Summary
Overview
Work History
Education
Skills
Accomplishments
Timeline
Generic
Leslee Nji

Leslee Nji

Security Analyst | Security+ Certified |
Abilene,United

Summary

  • I am a passionate Cybersecurity Architect and Network Engineer, experienced in "architecting", planning, implementing, optimizing, and troubleshooting cybersecurity solutions for enterprise deployment, patch management, and overall device management.


  • I have 6 years of experience as a Cybersecurity Project Technical Lead and have managed security projects from full implementations to migrations, Through the years I have gained proven experience in developing and testing security framework for cloud-based software, building projects and managing them through the entire project life cycle. This includes managing multi-phase/multi-dimensional/multi- resource projects to a conclusion while maintaining high customer satisfaction.

Overview

8
8
years of professional experience
4
4
years of post-secondary education

Work History

Security Control Assessor

SCA, Bae Systems
Dallas, Texas
03.2020 - Current
  • Schedule kick off meetings with system owners to help identify assessment scope, system boundary, prepare a plan of action and milestones based on the findings and recommendations of a security assessment report excluding any remediation actions taken
  • Develop/Review deliverables associated with a FedRAMP security authorization package including, but not limited to: System Security Plan, Information System Contingency Plan, Security
  • Assessment Plan, Security Assessment Report
  • Supports Security Control Assessments using NIST 800-53A
  • Rev4 as guidance for current federal directives and policies
  • Performs System Security Categorizations using FIPS 199 and the NIST 800-60 Vol.11 Rev1 guidelines and templates to select provisional impact level assigned to the Confidentiality, Integrity and
  • Availability (CIA) based on the information type
  • Analyzes and updates System Security Plan (SSP), Risk Assessment (RA), Privacy Impact
  • Assessment (PIA), System Security test and Evaluation (ST&E)
  • Develops and track Plan of Actions and Milestones (POA&Ms) to ensure remediation closure
  • Maintains and manages Security Authorization and Assessment packages that include System
  • Security Plans (SSP), Contingency Plans (CP), POA&Ms, SAR, and other relevant security documentations for the system
  • Perform security risk assessment and analysis of resources, controls, vulnerabilities, asset decommissioning, and information security threats to the organization’s objective
  • Participates in the System Assessment and Authorization process by working with the key stakeholders to ensure complete and accurate ATO packages
  • Validated system requirements, security policies and procedures, contingency plans, incident response plans, personnel security, access control mechanisms and identification and authentication mechanisms
  • Perform assessments on FedRAMP based on customer responsibility documentation and controls provided by the Cloud provider to assess
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments
  • Governs the internal FedRAMP control activities to ensure management, technical, and operational controls are being executed without exception.

Information System Security Officer

Luna Solutions
Midwest City, OK
01.2018 - 02.2020
  • Implemented Risk Management Framework (RMF) in accordance with NIST SP 800-37
  • Reviewed security categorization of systems using FIPS 199 & NIST SP 800-60 Updated technical, operational and management control families and controls with guidance from NIST 800-53 Rev 4 and
  • FIPS 200
  • Reviewed and updated System Security Plan implementation statements of respective applicable control to assigned systems as need arises using NIST 800-18
  • Independently put together a variety of Security Authorization deliverables including System
  • Security Plans, Security Assessments Reports, Risk Assessment Plans and POA&M
  • Created and updated Authorization to Operate (ATO) packages Drafted, finalized, and submitted
  • Privacy Threshold Assessments (PTAs), Privacy Impact Analyses (PIAs), E-Authentication Assessments
  • System of Record Notices (SORNs) for annual review and recertification
  • Continuously monitored security controls effectiveness using NIST SP 800-137 as a guide
  • Created plans and communicated deadlines to ensure that projects were completed on time
  • Identify, review, prioritize vulnerabilities and remediation efforts
  • Experienced in performing Ongoing Security Authorizations aligned to NIST SP 800-53 and137
  • Reported and maintained security architecture, policies, and compliance, identified and documented security vulnerabilities, system status; maintained records of incidents, hardware/software, etc
  • Review for accuracy Security Control Assessment (SCA) documentation, including but not limited to the Security Assessment Report (SAR)
  • Conduct risk assessments, develop POA&Ms, facilitating and coordinating with information owners and custodians
  • Ensured POA&M mitigations and timelines were adhered to and documented any changes that occurred
  • Reviewed status of Information Systems for modifications and assessed the impact to current system accreditation
  • Reviewing Privacy Impact Assessment (PIA) documents after a positive PTA is created and ensuring that PII findings are recorded in the System of Record Notice (SORN)
  • Generating, reviewing, and updating System Security Plans (SSP) against NIST 800-18 and NIST53 requirements
  • Performing ongoing continuous monitoring (ISCM) using NIST 800-137 Rev 1 as a guide
  • Ensured appropriate changes and improvement actions are implemented as required
  • Maintained current knowledge of authenticator management for unclassified systems-NIST 171
  • Ensured compliance with protection requirements, control procedures, incident management reporting, remote access requirements, and system management for all systems under scope.

