Summary
Overview
Work History
Education
Skills
Timeline
Generic

Edward Anagho

MEW MARKET,MD

Summary

Talented, results-driven Information Security Professional with versatile, cross-platform experience with 9 years achievement in Infosec. I possess complete knowledge of System development life cycle. Experience in Risk Management Framework (RMF) implementation, Federal Information System Management Act (FISMA), Certification and Accreditation (C&A) processes, Assessment and Authorization (A&A), Ongoing Authorization (OA) control testing, systems/network architecture, and security. Experienced in hardware, software, security technologies, analyzing network security deficiencies and violations, performing risk assessments, audits, vulnerability assessments, and vulnerability management. Delivered solutions, implemented management, operational, technical, and physical controls. Established security management, protection of assets, and compliance.
Demonstrated organizational and interpersonal skills working across departmental boundaries while maintaining strong communications and disseminating information from technical to comprehensible language to management, peers, and users. Performed as a highly motivated, goal-oriented team player with ability to work on projects alone

Overview

10
10
years of professional experience

Work History

Information System Security Officer (ISSO)

Paragon Systems Inc
11.2018 - Current
  • Providing information security expertise in support of Office of Chief Information Officer (OCIO)
  • Establish schedule to drive ISSO activities & requirements from RMF Step 1-6
  • Ensure system categorization for information security requirements (i.e., management, operational, & technical controls), for information & information system is correct (FIPS-199 Form used as well)
  • Create criteria questions about the system being assessed to determine if requirements are applicable & to tailor control statements
  • In coordination with the SO, select security controls and identify common controls
  • Document system-level continuous monitoring plan (Controls that will change with changes to the boundary)
  • Ensure policies & procedures are in place for all controls, and review them annually
  • Document control status & implementation statements in IACS (XACTA)
  • Collect & review Equipment, Hardware, & Software Inventory (including Ports, Protocols, Services Network Diagram, and system users)
  • Document & complete Annual Contingency Plan
  • Schedule, conduct, & document Contingency Plan Test
  • Update SSP in IACS by entering in all information in the required fields, & record assessment results
  • Perform self-assessment (control testing)
  • Request & analyze WebInspect & DbProtect scan results
  • Review & acknowledge Information Security Vulnerability Management (ISVM) alerts in CDMT (Continuous Diagnostics and Management Tool)
  • Create & track POA&M remediation
  • Create Remediation Plan to document corrective action plan for tracking & planning the resolution of information security weaknesses
  • Review audits logs as provided by Splunk for suspicious activities
  • In Coordination with the Security Authorization Manager, complete & submit the ATO package to the management

Information System Security Officer

Altruist Consult, LLC
04.2015 - 11.2018
  • Implement Risk Management Framework (RMF) in accordance with NIST SP 800-37
  • Participates in the development and maintenance of system security plans and contingency plans for all systems under their responsibility
  • Planned, System Security Checklists, Privacy Impact Assessments, POA&M, and Authority to Operate (ATO) letters
  • Develop Plan of Action and Milestones (POA&M) for identified vulnerabilities and ensure compliance through monthly updates
  • Maintain inventory of all information Security System assigned
  • Develop a variety of Assessment & Authorization deliverables including System Security Plan (SSP), Security Assessment Report (SAR), Contingency Plan (CP) and POA&M for review and approval for Authorization Official
  • Monitor and conduct Security Control Assessment to ensure all controls meet security requirements as stipulated in the SSP and NIST SP 800-53 Rev 4

Education

Bachelor of Science - HISTORY

UNIVERSITY OF YAOUNDE- CAMEROON
CAMEROON
06-1999

Skills

Network security, cloud security, operating systems, programming, networking protocols, cryptography, malware analysis, digital forensics, incident response, and threat monitoring, along with analytical and problem-solving abilities

TECHNICAL PROFICIENCIES:

NIST 800-37

NIST SP 800-60 FIPS 199

NIST SP 800-53 FIPS 200

NIST 800-18

NIST SP-800-53A

NIST 800-30

NIST 800-34

NIST SP 800-137

C&A/SCA PROCESS

RMF PROCESS

FIPS 199

E-Auth Assessment

PTA/IPR

PIA

SYSTEM COMPOENTS

BIA

ISCP

ISCPT

SSP

IRP

IRPT

SAP

RTM

SAR

OATO

ATO

POA&M

NESSUS Scan REPORT

FedRAMP

CSAM/TAF/XACTA/CFACTS

User Authentication

Timeline

Information System Security Officer (ISSO)

Paragon Systems Inc
11.2018 - Current

Information System Security Officer

Altruist Consult, LLC
04.2015 - 11.2018

Bachelor of Science - HISTORY

UNIVERSITY OF YAOUNDE- CAMEROON

Similar Profiles

  • Misty Birch McLoughlin

    Misty Birch McLoughlinMisty Birch McLoughlin

    Senior Investigator at Paragon Systems IncSenior Investigator at Paragon Systems Inc

    View Profile
  • Jesus Alonzo

    Jesus AlonzoJesus Alonzo

    Armed Security Officer at Paragon Systems IncArmed Security Officer at Paragon Systems Inc

    View Profile
  • Steven Chappell

    Steven ChappellSteven Chappell

    Security Officer at Paragon Systems IncSecurity Officer at Paragon Systems Inc

    View Profile
Edward Anagho