LAUME OSEI BONSU
Orlando,FL
Summary
Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework for cloud-based software. Versed in robust network defense strategies.
Overview
10
10
years of professional experience
1
1
Certification
Work History
Cybersecurity Analyst
Crest Consulting Group
05.2021 - Current
- Employed NIST 800-60 and FIPS 199 to categorize information and information systems to determine potential adverse impact for each security objective (CIA) associated with particular information type and assign system security controls.
- Created, maintained, and updated security authorization package documents (such as SSP, SAR, & POA&M) as well as related artifacts to ensure they were in compliance with security standards, guidelines, and procedures.
- Prepared and reviewed documentation to include System Security Plans (SSPs), Risk Assessment Reports, A&A packages, and Security Controls Traceability Matrix (SCTM).
- Maintained operational security posture to ensure information systems (IS) security policies, standards, and procedures are established and followed.
- Implemented and managed cyber security systems designed to effectively recognize, report, track and resolve problems.
- Organized client interviews of key stakeholders to determine security posture of information system and to assist in completion of security assessment plan or ATO process using NIST SP 800-53A Rev 4, FISMA, etc.
- Primarily responsible for researching and evaluating relevant information security policies, guidance, and best practices, including NIST, FISMA, and OMB circulars for applicability to IT systems security.
- Reviews key vendor provided documentation such as SSAE 18 Type II report
- Perform IT general controls testing for SOX 404 compliance and SOC reports/SSAE 18 (formerly SAS 70/SSAE 16)
- Perform ERP systems audit, SAP, SOX testing utilizing COBIT and COSO framework.
- Conducted security audits to identify vulnerabilities.
- Performed risk analyses to identify appropriate security countermeasures.
Cloud Security Analyst
Crest Consulting Group
11.2019 - 04.2021
- Work with project team on implementing defined policies within AWS (IAM) solutions cloud infrastructure
- Participate in development of roadmaps and participate in standards process for AWS (IAM) solutions
- Maintain and Execute AWS Cloud Information security strategy to proactively identify risk and drive remediation
- Create cross functional privacy program around NIST Privacy framework
- Develops and maintains organization’s relevant associated compliance policies and procedures
- Develops, maintains and executes security and risk assessments
- Document and maintain System Security Plan (SSP)
- Identifying and evaluating risks during review and analysis of system development life cycle (SDLC), which includes design, testing /QA and implementation of systems and upgrades
- Performed risk analyses to identify appropriate security countermeasures.
Information Security Analyst/Auditor
FedEx
09.2018 - 11.2019
- Develop, review, and update Security Assessment Plan documentation using Federal Certification and Accreditation (C&A) processes
- Communicate and enforce security policies, procedures, and safeguards for all systems and staff, based upon NIST
- Perform HIPAA audits and other related IT reviews (NIST, PCI DSS) as prescribed in annual plan
- Assisted project teams in implementation of security measures to meet corporate security policies and external regulations (HIPAA, NIST)
- Analyze and update Risk Assessment (RA), Privacy Impact Assessment (PIA), System Security Plan (SSP), System Security Test and Evaluation (ST&E) and Plan of actions and Milestones (POA&M)
- Analyze and advise on risk and remediation of security issues based on reports from vulnerability assessment scanners, patch management tools, and emerging threat information
Operations Manager
Friendship Travel Agency
04.2013 - 09.2018
- Maintaining positive relationships with vendors of direct travel, such as car rentals, hotels, and airlines
- Negotiating preferred rates with vendors of direct travel
- Planning travel accommodations, booking flights, hotels, car rentals, and coordinating activities
- Managing and processing all travel-related documentation, including payments, itineraries, visas, medical, and legal forms
- Assisting with any travel-related issues that may arise
- Researching travel deals and evaluating prices and services
- Arranging travel accommodations for business visitors
- Creating, optimizing, and monitoring corporate travel policies
- Preparing travel budget reports
- Analyzing and preparing reports on travel spend
- Developed systems and procedures to improve operational quality and team efficiency
- Trained and guided team members to maintain high productivity and performance metrics
- Devised processes to boost long-term business success and increase profit levels
- Implemented process improvement to shape organizational culture, optimize procedures for higher efficiency and help company evolve and grow
- Supervised operations staff and kept employees compliant with company policies and procedures
- Negotiated contracts with vendors and suppliers to obtain best pricing and terms
- Led hiring, onboarding and training of new hires to fulfill business requirements
- Supervised operations staff and kept employees compliant with company policies and procedures.
Education
High School Diploma -
West Side High School
05.2009
Skills
- Compliance Assessment
- Incident Response
- Cloud Security Infrastructures
- Developing Security Plans
- Vulnerability Management
- Multi-Factor Authentication
- Disaster Recovery Planning
- Access Controls
- Log Monitoring and Management
- Risk Analysis
- Architecture governance
- Cybersecurity best practices
- Audit
- Security Assessment
Certification
CompTIA Security+
Timeline
Cybersecurity Analyst
Crest Consulting Group
05.2021 - Current
Cloud Security Analyst
Crest Consulting Group
11.2019 - 04.2021
Information Security Analyst/Auditor
FedEx
09.2018 - 11.2019
Operations Manager
Friendship Travel Agency
04.2013 - 09.2018
High School Diploma -
West Side High School
Similar Profiles
Patrick ConnollyPatrick Connolly
Creative Consultant at Crest Mount ConsultingCreative Consultant at Crest Mount Consulting
VRUSHALI PATILVRUSHALI PATIL
IT Purchase Manager at Crest IT ConsultingIT Purchase Manager at Crest IT Consulting
Azian Abd HalimAzian Abd Halim
Senior Building Executive at Crest Consulting ServicesSenior Building Executive at Crest Consulting Services
Kenisha HusbandsKenisha Husbands
Greeter at Launch Entertainment ParkGreeter at Launch Entertainment Park
Andrew LaskowskyAndrew Laskowsky
General Manager / Executive Manager at Feddon Automotive Group – Valley Chevrolet, GMC, CDJR, MitsubishiGeneral Manager / Executive Manager at Feddon Automotive Group – Valley Chevrolet, GMC, CDJR, Mitsubishi