Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

ERNEST EBAKS

MARYLAND CITY,MD

Summary

4 years of experience in cyber security. A highly driven, detail-oriented, and experienced IT Cybersecurity professional with thorough knowledge and understanding of FISMA and Risk Management Framework. Well experienced in monitoring, documenting ATO Package, remediating POAMs, Risk assessment. Proven record of evaluating system vulnerability to recommend security improvements and Audit Findings.

Developed expertise in security assessment and compliance within regulated environment, seeking to transition into new field where analytical and evaluation skills are valued. Proficient in conducting thorough risk assessments and implementing security controls to safeguard assets. Looking to leverage these skills to make meaningful impact in different professional domain.

Overview

11
11
years of professional experience
1
1
Certification

Work History

SECURITY CONTROL ASSESSOR

LOYALSOURCE GOVERNMENT SERVICES
08.2022 - Current
  • Develop a security assessment plan (SAP) to document the assessment scope, schedule, tools, and personnel for a security assessment and authorization (A&A) process.
  • Schedule and Conduct kickoff meeting as part of security assessment and authorization (A&A) process.
  • Conduct annual security control assessment in accordance with the assessment procedures defined in the security assessment plan (SAP).
  • Test cases with the security control assessment results as populated in RTM Using NIST 800-53A Rv4
  • Develop, review and updated security documentation including the System Security Plan, PTA, PIA Privacy Impact Assessment, PII, Configuration Management Plan, Contingency Plan, Contingency Plan Test Report, and E-Authentication
  • Prepare the security assessment report (SAR) for documenting the issues, findings, and recommendations from the security control assessment
  • Support the Information System Security Officer (ISSO)/System POCs during the Assessment and Authorization (A&A) process to ensure assigned systems have the proper Authorization to Operate (ATO) using the NIST SP 800-37 Risk Management Framework (RMF) guidance
  • Support the ISSO/System POCs to conduct risk and vulnerability assessments of information systems to identify vulnerabilities and to reduce risks to the systems
  • Compiling security authorization packages documentation such as system security plan (SSP), security assessment report (SAR), plan of action and milestones (POA&M) and ATO letter that are required by the Federal Information Security Management Act (FISMA) and OMB compliance process
  • Conduct effective mapping of the identified vulnerabilities to the security controls and document findings and recommend CAP
  • Review and analyze the automated scan results from 3 months back from NESSUS vulnerability scan results.
  • Participate in POA&M remediation activities to correct noted findings
  • Review artifacts and perform POA&M closure validation to ensure no system weakness remediation is in delay status
  • Vulnerability scanning using NESSUS(Tenable), NMAP, to update the security enterprise architecture of the information and information system and Patch management as required for periodic update and security posture.
  • Work with tools in FedRAMP, Xacta and CSAM.
  • Use DISA STIG to harden system vulnerability posture.

SECURITY CONTROL ASSESSOR

CYBERSOFT TECHNOLOGIES, LANHAM
09.2017 - 08.2019
  • Developed, reviewed, and updated Information System Security Policies, System Security Plans and Security baseline in accordance with NIST, FISMA, OMB compliance.
  • Applied appropriate baseline security controls for Federal Information System based on NIST 800-37 rev1, SP 800-53 rev4, FIPS 199/200 and OMB 130 Appendix III guidelines.
  • Conducted systems and network vulnerability scans to identify and to recommend ways to remediate potential risks using Nessus vulnerabilities scan.
  • Participated in team activities during assessment and engagement processes
  • Prepared and submitted Security Assessment Plan (SAP)
  • Conducted Security Assessment using NIST 800-53A Rev4
  • Created reports detailing the identified vulnerabilities and the steps taken to remediate them.
  • Test cases using NIST 800-53A rev4, documenting findings Pass/Fail in RTM, SAR and POA&M developed thereafter inorder to remediate findings and reduce Risk.

IT HELPDESK SUPPORT

IT Pronet Technologies
01.2014 - 07.2016
  • PC hardware installation, configuration, maintenance and upgrades
  • Cable crimping, RJ-45, CAT 5 and coaxial cables
  • Operating System installation, maintenance and upgrades
  • Engaged and tracked priority issues with responsibility for the timely documentation, and Escalation to next tier of tech support
  • Provided information on technical assistance to users concerning the development and maintenance of the computer network or for resolution of special problems
  • Earned recommendation for teamwork, flexibility and work excellence in providing IT support during emergencies.

Education

Bachelor of Science - Geography (Ed).

Olabisi Onabanjo University
Ago-Iwoye Ogun State, Nigeria

CompTIA A -

Baltimore City Community College
Baltimore, Md
2017

Skills

  • Team leadership
  • Great troubleshooting skills
  • Strong verbal communication
  • Interpersonal and written communication
  • Extremely organized
  • Self-motivated
  • Vulnerability tools both for web and Network using Nessus and NMAP
  • Active Directory (AD) and SharePoint
  • SIEM(Splunk) Analyser
  • Skilled in A, basic networking, basic Linux fundamentals, windows server 2016, windows OS
  • Strong understanding of RMF and NIST publications 800-60, 18, 53, 53A4, 37,137 FIPS 199/200 publications
  • Two-factor authentication
  • Intrusion detection systems
  • Security policy development
  • Access control management
  • Vulnerability analysis
  • Vulnerability assessment
  • Risk assessment expertise
  • Compliance auditing
  • Security control evaluation
  • System security planning
  • Problem-solving
  • Access control
  • Risk assessment
  • Incident response
  • Compliance monitoring
  • Patch management
  • Data encryption
  • Disaster recovery
  • Business continuity

Certification

CompTIA Security+ CE

Certified Authorization Professional (CAP) – certification in progress.

Timeline

SECURITY CONTROL ASSESSOR

LOYALSOURCE GOVERNMENT SERVICES
08.2022 - Current

SECURITY CONTROL ASSESSOR

CYBERSOFT TECHNOLOGIES, LANHAM
09.2017 - 08.2019

IT HELPDESK SUPPORT

IT Pronet Technologies
01.2014 - 07.2016

Bachelor of Science - Geography (Ed).

Olabisi Onabanjo University

CompTIA A -

Baltimore City Community College

Similar Profiles

  • Rosalinda Chavez

    Rosalinda ChavezRosalinda Chavez

    Certified Nursing Assistant at Loyalsource Government ServicesCertified Nursing Assistant at Loyalsource Government Services

  • Tina Linton

    Tina LintonTina Linton

    Contract Director of Nursing at LoyalSource Government ServicesContract Director of Nursing at LoyalSource Government Services

  • Olufunke Olubodun

    Olufunke OlubodunOlufunke Olubodun

    Position held - Patient Care Technician at LoyalSource Government ServicesPosition held - Patient Care Technician at LoyalSource Government Services

  • Taiwo Osijo

    Taiwo OsijoTaiwo Osijo

    Certified Senior Pharmacy Technician at Walgreens Boots AllianceCertified Senior Pharmacy Technician at Walgreens Boots Alliance

  • Ivette Pabon

    Ivette PabonIvette Pabon

    Restaurant manager at Manna Asian cuisineRestaurant manager at Manna Asian cuisine

CREATE PROFILE
ERNEST EBAKS