MANUELLA MENJENE

• responsible for preparing ,systems to obtain and maintain ATO using to update ATO documents and archive artifacts.
• responsible for decommissioning systems targeted for retirement.
• responsible for opening and closing PO&AM to address pending vulnerabilities and address upcoming expire PO&AM.
• review and approve or reject CR for system component upgrade or migration.
• Review and update contingency plan(CP),contingency plan test(CPT),configuration Management plan(CMP).
• SSP review and update for ATO readiness checklist.
• Conducted security audits to identify vulnerabilities.
• Worked with other teams to enforce security of applications and systems.
• controlled, tested and implemented and validated security policies, plans and procedures for organizational protection and responsible to deliver a successful assessment outcomes.
• Educated and trained users on information security policies and procedures.

• Performed risk analyses to identify appropriate security countermeasures.
• Conducted security audits to identify vulnerabilities.
• Recommend improvements in security systems and procedures.
• Authored security incident reports, highlighting breaches, vulnerabilities and remedial measures.
• Created cybersecurity best practice communications to educate staff against known threats and potential vectors of attack.
• Developed and maintained incident response protocols to mitigate damage and liability during security breaches.

Used Remote Desktop Management to access and perform required tasks on devices that aren’t accessible physically.

Used Lansweeper to gather information about users and devices.

Used Security Center to spot and report critical and high-Level vulnerabilities over the network.

Assigned, documents, and maintains computer login codes, passwords, and access profiles for software applications and network access.

Performed regular risk analyses to identify system and network vulnerabilities and formulate appropriate mitigation strategies.

Assisted in Incident Response (IR) and Data Loss Prevention (DLP) in the event of a breach, intrusion or theft.

Coordinated the systems audits, system certification and accreditation, and validation of access profiles.

Communicated standards for the use, operations, and security of the Franklin County Data Network.

Responded to inquiries regarding data and computer security, policies, and procedures (Security Incident and Event Management).

Coordinated, documents, and reports on internal investigations of possible security violations.

Performed Security Tools Administration role for one or more of the following: Patch Management, Antivirus Update, Network Scanning, Account Management, Web Filtering, and Intrusion Prevention System monitoring with the capability to learn additional tool sets as the security program evolves.

Provided daily security operation reports.

Managed security events during non-traditional hours.

Managed large-scale virus attacks and denial of service.

Assigned users groups and permissions according to their scope of work

Monitored controls post authorization to ensure continuous compliance with the security requirement.

• Participated in creation of device hardening techniques and protocols.
• Directed in-house cyber security auditing program to detect flaws and weaknesses in software.

Monitored systems, logs and network traffic for any anomalies, attempted unauthorized access or other intrusions while maintaining latest patches and updates.

Used Nessus to pinpoint vulnerability and reduce time-consuming tasks.

Performed vulnerability assessment report findings to reduce false positives

conducted vulnerability assessments for network, applications and operating systems

Assessed the system environment to reduce false negatives Conducted network security audits and scanning on a predetermined basis.

Performed network scans to identify critical flaws in applications and systems that cyber attackers could exploit.

Compiled and tracked vulnerabilities for metrics purposes.

Escalated and communicated any attempted unauthorized access or other intrusions to management immediate.

Proficient in using Carbon Black purposely to analyze, track, stop, allow and manage various threats (large and small scale), applications and programs.