IT Compliance Specialist

Centene Consulting
Dallas, Texas
12.2015 - 12.2017
  • Maintained customer satisfaction with forward-thinking strategies focused on addressing customer or client needs and resolving concerns
  • Provided primary customer support to internal and external clients
  • Offered advice and assistance to clients, paying attention to special needs or wants
  • Assisted in the development, maintenance, and implementation of IT Risk Management
  • Framework
  • Ensured established internal control procedures are complying by examining reports, records documentation, and operating practices
  • Ensured security awareness and training materials were reviewed and updated periodically
  • Analyzed Nessus scans to identify vulnerabilities and documented weaknesses
  • Evaluated and managed system vulnerabilities
  • Reviewed, monitored, and responded to escalated system security alerts
  • Performed Vendor risk assessments to identify emerging key risks and reassess current risks
  • Assessed completed questionnaire and supporting documentation to validate vendor appropriate implementation of information security controls
  • Communicated vendor information security issues to stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks
  • Validated evidence from vendors before remediation plans are closed
  • Planned and executed onsite security/risk assessments for third party vendors
  • Ensured all risk controls were documented in a Vendor Risk Scorecard in accordance with Third
  • Party Risk Management (TPRM) Policy and the Risk Assessment Matrix
  • Assessed outsourced products/services for Risks and Criticality.

Education

Master of Science - MS - Information Technology

Altınbaş niversitesi
09.2018 - 05.2020

Bachelor of Science - Computer Science

University of Buea
10.2012 - 05.2015

Skills

Analysis skill

undefined

Accomplishments

  • CompTIA Cybersecurity Analyst (CySA+)

Timeline

Security Control Assessor

SCA, Bae Systems
03.2020 - Current

Master of Science - MS - Information Technology

Altınbaş niversitesi
09.2018 - 05.2020

Information System Security Officer

Luna Solutions
01.2018 - 02.2020

IT Compliance Specialist

Centene Consulting
12.2015 - 12.2017

Bachelor of Science - Computer Science

University of Buea
10.2012 - 05.2015

Similar Profiles

  • Nathan Gott

    Nathan GottNathan Gott

    Material Planner Senior at BAE Systems - Space and Mission SystemsMaterial Planner Senior at BAE Systems - Space and Mission Systems

  • Shayla Byrd

    Shayla ByrdShayla Byrd

    Training Specialist Sr. Chemical Department at BAE Systems Ordnance SystemsTraining Specialist Sr. Chemical Department at BAE Systems Ordnance Systems

  • Steven Galioto

    Steven GaliotoSteven Galioto

    Contract Administrator Principal at Bae Systems Space and Mission Systems Inc.Contract Administrator Principal at Bae Systems Space and Mission Systems Inc.

  • Dola Folowosele

    Dola FolowoseleDola Folowosele

    Infusion Oncology Pharmacist at Hendrick Cancer Center/Infusion PharmacyInfusion Oncology Pharmacist at Hendrick Cancer Center/Infusion Pharmacy

  • Monetta Ussery

    Monetta UsseryMonetta Ussery

    Multi-Modality Technologist at Hendrick Health SystemMulti-Modality Technologist at Hendrick Health System

CREATE PROFILE
Leslee NjiSecurity Analyst | Security+ Certified |