Cheick Abou Traore
Upper Marlboro,MD
Summary
Adept at spearheading cybersecurity initiatives, I enhanced system security for Top Group Technologies by implementing robust security policies and conducting comprehensive risk assessments. My expertise in Varonis Data Advantage and adeptness in cross-functional collaboration significantly mitigated potential threats, achieving a notable improvement in incident response efficiency.
Overview
7
7
years of professional experience
1
1
Certification
Work History
Information Security Analyst
Top Group Technologies
04.2020 - Current
- Contributes to the development and review of security policies and standards including security policies, incident response and management plans
- Led resolution of technical and security issues escalated from the Security Operations Center (SOC) & Network Operations Center (NOC) analysts
- Correlate data points from SIEM aggregated sources to support identification of anomalous behavior (UEBA) with Crowdstrike, Varonis and Rapid7
- Conducted security assessments through vulnerability testing and risk analysis
- Assess and report maturity assessment for client SOC operations and security incident management
- Contributed to both internal and external pen-testing, security and compliance audits
- Protection of the infrastructure that runs all the services offered in the AWS Cloud, includes data centers, hardware, software, networking, and facilities
- Analyzed and conducted in-depth analyses and correlation of data against security breaches and to detect fraud as well as identify the root cause
- Conduct comprehensive vendor assessments to identify and mitigate security risks, including security controls, policies, and procedures
- Develop and maintain vendor risk management frameworks (RMF) to identify, assess, and mitigate potential risks
- Conduct risk analysis and develop mitigation strategies to minimize exposure to security threats
- Continuously updating the company’s incident response, business continuity and disaster recovery plans and programs
- Collaborate with cross-functional teams to manage third-party risk assessments, ensuring compliance with industry regulations such as HIPAA, PCI-DSS, and SOC
- Ensure compliance with regulatory requirements and guide business units on security best practices
- Collaborate with internal audit teams to review and validate third-party compliance with policies and procedures
- Manage relationships with third-party vendors, including ongoing monitoring and assessments of vendor security posture
- Communicate effectively with stakeholders to provide updates on vendor risk assessment status, risk mitigation strategies, and compliance with regulatory requirements
Automation Control Engineer
Kirkwood Community College
05.2019 - 03.2020
- Company Overview: Facilities and Security
- Designed, implemented, and maintained Building Automation Systems (BAS), integrating compliance standards into architecture
- Conducted vulnerability scans and monitored system logs to detect and address security threats proactively
- Partnered with IT and security teams to analyze logs, develop mitigation plans, and ensure system security alignment
- Collaborated with contractors and stakeholders to ensure compliance with institutional standards and best practices
- Perform skilled work in the operation, installation, and testing of digital controls (DDC) for heating, ventilation, and air-conditioning (HVAC) of complex building systems
- Aid in the design, implementation, and future compliance of building Automation System architecture, data modeling, data acquisition, graphical design, and reporting
- Conducted regular vulnerability scans to detect vulnerabilities within the network and systems
- Building Automation network administration-aid in design, implementation, and compliance
- Partnered with the security operations team to ensure thorough analysis of security logs and timely mitigation of potential security incidents
- Inspect projects and contracted work for compliance with Kirkwood standards
- Attend contractor meetings to review specifications and provide guidance on building system controls
- Facilities and Security
IT Security Engineer
ToThe Rescue
02.2018 - 04.2019
- Designed and implemented security solutions to protect sensitive data related to caregiving services and client records
- Conducted vulnerability assessments, penetration testing, and audits to identify and remediate potential security risks
- Developed and enforced information security policies and procedures, ensuring compliance with HIPAA and other regulatory standards
- Configured firewalls, intrusion detection systems (IDS), and endpoint protection platforms to enhance network security
- Responded to and resolved security incidents, minimizing operational downtime and ensuring swift recovery
- Provided security awareness training to staff, promoting best practices in cybersecurity and data protection
- Collaborated with IT and operations teams to secure applications and systems used in caregiving operations
- Monitored network traffic and system logs to detect and prevent unauthorized access or suspicious activity
Education
Bachelor of Science - Computer Science
Southern New Hampshire University
Skills
- Wireshark
- Nmap
- Nessus Software
- Risk Management Framework (RMF)
- Varonis DatAdvantage
- Crowdstrike Falcon Complete
- Insight Rapid7
- Python
- PowerShell
- Vulnerability assessment
- Assessment and Authorization (A&A)
- NIST 800 Series
- System Security Plan (SSP)
- System Assessment Report (SAR)
- Plan of Actions and Milestone (POAM)
- Risk Analysis
- Security Life Cycle
- Threat Reports
- Contingency Planning
- Data Security
- Developing security plans
- Implementing security programs
- Implementing security controls
- TPRM
- ISO 27001
- PCI DSS
- SOX
- HIPAA
- SIEM Monitoring
- IOS/OS platform security
- JIRA
- Network security
- Firewall management
- Encryption
- Access control and authentication
- Log management and monitoring
- Risk assessment and mitigation strategies
- Security policy and procedure development
- Vendor risk management
- Compliance management
- Security awareness training
- ServiceNow GRC
- SAP GRC
- RSA Archer
- Xacta
- MetricStream
- IBM OpenPages
- Splunk
- Waterfall
- Scrum
- Agile
- Iterative
- Windows Win 7
- Windows 8
- Windows Vista
- Windows XP
- Windows 2000
- LUNIX
- MS Office
- MS Visio
- SharePoint
- MS Projects
- Internet Explorer
- Firefox
- Chrome
- Safari
Certification
- (ISC)2 Certified Authorization Professional - CAP
- CompTIA Security +
- Project Management
- SQL
Languages
French
Full Professional
Timeline
Information Security Analyst
Top Group Technologies
04.2020 - Current
Automation Control Engineer
Kirkwood Community College
05.2019 - 03.2020
IT Security Engineer
ToThe Rescue
02.2018 - 04.2019
Bachelor of Science - Computer Science
Southern New Hampshire University
Similar Profiles
Jones MensahJones Mensah
Information Security Analyst at Top Group TechnologiesInformation Security Analyst at Top Group Technologies
MAYOWA A.MAYOWA A.
Business Analyst at Cell Signaling TechnologiesBusiness Analyst at Cell Signaling Technologies
Abosede Abby AdeniyiAbosede Abby Adeniyi
Proposal Coordinator at The Frederick GroupProposal Coordinator at The Frederick Group
Esdras TalabertEsdras Talabert
General Merchandise Expert / Closing Expert at TargetGeneral Merchandise Expert / Closing Expert at Target
Janese TaylorJanese Taylor
Medical Transportation Driver at Ride 4 HealthMedical Transportation Driver at Ride 4 Health