Dorothy Debrah
Gainesville,VA
Summary
Experienced Information Assurance professional with emphasis on Certification and Accreditation, Vulnerability Management. Expert in IT security frameworks including FISMA, with a strong background in system security audit and risk assessments.
Overview
8
8
years of professional experience
1
1
Certification
Work History
Security Consultant
Centene
01.2022 - 06.2024
- Evaluated the security control effectiveness and efficiency of services and features, recommending improvements to ensure they are audit ready at launch
- Led in client interviews to complete Security Authorization Packages and Security assessments
- Conducted independent assessments of System Security Plans (SSPs) to ensure compliance with applicable security requirements
- Bridged communication with technical engineering and business teams to successfully capture and implement compliance requirements
Security Analyst
US Department of Education Administration
10.2019 - 01.2022
- Led in comprehensive security control assessments both on-site and off-site, including Certification and Accreditation (C&A), Technical Assessments (vulnerability scanning and analysis), ensuring compliance with NIST and agency-specific requirements
- Developed and maintained POA&Ms and supports remediation activities in collaboration with the customers and Security Engineers
- Developed and delivered key security documentations, including Security Assessment Plans (SAPs), Security Assessment Reports (SARs), and Plan of Action and Milestones (POA&Ms)
Security Analyst
CVS Corporation
01.2016 - 01.2019
- Conducted vulnerability scanning assessments for FISMA-compliant systems, analyzed scan results, delivered vulnerability scan and recommending appropriate mitigation strategies
- Collaborated with System Owners and ISSOs in preparing Accreditation (C&A) packages and ensuring IT systems are compliant as mandated by NIST standards
- Led in system categorization based on the information types, Confidentiality, Integrity, and Availability (C.I.A.) using FIPS 199 and NIST guidelines, ensuring alignment with FISMA
- Analyzed and updated key security documentation, including System Security Plans (SSP), Risk Assessments (RA), Privacy Impact Assessments (PIA), System Security Control Assessments (SCA), and Plans of Action and Milestones (POA&M), to meet FISMA compliance
Education
B.A -
George Mason University
01.2020
Skills
- Security Assessment
- Program Management
- Vulnerability scanning and Analysis
- POA&M Development
- Compliance and Risk Management
- Continuous Monitoring (ConMon)
Certification
- CISA
- CompTIA Security+
Timeline
Security Consultant
Centene
01.2022 - 06.2024
Security Analyst
US Department of Education Administration
10.2019 - 01.2022
Security Analyst
CVS Corporation
01.2016 - 01.2019
B.A -
George Mason University
Similar Profiles
Jennifer MatukaitisJennifer Matukaitis
Business Analyst at CenteneBusiness Analyst at Centene
DIANA GUTIERREZ, MSN, RN.DIANA GUTIERREZ, MSN, RN.
Triage Nurse- PRN at CenteneTriage Nurse- PRN at Centene
Hallie PikeHallie Pike
Member and Provider Customer Service Rep I at CenteneMember and Provider Customer Service Rep I at Centene
Jennie ZautnerJennie Zautner
Business Analyst at CenteneBusiness Analyst at Centene
Jasmin Stevens, CISSPJasmin Stevens, CISSP
Data Science Analyst - Cyber Security at Mystek SystemsData Science Analyst - Cyber Security at Mystek Systems