Michael Ogolo

- Designed, documented, and implemented a global enterprise Security Program, Security Framework (based on CIS), and formal Security Processes and Procedures.

- Assisted with the evaluation, implementation, and utilization of Vulnerability Management, SIEM, SOAR, Incident Response, IDS/IPS, and Endpoint Security Tools.

- Led the research and implementation of Azure Cloud Security Solutions.

- Collaborated with Information Technology, Network Engineering, Operations, and Executive Management regarding the implementation and execution of Security Program and Strategy, Security Initiatives, and Security policies, procedures, and best practices.

- Streamlined communication channels between IT staff members during critical incidents by developing clear escalation paths based on severity level classification.

- Managed vulnerabilities utilizing Nessus Vulnerability Scanners to identify potential risks across single and multiple assets within the enterprise network.

- Revised and examined A&A Packages to encompass Core Documents, Policies & Procedures, Operations, Maintenance Artifacts, SSP, SAR, FIPS 200, FIPS 199, POA&M, CPTPR, BIA, PTA, PIA, and additional components.

- Developed comprehensive System Security Plans (SSPs) in accordance with NIST Special Publication 800-53.

- Conducted security assessments to evaluate the effectiveness of implemented security controls.

- Educated and trained users on information security policies and procedures.

- Developed and implemented IT security policies, ensuring compliance with industry standards and best practices.

- Performed risk analyses to identify appropriate security countermeasures.

- Supported all Assessment and Authorization (A&A) phases and processes.

- Implemented and managed Endpoint Detection and Response (EDR) solutions like McAfee, ensuring proactive threat detection and rapid incident response.

- Utilized XQL for database manipulation and employed Python scripts to correlate and standardize data.

- Designed company-wide policies to bring operations in line with Center for Internet Security (CIS) standards.

- Drafted security reports and metrics to track security performance and strategize improvements.

- Enhanced network security by implementing advanced threat detection and prevention systems.

- Authored security incident reports, highlighting breaches, vulnerabilities, and remedial measures.

- Provided cybersecurity expertise during internal and external audits, offering valuable insights and guidance.

- Conducted regular vulnerability assessments to reduce the risk of cyber-attacks.

- Supported in technical writing to simplify complex technical terms for clients.

- Developed Python scripts for gathering and correlating data.