Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Timeline
Generic

Dennis Williams

Raleigh-Durham,NC

Summary

Multi-talented IT professional with over 5 years of experience developing and implementing security solutions in fast-paced environments. Skilled in Security and privacy control Assessment with proven history of delivering exceptional risk management support. Self-motivated and deadline-oriented with a track record of on-time deliverables. Clear understanding and experience with the RMF process. Skilled in assembling authorization package using documents like NIST 800 series.

Overview

12
12
years of professional experience
1
1
Certification

Work History

Information Assurance Compliance Analyst

Merck & Company
08.2018 - Current
  • Plan and perform security controls assessments on information systems following NIST SP 800-53, 800-137, and NIST SP 800-53A to support the departments Authority to Operate (ATO) process or its annual assessment process - activities could include control assessment (Interview & Examination, physical security walkthrough or technical vulnerability testing).
  • Perform analysis and review of scan data from Nessus Scanner
  • Reviews System Security Plan (SSP) of information systems to ensure control implementation accuracy.
  • Produce Security Assessment Report (SAR) after conducting assessment and document information system findings.
  • Reviews security categorizations using the FIPS 199 and SP 800 60 as a guide in the risk management framework.
  • Coordinates with business process owners to ensure timely identification and remediation of information system risk related issues and action plan (POA&M).
  • Organizes and participates in kick-off meetings with information system stakeholders prior to assessment engagement.
  • Assists System Owners and ISSOs through Security Assessment and Authorization (SA&A) Process, ensuring that operational, management and technical controls securing sensitive Security Systems are in place and being followed according to the NIST 800-60 Federal Guidelines.
  • Organizes and participates in kick-off meetings with information system stakeholders prior to assessment engagement.
  • Identifies and advises on major security incidents, which could impact day-to-day services and operations to determine strategies and recommend measures to mitigate risk.
  • Protect enterprise systems and information by recommending mitigating measures to strengthen the information system security posture.
  • Coordinates Information Security Continuous Monitoring (ISCM) of existing systems under client’s portfolio.

Information Technology Analyst

Merck & Company
10.2016 - 08.2018
  • Enhanced system efficiency by implementing advanced IT solutions and optimizing workflow processes.
  • Streamlined data management for improved decision-making and operational support.
  • Conducted thorough system analyses and recommended effective improvements, increasing overall productivity.
  • Reduced downtime and resolved technical issues swiftly through proactive monitoring and troubleshooting.
  • Implemented robust security measures to safeguard sensitive information and protect against cyber threats.
  • Created detailed documentation of system specifications, user guides, and best practices for easy reference by team members.
  • Participated in internal audits regarding quality management system.
  • Provided recommendations regarding new hardware and software to keep IT infrastructure up to date.
  • Established effective communication channels between IT teams and stakeholders for seamless project execution.

Calibration Systems Auditor

ConocoPhillips
01.2015 - 09.2016


  • Created standard operating procedures for New and existing calibration equipment
  • Enhanced calibration procedures by implementing advanced software tools and techniques.
  • Implemented a system for tracking audit findings and monitoring progress towards resolution, promoting accountability within the organization
  • Streamlined audit processes, improving efficiency and reducing time spent on each audit engagement.
  • Streamlined workflow processes by developing comprehensive documentation of calibration procedures.
  • Collaborated with cross-functional teams to ensure consistent quality and accuracy in equipment measurements.
  • Ensured compliance with industry standards and regulations through meticulous record-keeping and reporting practices.
  • Implemented innovative solutions to address complex calibration challenges, ensuring accurate results across diverse applications.
  • Conducted root cause analysis of non-conformities, implementing appropriate corrective actions to prevent recurrence.

Systems Automation Engineer

British Petroleum
08.2011 - 01.2015
  • Performed safety audits, assessments and upgrades to automation systems associated with oil and gas production sites
  • Responsible for the maintenance, inspection, installation, and calibration of automation systems associated with production well-sites
  • Managed gas-compression units, production equipment, liquid pumping stations, artificial lift, PLC, Red lion HMI, and electronic flow equipment for gas measurement
  • Controlled remote telemetry units, radios, control valves, electrical and pneumatic end devices transmitters, switches, controlling level, flow, pressure and temperature
  • Ensured the compliance and enforcement of company, environmental, governmental policies and regulations as they apply

Education

Associate of Applied Science - Computer Science

San Juan College
Farmington, NM
05.2012

Skills

  • Information Security Auditing
  • FISMA
  • CIS Compliance
  • Nessus Tenable
  • Incident Response Management
  • Communication
  • Vulnerability Management
  • Risk Management Framework (RMF)
  • NIST Special Publication Standards
  • FedRamp

Accomplishments


    Information Systems Audit and Controls Association-(ISACA)

    National Society of Leadership and Success

Certification

  • CompTIA Security+
  • ISACA-Certified Information Systems Auditor

Timeline

Information Assurance Compliance Analyst

Merck & Company
08.2018 - Current

Information Technology Analyst

Merck & Company
10.2016 - 08.2018

Calibration Systems Auditor

ConocoPhillips
01.2015 - 09.2016

Systems Automation Engineer

British Petroleum
08.2011 - 01.2015

Associate of Applied Science - Computer Science

San Juan College
  • CompTIA Security+
  • ISACA-Certified Information Systems Auditor
Dennis Williams