans against DISA STIGs and CIS benchmark compliance
- Conducts periodic and ad hoc internal system's security audits and reviews to ensure system's adhere to best industrial standards such as NIST, PCI DSS, and ISO 27001
- Conducts vendor system's SCA and develop effective Interconnection Security Agreements (ISA)
- Conducts Security Impact Analysis (SIA) and Privacy Impact Assessments (PIA) to support system engineering projects
- Briefs management on the security status of system's monthly
- Collaborates with IT teams to integrate system security, privacy and risk management plans into the software development life cycle (SDLC)
- Analyzes security incidents post-resolution, identifying areas for improvement in both technical controls and incident response processes
Information Security & Compliance Analyst
3M
03.2018 - 11.2023
- Evaluated system readiness for audit-focused security control assessments, by reviewing RMF Steps 2-3 workflows
- Conducted comprehensive reviews of technical, management, and operational controls during RMF Step 5
- Developed comprehensive Security Control Assessment (SCA) documentation, encompassing Security Assessment Reports (SAR), System Authorization Package (SAP), Evidence Request List ERL, POA&M, and Kick-off slides used in the assessment of multiple FedRAMP system's
- Analyzed Nessus-Scan reports captured in Splunk tool to validate system authorization boundaries, identify vulnerabilities, and ensure compliance
- Provided security awareness training to employees to promote a culture of security within the organization; reducing the rate of security events by 25%
- Stayed current with latest changes to applicable regulatory standards and company procedures..
Education
CERTIFICATION - Cloud Computing
University of Phoenix
Tempe, AZ01-2021
Master of Science - Cyber Security
University of Phoenix
Tempe, AZ01-2018
Bachelor of Science - Information And Communication Technology
University of Buea
Cameroon06-2014
Skills
- FedRAMP, PCI-DSS, HIPAA, ISO 27001, SOC 2
- NIST 800-60, FIPS 199, NIST 800-53, NIST 800 53A
- Qualys, Tenable Nessus Scan, Splunk
- CSAM GRC, OneTrust, LogicGate, RSA Archer
- Incident response management
- Security policy development
- Vulnerability analysis
- Security control assessment
- Cybersecurity frameworks
Certification
- CompTIA Cybersecurity Analyst (CYSA+), 12/01/18
- ISO 27001 Lead Implementer (PECB), 12/01/19
- Professional Scrum Master (PSM)
Timeline
Security Control Assessor
Solventum
11.2023 - Current
Information Security & Compliance Analyst
3M
03.2018 - 11.2023
- CompTIA Cybersecurity Analyst (CYSA+), 12/01/18
- ISO 27001 Lead Implementer (PECB), 12/01/19
- Professional Scrum Master (PSM)
CERTIFICATION - Cloud Computing
University of Phoenix
Master of Science - Cyber Security
University of Phoenix
Bachelor of Science - Information And Communication Technology
University of Buea
Similar Profiles
Jaydon KendallJaydon Kendall
Warehouse Operator at SolventumWarehouse Operator at Solventum
Nissa DossNissa Doss
Production Machine Operator at SolventumProduction Machine Operator at Solventum
Monica GuadarramaMonica Guadarrama
Focus Factory Associate 2 - Machine Operator at SolventumFocus Factory Associate 2 - Machine Operator at Solventum