Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Mariama Sesay

Aubrey,TX

Summary

Detail-oriented Compliance Analyst with 3+ years of experience in governance, risk, and compliance (GRC). Skilled in conducting security control assessments, internal/external audits, and vulnerability management. Expertise in frameworks including FedRAMP, NIST 800-53, CMMC, ISO 27001, and HIPAA. Strong technical knowledge of Windows, Linux, cloud security, and IAM solutions (SailPoint, Saviynt, CyberArk). Adept at remediation tracking, policy development, and automation of compliance reporting. Passionate about enhancing security governance and streamlining compliance processes in fast-paced environments.

Overview

5
5
years of professional experience
1
1
Certification

Work History

Vulnerability Management

Globe Brown Inc.
03.2024 - Current
  • Conducting internal audits and risk assessments aligned with FedRAMP, NIST 800-53, and CMMC to ensure compliance.
  • Performing security control evaluations and collecting evidence for compliance assessments and external audits.
  • Automating vulnerability tracking using Python and Power BI dashboards, improving remediation time by 25%.
  • Collaborating with cross-functional teams to prioritize and remediate high-risk vulnerabilities across cloud and on-premises environments.
  • Monitoring CVE databases to ensure proactive mitigation of security threats, and adherence to compliance frameworks.

Security Engineer

IT&T Service
03.2022 - 04.2024
  • Performed security audits and control assessments to ensure compliance with FedRAMP, CMMC, and ISO 27001.
  • Investigated phishing emails, domains, and IPs using VirusTotal, URLVoid, and Splunk, improving threat detection.
  • Enhanced compliance by implementing KnowBe4 security awareness training, reducing incidents by 30%.
  • Assisted in incident response following NIST 800-61 guidelines, reducing system downtime by 25%.
  • Developed security policies and compliance documentation to support audit readiness and improve governance processes.

Security Analyst

Morgan Franklin Consulting (JPMC, Apple Bank, Lazard)
05.2022 - 02.2024
  • Led compliance assessments for FedRAMP, SOC 2, and ISO 27001, ensuring that security controls met regulatory requirements.
  • Conducted vendor risk assessments, tracking third-party compliance with NIST, GDPR, and HIPAA standards.
  • Developed system security plans (SSPs), risk assessments (SARs), and POA&Ms, enhancing compliance readiness.
  • Automated compliance reporting in Power BI and Excel reduces audit preparation time by 30%.
  • Coordinated access reviews and IAM audits using Saviynt and SailPoint, reducing unauthorized access incidents.
  • Managed incident response procedures, and assisted in policy development to align with security frameworks.

Junior Risk & Compliance Analyst

HCFS / Centauri Health Solutions
Plano, USA
11.2019 - 01.2022
  • Conducted security control assessments for 30+ federal systems, applications, and cloud environments under FedRAMP and NIST 800-53.
  • Developed and maintained compliance documentation, including SSPs, SARs, SAWs, and POA&Ms, improving audit efficiency by 30%.
  • Assisted in vendor risk management and internal compliance audits, mitigating risks associated with third-party vendors.
  • Performed system categorization using FIPS 199, strengthening risk management practices.
  • Tracked and reported POA&Ms and audit findings to ensure remediation and compliance with regulatory requirements.

Education

BS - Information Technology

Western Governors University
05.2026

Skills

  • Compliance & Security Frameworks: NIST (800-53 & 800-171), FedRAMP, ISO 27001, PCI-DSS, HIPAA, GDPR, SOC 2,
  • Vulnerability and Risk Management: Qualys, Nessus, Nexpose, and POA&M tracking, CVSS scores,
  • Identity & Access Management (IAM): SailPoint, Saviynt, CyberArk, SAML, OAuth, SSO
  • Cloud and Network Security: AWS Security, Palo Alto, VPN, Firewalls, Endpoint Security
  • Security Compliance & Auditing: Control Assessments, Policy Development, Audit Readiness, Vendor Risk Assessment
  • Tools and Reporting: ServiceNow, Jira, Power BI, Excel (advanced), Splunk

Certification

  • CompTIA Security+
  • Certified Scrum Master (CSM) – Agile Methodology
  • AWS Certified Cloud Practitioner (In Progress)

Timeline

Vulnerability Management

Globe Brown Inc.
03.2024 - Current

Security Analyst

Morgan Franklin Consulting (JPMC, Apple Bank, Lazard)
05.2022 - 02.2024

Security Engineer

IT&T Service
03.2022 - 04.2024

Junior Risk & Compliance Analyst

HCFS / Centauri Health Solutions
11.2019 - 01.2022

BS - Information Technology

Western Governors University

Similar Profiles

CREATE PROFILE
Mariama Sesay