Summary
Overview
Work History
Education
Skills
Websites
Certification
Awards
Timeline
Generic

KOJO AMISSAH

CSM, CISA, SEC+, CYSA+/MBA/IT Active Secret Clearance/Covid Vaccinated/Toano,VA

Summary

Goal-oriented Cyber Security Analyst with over 5 years of experience in Information Assurance and vulnerability testing analyst providing Federal compliance management. With an associate of Science in Information Assurance and Cyber Security. I am ready to defend your organization against large-scale Cyberattacks and ensure that data is collected, stored, and maintained securely. Experience in executing all the seven phases of RMF. Review and develop key security documents such as SSP, SAR, SAP, CP, IRP, CMP, SRTM, and POA&M as well as conducting Risk Assessment following FISMA standards and guidelines. My area of skills also includes ACAS and I'm ready to provide input on key discussions with stakeholders regarding achieving a successful Assessment of an information system to obtain Authorization to Operate (ATO).

Overview

8
8
years of professional experience
1
1
Certification

Work History

Cyber Security Analyst

KAIROS VISION CONSULT
Stanford, CT
01.2019 - Current
  • Create scans policy and scan jobs.
  • Create, unlock, and reset passwords in SC.
  • Performed credentialed and uncredentialed scans.
  • Reviewed security bulletins and vulnerability patch releases.
  • Perform remediation scans, Kill job queues, stop and import scans that last for more than 24 hours, Update our organization dashboard.
  • Update organizations plugins in other to increase the credentials scan percentage.
  • Create discovery scans, Create report attributes, Create tickets and follow up Investigate on scan jobs not completed, Recognize and escalate scanner's issues.
  • Interact with co-workers and resolve their issues over the phone, Investigate on source IPs and request the IPs to be whitelisted if need be.
  • Investigate on slow scans and emailed solutions to PITT Team.
  • Audited networks and security systems to identify vulnerabilities.
  • Managed user authentication and authorization of data access.
  • Participated in the implementation of new systems requiring ATO to provide support such as categorizing information systems and developing system and technical descriptions.
  • Performed ongoing review and updates of security documentations annually and when required due to changes to the information system such System Security Plan (SSP), Contingency Plan (CP), Incident Response Plan (IRP), Configuration Management Plan (CMP), Standard Operating Procedures (SOP), Hardware inventory, Software inventories, Ports Protocol and Service Management (PPSM), and other policies as needed.
  • Performed annual security control self-assessment to ensure controls continue to be elective and work with stakeholders to remediate failed controls due to existing open POA&Ms.
  • Reviewed and analyzed vulnerabilities on the systems and recommended weakness remediation to necessary stakeholders such as the System Administrator (SA), System Owners (SO), Information Systems Security Officer (ISSO), and Developers as needed.
  • Selected security controls for the information system based on NIST 800-53 rev4 as well as tailoring and supplementing to determine control applicability and type.
  • Provided ongoing Assessment and Authorization (A&A) support for systems undergoing continuous monitoring by managing and assessing changes to information systems in order to determine the security impact to those changes and providing necessary recommendations.

Security Control Assessor (Contractor)

KAIROS VISION CONSULT
Stanford, CT
02.2016 - 12.2018
  • Kept team members and worksites in compliance with safety standards, Performed Security Control Assessment as part of ongoing assessment using NIST SP 800-53A to assess the adequacy of management.
  • Operational privacy, and technical security controls implemented,
  • Tested security controls to make sure that the controls were implemented correctly, functioning as intended, and producing the desired outcome.
  • Conducted assessment Kick-o meetings and reviewed the Security Assessment Plan (SAP) with the stakeholders for approval prior to the actual assessment.
  • Directed vulnerability assessments on consistent basis and immediately provided countermeasures to mitigate issues.
  • Analyzed system risk to identify and implement appropriate security countermeasures.
  • Supported users with in-person and remote technical assistance.

Education

Master of Business Administration, IT Management -

Trident University International
01-2021

Bachelor of Science -

Trident University International

Associate Degree -

Community College of The Air Force

Skills

  • Tenable Nessus Professional
  • Risk Management
  • Assured Compliance Assessment Solution (ACAS)
  • EMASS and SRTM
  • Compliance/Configuration Management (STIG)
  • SCAP scan
  • AWS Identity and Access Management (AWS IAM)
  • Directory Domain Server
  • Windows US Federal Information Security Management Act (FISMA)
  • Risk Management Framework (RMF)
  • Team management
  • Critical thinking
  • Analytical problem-solving
  • Multitasking Active
  • Active Listening

Certification

  • Certified Information Systems Auditor (CISA)
  • Certified Agile Scrum Master (CSM)
  • Professional Manager Certification (PMC)
  • Air Force Senior Noncommissioned Officer Academy Certification (AFSNCOA)
  • Senior Enlisted Joint Professional Military Education (SEJPME)

Awards

  • Air Force Commendation Medal for Operational Excellence -2011,2014 and 2021
  • Air Force Meritorious Service Award – 20 years of Service and Honorable Discharge for exceeding standards of duty and personal conduct in all tours of duty

Timeline

Cyber Security Analyst

KAIROS VISION CONSULT
01.2019 - Current

Security Control Assessor (Contractor)

KAIROS VISION CONSULT
02.2016 - 12.2018

Master of Business Administration, IT Management -

Trident University International

Bachelor of Science -

Trident University International

Associate Degree -

Community College of The Air Force

Similar Profiles

CREATE PROFILE
KOJO AMISSAH