Alfred Asiedu
Summary
Dedicated and results-driven security analyst with experience in risk management and a proven track record of implementing and maintaining effective Risk Management Frameworks. Seeking a position in a company to contribute to identifying, assessing, and mitigating risks to enhance organizational security using NIST SP 800 series and FIPS 199& 200 as guidance.
Overview
3
3
years of professional experience
1
1
Certification
Work History
Information Security Analyst
Group1 Auto
02.2021 - Current
- Implemented and maintained IT security controls, ensuring compliance with client policies and regulatory requirements
- Conducted security assessments resulting in the identification and remediation of control gaps, enhancing overall system security
- Test the contingency plan on a regular basis and make necessary changes based on the test results
- Conduct security assessments to determine the effectiveness of security controls that have been planned and implemented
- Performs risk assessments on security flaws in control implementation that have been found
- Provide implementation details tailoring the NIST SP 800-53 Rev 4 controls for assigned applications
- Prepared comprehensive authorization packages (SSP, SAR, and POA&MS) for information systems seeking ATO
- Apply the proper information security controls for the Federal Information System in accordance with NIST 800-37 Rev 1, SP 800-3, 800-53 Rev 4, FIPS 199 and 200
- Develop Security Assessment Report (SAR) after the completion of the Security Test and Evaluation (ST&E) questionnaire
- Develops requirements for system security and assesses suggested modifications to the operational and business systems
- Perform an annual tabletop exercise for the Information System Contingency Plan (ISCP) in accordance with the Business Continuity Plan (BCP)
- Conducted regular training sessions to increase awareness of security policies and best practices among employees.
Security Analyst Associate
WIG-IT Solutions
10.2020 - 02.2021
- Assisted in the development and implementation of the organization's risk management policies and procedures
- Participated in risk assessments, identifying, and evaluating potential risks to business operations and information systems
- Contributed to the preparation of risk reports and presented findings to management, enabling informed decision-making
- Collaborated with IT teams to ensure the timely implementation of security controls and mitigation strategies
- Assisted in the development and delivery of training programs on risk management principles and practices
- Provided other IT related duties as assigned.
Education
Bachelor of Science - Information Technology
Western Governors University
Salt Lake City, UTAssociate of Science - Cybersecurity
Chattahoochee Technical College
Marietta, GASkills
- NIST SP 800 Series, Federal Information Processing Standards (FIPS) 199 & 200, System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Risk Assessment (Impact Analysis), Continuous Monitoring, Plan of Action & Milestone (POA&M), Incident Response Plan, Threats, Vulnerabilities Management
Certification
CompTIA Security +
CompTIA A+
Microsoft Security Fundamentals (MTA)
Timeline
Information Security Analyst
Group1 Auto
02.2021 - Current
Security Analyst Associate
WIG-IT Solutions
10.2020 - 02.2021
Bachelor of Science - Information Technology
Western Governors University
Associate of Science - Cybersecurity
Chattahoochee Technical College