Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Amina N

Glenn Dale,Maryland

Summary

Highly skilled and experienced Senior Security Consultant with a strong background in designing, implementing, and managing comprehensive security solutions. Possessing a proven track record of success in conducting risk assessments, developing security policies and procedures, and providing expert guidance to clients. Demonstrated expertise in identifying vulnerabilities, mitigating threats, and ensuring compliance with industry standards and regulations. Adept at leading cross-functional teams and delivering projects on time and within budget. Exceptional communication and interpersonal skills, able to build rapport with clients, stakeholders, and team members.

Overview

11
11
years of professional experience
1
1
Certification

Work History

Senior Information Security Consultant

T-Rex Solutions
2022.12 - Current
  • Leading team of security consultants in conducting comprehensive security assessments for clients across various industries, including financial services, healthcare, and technology.
  • Developing and implemented customized security strategies, policies, and procedures based on industry standards and client-specific requirements.
  • Performing vulnerability assessments and penetration tests to identify weaknesses in clients' networks, systems, and applications, resulting in implementation of effective security controls.
  • Collaborating with clients' IT and security teams to establish incident response plans, conduct tabletop exercises, and enhance their overall security posture.
  • Providing expert guidance to clients on security best practices, regulatory compliance, and risk management, helping them achieve, maintain, and increase compliance with industry standards and regulations.
  • Establishing security awareness training sessions to educate clients' employees on security threats, social engineering, and safe computing practices.
  • Acting as trusted advisor to clients, building strong relationships and delivering high-quality security services that exceeded their expectations.
  • Managed time efficiently in order to complete all tasks within deadlines.
  • Identified issues, analyzed information and provided solutions to problems.
  • Used critical thinking to break down problems, evaluate solutions and make decisions.

Senior Cybersecurity Consultant

ECs Federal
2021.12 - 2022.12
  • Conducted security assessments for clients, including vulnerability assessments, penetration testing, and security architecture reviews.
  • Collaborated with clients' IT teams to design and implement effective security controls, such as firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) solutions.
  • Assisted clients in developing and maintaining security policies, procedures, and standards aligned with industry best practices with relevant regulations such as NIST 800, HIPAA, and PCI-DSS.
  • Responsible for running phishing campaigns for entire agency monthly and report results.
  • Conducted security awareness training sessions for clients' employees, raising awareness about common security threats and promoting secure behavior.
  • Provided incident response support to clients during security incidents, helping them minimize impact and recover quickly.
  • Actively participated in industry conferences, workshops, and forums to stay updated on latest security trends, technologies, and regulatory changes.
  • Conducted Waiver or Acceptance of Risk (AOR) reviews prior to CISOs approval.
  • Passionate about learning and committed to continual improvement.
  • Cultivated interpersonal skills by building positive relationships with others.
  • Proven ability to learn quickly and adapt to new situations.
  • Excellent communication skills, both verbal and written.

Information System Security Officer -ISSO

T-REX Solutions
2019.05 - 2021.12
  • Developed and enforced information security policies and procedures in accordance with industry best practices and regulatory requirements.
  • Conducted regular security assessments and audits to identify vulnerabilities and recommend appropriate mitigation strategies.
  • Collaborated with cross-functional teams to implement security controls and ensure compliance with applicable security standards.
  • Managed organization's security incident response program, including monitoring, investigation, and resolution of security incidents.
  • Provided guidance and training to employees on security awareness, policies, and procedures.
  • Developed core documents such as System Security Plans (SSP), Standard Operating Procedures (SOP), Plan of Actions and Milestones (POA&MS) etc.
  • Stayed up-to-date with latest security trends, vulnerabilities, and technologies, and provide recommendations for continuous improvement.
  • Managed and maintain security systems such as firewalls, intrusion detection systems, and antivirus software.
  • Liaised with external auditors and regulatory bodies to ensure compliance with relevant security standards.
  • Monitor and Maintain client-specific Plan of Action and Milestones and support remediation activities pertaining to Field Review Systems.
  • Facilitate Disaster Recovery Testing for Smart Compliance Solutions Field system users using NIST SP 800-34.
  • Skilled at working independently and collaboratively in team environment.
  • Proven ability to learn quickly and adapt to new situations.
  • Paid attention to detail while completing assignments.
  • Participated in team projects, demonstrating ability to work collaboratively and effectively.

