Francis Emelike
Houston,TX
Summary
Cybersecurity Engineer with 8+ years experienced with data analysis, statistical modeling, and business intelligence tools. Utilizes analytical skills to identify trends and provide actionable insights that support business decisions. Knowledge of data visualization techniques and effective communication ensures clear presentation of complex information to stakeholders. Expert in assessing and implementing NIST 800-53, FIPS 140-2, and FedRAMP frameworks to protect cloud-native and hybrid infrastructures across healthcare, and financial industries. Proficient in reviewing SSPs, SARs, and POA&Ms while advising stakeholders on risk posture across AWS, Azure, and GCP environments. Strong ability to identify weaknesses in IAM, encryption, DNS, and network segmentation.
Overview
8
8
years of professional experience
1
1
Certification
Work History
IAM, Data Protection & Security Monitoring Analyst
Humana
09.2023 - Current
- Established IAM drift detection and privilege misuse alerts mapped to NIST 800-53 (AU-6, AU-12); reduced identity-related incidents by 20%.
- Designed automated Joiner-Mover-Leaver workflows with Entra ID and Microsoft 365—enforced least privilege and HIPAA/SOC 2 compliance.
- Resolved 100+ SoD violations and achieved 100% access review compliance across three audits.
- Created dashboards to track IAM effectiveness, dormant accounts, and policy exceptions for FedRAMP reporting.
- Authored SOPs and policy templates that enhanced access governance and audit transparency.
- Developed comprehensive reports to support strategic decision-making for senior management.
- Collaborated with legal, security operations, and engineering teams to define insider threat detection and response playbooks—monitored anomalous access, lateral movement, and third-party activity.
- Analyzed data trends to identify operational efficiencies and recommend process improvements.
Cloud Security & Vulnerability Management Analyst
Entergy
09.2022 - 08.2023
- Remediated IAM drift, misconfigurations, and exposed APIs in AWS; reduced cloud security incidents by 30%.
- Reviewed cloud architectures to identify FedRAMP-relevant control gaps in identity and network governance.
- Built Splunk detections for EC2, Lambda, and containers—aligned alerting to FedRAMP and FISMA standards.
- Maintained audit-ready evidence for HIPAA, SOC 2, and ISO 27001 reviews with zero repeat findings.
- Authored SOPs and remediation playbooks to enhance awareness of cloud-native security controls.
- Analyzed operational efficiency to identify process improvement opportunities across various departments
Risk Analyst – Governance, Risk & Healthcare IT Security
Kaiser Permanente
01.2021 - 09.2022
- Enhanced GRC reporting by aligning IAM and audit logging controls with RMF and FedRAMP metrics, strengthening enterprise-level KPIs and continuous monitoring capabilities.
- Standardized vendor risk processes in RSA Archer, cutting audit prep time by 30%.
- Collaborated with Legal and Privacy teams to integrate control requirements into vendor contracts.
- Produced playbooks and SOPs that improved audit evidence collection and control maturity.
- Led third-party risk assessments for AWS-hosted EHR and finance vendors, aligning findings with HIPAA and NIST 800-53 frameworks.
- Implemented Splunk-based IAM monitoring and reduced access-related incidents by 30%.
- Developed risk assessment reports to support strategic decision-making processes.
Cybersecurity Risk & Threat Intelligence Analyst
Wells Fargo
06.2017 - 12.2020
- Conducted risk assessments for AWS-hosted services, mapping control gaps to NIST 800-53 and FedRAMP frameworks.
- Integrated GuardDuty, CloudTrail, and IAM data into Splunk dashboards—improved audit visibility and reduced critical violations by 42% YoY.
- Partnered with compliance and security teams to verify encryption standards, MFA enforcement, and IAM configurations across cloud environments.
- Deployed passwordless authentication via Okta and AWS IAM Identity Center, aligning with NIST 800-63-3 and Zero Trust principles.
- Implemented OPA policy-as-code controls in Terraform pipelines, enforcing security baselines pre-deployment.
- Authored control implementation guides and templates that accelerated FedRAMP compliance adoption.
- Mentored engineers on secure cloud configurations and audit documentation best practices.
- Analyzed complex datasets to identify trends and inform strategic decision-making.
- Conducted thorough intelligence gathering for early identification of potential threats, contributing to organization's proactive security posture.
Education
Master of Science - Economics And Business Administration
University of Vaasa
Vaasa, Finland08.2009
Bachelor of Science - Management Information Systems
University of Buea
Buea, Cameroon06.2005
Skills
- Cloud Platforms: AWS, Azure, GCP (EC2, IAM, Security Hub, Defender, Sentinel)
- GRC Tools: RSA Archer, ServiceNow GRC, ZenGRC, MetricStream, AuditBoard
- Security Tools: Splunk, Tenable Nessus, Qualys, Rapid7, CrowdStrike, Symantec DLP, McAfee ePO
- IAM: Azure AD, Okta, SailPoint, Ping, RBAC, MFA, SoD, JML automation
- Frameworks: NIST 800-53, ISO 27001, HIPAA, PCI-DSS, SOX 404, GDPR, COBIT 5, CIS Benchmarks, OWASP Top 10
- DevOps: Terraform, Jenkins, GitHub, CI/CD pipelines, Secure Code Review
- Monitoring & Reporting: Splunk, Sentinel, Power BI, Tableau, JIRA, Confluence
- Vulnerability & Patch Management: Qualys VMDR, WSUS, SCCM, PatchMyPC
- Productivity: Microsoft 365, Google Workspace, SharePoint
- Microsoft office
- Risk analysis
- Analytical thinking
Certification
- CISA (ISACA)
- CompTIA Security+, CySA+, CASP+
- AWS Certified Solutions Architect – Associate
- Microsoft Certified: Azure Security Engineer Associate
- ITIL v4 Foundation
- Microsoft Identity and Access Administrator
- Azure Administrator
- SAFe 6.0
Timeline
IAM, Data Protection & Security Monitoring Analyst
Humana
09.2023 - Current
Cloud Security & Vulnerability Management Analyst
Entergy
09.2022 - 08.2023
Risk Analyst – Governance, Risk & Healthcare IT Security
Kaiser Permanente
01.2021 - 09.2022
Cybersecurity Risk & Threat Intelligence Analyst
Wells Fargo
06.2017 - 12.2020
Master of Science - Economics And Business Administration
University of Vaasa
Bachelor of Science - Management Information Systems
University of Buea