DARRYL DANOO
CYBER SECURITY ANALYST
Los Angeles,CA.
Summary
Insightful Cyber Security Analyst with 7 Years’ experience with focus on Data privacy, HIPAA, ISO 27001/27018, SIEM, FISMA, NIST, system security evaluation, validation, monitoring, risk assessments, audit engagements, testing information technology controls and key compliance regulations. Detailed oriented and well organized.
Authorized to work in the US for any employer
Overview
8
8
years of professional experience
1
1
Certification
Work History
IT CLOUD SECURITY / PRODUCT & QA ENGINEER
LYNK REMOTE TECHNOLOGIES
San Diego, CA
03.2021 - Current
- Gather and document business requirements, acceptance criteria and user stories for SDLC for software systems that run on SaaS platforms
- Work closely with development, test, documentation and product management teams to deliver high quality products and services in fast paced environment
- Identifying and evaluating the risks during review and analysis of system development life cycle (SDLC), which includes the design, testing /QA and implementation of systems and upgrades
- Participate in development of roadmaps and participate in the standards process for (IAM) solutions
- Work with the project team on implementing the defined policies within the (IAM) Solutions
- Conducted security assessments and made recommendations for disaster recovery, remote access, network appliances, servers and directory services security
- Assess and reviews Cloud network configurations, IT general controls, risk and compliances with policies and procedures from a security angle; as well as fix any issues
- Maintain and Execute Cloud Information security strategy to proactively identify risk and drive remediation
INFORMATION SECURITY ANALYST/ AUDITOR
YEHOWA MEDICAL SERVICES
Los Angeles, CA
07.2018 - 03.2021
- Develop, review, and update Security Assessment Plan documentation using Federal Certification and Accreditation (C&A) processes
- Communicate and enforce security policies, procedures, and safeguards for all systems and staff, based upon NIST
- Perform HIPAA audits and other related IT reviews (NIST, PCI DSS) as prescribed in the annual plan
- Assisted project teams in the implementation of security measures to meet corporate security policies and external regulations (HIPAA, NIST)
- Analyze and update Risk Assessment (RA), Privacy Impact Assessment (PIA), System Security Plan (SSP), System Security Test and Evaluation (ST&E) and the Plan of actions and Milestones (POA&M)
- Champion the improvement of identity and access management process, controls and communications related to policies and procedure
- Analyze and advise on the risk and remediation of security issues based on reports from vulnerability assessment scanners, patch management tools, and emerging threat information
- Perform vulnerability assessment on multiple platforms to integrate remediation solutions to address findings.
- Reviewed violations of computer security procedures and developed mitigation plans.
- Monitored computer virus reports to determine when to update virus protection systems.
INFORMATION SECURITY ANALYST
CRU PROPERTY MANAGEMENT
Costa Mesa, CA
06.2016 - 08.2018
- Make sure Risk is assessed, evaluated and proper actions have been taken to limit their impact on the information and information systems
- Conduct IT security controls risk assessment that include reviewing organizational policies, standards and procedures and provide advice on their adequacy, accuracy and in compliance with the Payment Card Data Security Standard (PCI DSS)
- Conduct self – annual assessment (NIST SP 800 53A.)
- Prepare, present and support the communication of risk findings to customers
- Verify proper privacy complaints or program gaps requiring solutions
- Develop information security risks and vulnerabilities assessments and applied security controls to assure confidentiality, integrity and availability of information systems and associated data
- Analyze and update Risk Assessment (RA), Privacy Impact Assessment (PIA), System Security Plan (SSP), System Security Test and Evaluation (ST&E) and the Plan of actions and Milestones (POA&M).
INFORMATION SECURITY ANALYST
NATIONWIDE CREDIT CORP
Alexandria, VA
02.2014 - 04.2016
- Conducted IT controls risk assessments that included reviewing organizational policies, standards, procedures and guidelines
- Perform HIPAA audits and other related IT reviews (NIST, PCI DSS) as prescribed in the annual plan
- Identify weakness in the internal controls and opportunities to enhance operational efficiencies
- Maintained appropriate security documentation for applications and systems
- Developed security control test plans and conducted in-depth security assessments of information systems that evaluate compliance of administrative, physical, technical, organizational and polices safeguards in order to maintain HIPAA compliance
- Work directly with the business units to facilitate IT risk analysis and risk management processes, identify acceptable levels of risk, and establish roles and responsibilities with regard to information classification and protection
- Lead privacy content training initiatives, including internal and external communications.
Education
BSc - INFORMATION TECHNOLOGY
university of MARYLAND UNIVERSITY COLLEGE
A.S - COMPUTER INFORMATION SCIENCE AND SYSTEMS
MONTGOMERY COLLEGE
Skills
- Compliance with Security Requirements
- Incident Response
- Work Orders
- System and Network Security
- Cloud Security Infrastructures
- Atlassian JIRA
- Developing Security Plans
- Vulnerability Management
- Bug Fixes
- Multi-Factor Authentication
- Disaster Recovery Planning
- Backup Procedures
- Splunk Enterprise
- User Acceptance Testing (UAT)
- Data Reports
- Access Controls
- Log Monitoring and Management
- Risk Analysis
- Root Cause Identification
- Security Recommendations
- Backup Recovery
- Firewall Functionality
Certification
PMI PMP | COMPTIA SECURITY + | ISACA CISA | ISACA CISM | AWS SOLUTION ARCHITECT | MS AZURE 2
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Quote
There is a powerful driving force inside every human being that, once unleashed, can make any vision, dream, or desire a reality.
Tony Robbins
Timeline
IT CLOUD SECURITY / PRODUCT & QA ENGINEER
LYNK REMOTE TECHNOLOGIES
03.2021 - Current
INFORMATION SECURITY ANALYST/ AUDITOR
YEHOWA MEDICAL SERVICES
07.2018 - 03.2021
INFORMATION SECURITY ANALYST
CRU PROPERTY MANAGEMENT
06.2016 - 08.2018
INFORMATION SECURITY ANALYST
NATIONWIDE CREDIT CORP
02.2014 - 04.2016
BSc - INFORMATION TECHNOLOGY
university of MARYLAND UNIVERSITY COLLEGE
A.S - COMPUTER INFORMATION SCIENCE AND SYSTEMS
MONTGOMERY COLLEGE
Similar Profiles
Matthew Smith Sr.Matthew Smith Sr.
Senior Account Executive (Contractor Mgmt) at Remote TechnologiesSenior Account Executive (Contractor Mgmt) at Remote Technologies
Christopher D CharlemagneChristopher D Charlemagne
Claims Examiner at Gainwell Technologies RemoteClaims Examiner at Gainwell Technologies Remote
Kalene GodoyKalene Godoy
Lead, People Operations Specialist (Contract) at Remote TechnologiesLead, People Operations Specialist (Contract) at Remote Technologies
Yoko OzekiYoko Ozeki
Server at Mor NozomiServer at Mor Nozomi
HECTOR RIVERAHECTOR RIVERA
Field Service Technician at TPx CommunicationsField Service Technician at TPx Communications