Information Security Analyst

Marathon TS
2018.01 - 2019.05
  • Implemented security measures to reduce threats and damage related to cyber-attacks.
  • Served as Team Lead and managed multiple projects to meet project milestones, schedules, and scope using best practices; analyze and interpreted security requirements and developed technical implementation guidance.
  • Performed Assessment and Authorization (A&A) for moderate and high Systems compliant with FISMA/NIST Standards.
  • Led vulnerability management activities to identify, analyze and prioritize vulnerabilities, assess risk, and report remediation activities and ensure adequacy of existing information security controls.
  • Reviewed and conducted audits to ensure information systems-maintained compliance baseline. Review system-level documentation to ensure system security requirements, incorporating Risk Management Framework.
  • Participated in development and/or review of SSP. Supervised and coordinated with appropriate personnel to run vulnerability scans on regular basis and ensure timely remediation actions.
  • Facilitated requirement gathering sessions, document and validate requirements with stakeholders as relate to current environments and future trends.
  • Reviewed, analyzed, and researched scan findings and coordinated remediation efforts in timely fashion to reduce overall vulnerability percentage in system.
  • Performed IT risk assessment and document system security keys controls.
  • Reviewed and updated system documentation such as SSP, ST&E, Risk Assessment (RA), Privacy Impact Assessment (PIA), and POA&Ms as needed.
  • Skilled at working independently and collaboratively in team environment.

Risk and Compliance Analyst

Kelly And Associates
2015.01 - 2018.01
  • Reviewed contracts and agreements to identify potential risks and ideal mitigation strategies.
  • Developed short-term goals and long-term strategic plans to improve risk control and mitigation.
  • Supported the performance of Security A&A for all systems within the IHS. Interphase with system stakeholders by testing controls and determining how well controls are being implemented across the agency.
  • Developed and prepared ATO documentation and artifacts such as SAP, SSP, POA&MS and SAR. Facilitate timely identification, communication, and recommended resolutions of security risks within assigned systems.
  • Developed and maintained SA&A documentations, including System Security Plans, Contingency Plans, Risk Assessment Reports and evaluated existing documents and their accuracy.
  • Performed Contingency Plan Test and Training to ensure systems' recoverability in case of incident.
  • Conducted Tabletop Disaster Recovery Testing with appropriate stakeholders by developing scenarios and developing Lessons learnt for organizations leveraging NIST 800-34.
  • Prepared documentation and records for upcoming audits and inspections.
  • Documented noncompliance activities and communicated with design-builder on remediation.

Junior IT Security Analyst

IMPAQ International
2012.11 - 2015.01
  • Responsible for answering Data Calls and supported ISSOs in remediating identified vulnerabilities.
  • Categorized new systems using FIPS 199 and NIST 800-60 SP.
  • Created and updated Security Assessment and Authorization (SA&A) artifacts, Risk assessments reports, Threshold Analysis (PTA), Privacy Impact Analysis (PIA), E-Authentication, Contingency Plan and POAMs.
  • Conducted IT controls risk assessments including reviewing organizational policies, standards and procedures and providing advice on their adequacy, accuracy, and compliance with NIST standards.
  • Self-motivated, with strong sense of personal responsibility.
  • Worked well in team setting, providing support and guidance.
  • Proven ability to learn quickly and adapt to new situations.
  • Identified issues, analyzed information and provided solutions to problems.
  • Developed and maintained courteous and effective working relationships.

Education

Bachelor of Science - Cybersecurity

University of Maryland Global Campus
College Park, MD
05.2015

Skills

  • Scanning Tools: Nessus, HP Fortify, App Detective, Burp Suite etc.
  • GRC Tools: CSAM, RSA Archer and RSAM
  • Data integrity Tools: Tripwire, Big Fix Web Reporting
  • MS Office: Word, Excel, PowerPoint, Access, Outlook, and MS Project

Certification

  • CISA - Certified Information Systems Auditor
  • CISM - Certified Information Security Manager
  • CompTIA Security Plus
  • CEH - Certified Ethical Hacking

Timeline

Senior Information Security Consultant

T-Rex Solutions
2022.12 - Current

Senior Cybersecurity Consultant

ECs Federal
2021.12 - 2022.12

Information System Security Officer -ISSO

T-REX Solutions
2019.05 - 2021.12

Information Security Analyst

Marathon TS
2018.01 - 2019.05

Risk and Compliance Analyst

Kelly And Associates
2015.01 - 2018.01

Junior IT Security Analyst

IMPAQ International
2012.11 - 2015.01

Bachelor of Science - Cybersecurity

University of Maryland Global Campus
  • CISA - Certified Information Systems Auditor
  • CISM - Certified Information Security Manager
  • CompTIA Security Plus
  • CEH - Certified Ethical Hacking

Similar Profiles

  • Lukwesa Morin

    Lukwesa MorinLukwesa Morin

    Contract Project Manager, Department of Defense at T-Rex SolutionsContract Project Manager, Department of Defense at T-Rex Solutions

    View Profile
  • Monica Ledet

    Monica LedetMonica Ledet

    Technical Project Manager at Consultant/ T-Rex SolutionsTechnical Project Manager at Consultant/ T-Rex Solutions

    View Profile
  • Amutra Levine

    Amutra LevineAmutra Levine

    Project Manager III at T-Rex Solutions LLCProject Manager III at T-Rex Solutions LLC

    View Profile
Amina N