Summary
Overview
Work History
Education
Skills
Websites
Certification
Timeline
Generic

Jewlius Stephens

Raleigh,NC

Summary

Multi-talented IT professional with over 8 years of experience developing and implementing security solutions in fast-paced environments. Skilled in Security and privacy Control Assessment with proven history of delivering exceptional risk management support. Self- motivated and deadline-oriented with a track record of on-time deliverables. Clear understanding of the SDLC, with outstanding experience in the RMF process. Skilled in assembling authorization package using documents like NIST 800 series, FIPS 199 and FIPS 200, Fed RAMP, OMB, FISMA and industry best standard. US citizen, and currently seeking for new opportunities.

Overview

9
9
years of professional experience
1
1
Certification

Work History

Security Control Assessor (SCA)

GCA Service Group
2020.01 - Current
  • Schedule kick off meetings with system owners to help identify assessment scope, system boundary, thee information system's category and attain any artifacts needed in conducting thee assessment.
  • Develop Security Assessment Plans (SAPs) and Conduct assessment of security control selections on various Moderate impact level systems to ensure compliance with thee NIST SP 800-53A Rev 4 Conduct security control interview meeting and Artifact gathering meeting with various stakeholders using assessment methods of interview, examination and testing.
  • Document assessment findings in thee Security Assessment Report (SAR) and recommend remediation actions for controls that failed and vulnerabilities.
  • Review A&A package items using NIST guidance for FISMA compliance such as the System FIPS 199 Categorization, e-Authentication Assessment, PTA, PIA, Contingency Plan (CP) and Contingency Plan Test (CPT) Perform vulnerability assessment of information systems to detect deficiencies and validate compliance using POA&M tracking tool.

Cyber Security Analyst (ISSO)

GCA Service Group
2018.01 - 2020.01
  • Reviewed security categorization of systems using FIPS 199 & NIST SP 800-60 Updated technical, operational and management control families and controls with guidance from NIST 800-53 Rev 4 and FIPS 200.
  • Independently put together a variety of Security Authorization deliverables including; System Security Plans, Security Assessments Reports, Risk Assessment Plans and POA&M.
  • Created and updated Authorization to Operate (ATO) packages Drafted, finalized, and submitted Privacy Threshold Assessments (PTAs), Privacy Impact Analyses (PIAs), E-Authentication Assessments, System of Record Notices (SORNs) for annual review and recertification.
  • Continuously monitored security controls effectiveness using NIST SP 800-137 for a guide.
  • I identified 165 High severity system specific Red Hat Linux vulnerabilities while performing a security assessment.

  • I POA&M all of thee findings and briefed thee CISO/AO on a mitigation efforts that would help save our organizational $65,000.00 annually.

Junior ISSO Analyst

GCA Service Group
2015.01 - 2018.01
  • Maintained, tracked and reported on third party risks to appropriate stakeholders.
  • Acted as remediation analyst to work with vendors in remediating findings discovered during onsite/virtual assessment.
  • Communicated vendor information security issues to stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks.
  • Validated evidence from vendors before remediation plans are closed.
  • Planned and executed onsite security/risk assessments for third party vendors.
  • Assessed outsourced products/services for Risks and Criticality.

Education

High School Diploma -

Pontiac High School
Pontiac, MI
06.2010

Skills

  • Microsoft office suite (Word, Excel and PowerPoint)
  • NIST Standards
  • ISO 27001/PCI DSS/HIPAA/FISMA/FIPS
  • Vendor Risk/Third Party Security Risk Management.
  • Plan of Actions and Milestones (POA&M)
  • RMF
  • Nessus/NMAP/Splunk

Certification


  • CompTIA Security+ CE
  • Certified Information Security Manager (CISM)

Timeline

Security Control Assessor (SCA)

GCA Service Group
2020.01 - Current

Cyber Security Analyst (ISSO)

GCA Service Group
2018.01 - 2020.01

Junior ISSO Analyst

GCA Service Group
2015.01 - 2018.01

High School Diploma -

Pontiac High School


  • CompTIA Security+ CE
  • Certified Information Security Manager (CISM)

Similar Profiles

  • ODELAY LOPEZ MORERA

    ODELAY LOPEZ MORERAODELAY LOPEZ MORERA

    Assistant at GCA Service GroupAssistant at GCA Service Group

    View Profile
  • Dondalee Southern

    Dondalee SouthernDondalee Southern

    Administrative Assistant at GCA Services Group an ABM CompanyAdministrative Assistant at GCA Services Group an ABM Company

    View Profile
  • Jennifer Jackson

    Jennifer JacksonJennifer Jackson

    Administrative Assistant at GCA Services Group Inc.Administrative Assistant at GCA Services Group Inc.

    View Profile
Jewlius Stephens