Summary
Overview
Work History
Education
Skills
Websites
Certification
Accomplishments
Career Overview
Awards
Languages
Timeline
Generic

Nehawa Ngundam Abam

Aurora,CO

Summary

A results-driven Cybersecurity Specialist with a strategic mindset, I bring a robust background in risk assessment, security initiative implementation, and audits, along with expertise in safeguarding corporate assets and disaster recovery planning.
Proficient in conducting meticulous security audits, evaluating vulnerabilities, and offering comprehensive network design and security frameworks.
My experience also encompasses a strong focus on PCI security compliance, ensuring adherence to industry standards.

Overview

14
14
years of professional experience
1
1
Certification

Work History

Independent GRC/IT Security Contractor

Jena Destinations LLC
09.2023 - Current
  • Offered strategic advice on matters pertaining to corporate governance principles aimed at fostering transparency within stakeholder engagements.
  • Played an instrumental role in helping organizations establish robust governance structures that facilitated decision-making processes while minimizing risks associated with non-compliance instances.
  • Conducted thorough audits and identified areas for improvement, leading to enhanced internal controls and risk management practices.
  • Enhanced GRC program effectiveness by conducting comprehensive risk assessments and recommending mitigation strategies.
  • Assisted in developing policies and procedures that aligned with organizational objectives while adhering to regulatory requirements.
  • Championed culture of continuous learning through regular training sessions, workshops, and knowledge-sharing initiatives aimed at enhancing staff competencies within GRC domain.
  • Established strong relationships with stakeholders to support successful execution of GRC initiatives.
  • Developed tailored GRC solutions for client organizations, resulting in increased security and reduced exposure to risks.
  • Streamlined compliance processes for improved efficiency through continuous monitoring and evaluation of controls.
  • Managed project timelines effectively, ensuring all scheduled deliverables were completed accurately and within stipulated timeframes.
  • Facilitated cross-functional collaboration for the development and implementation of comprehensive GRC programs.
  • Successfully executed business continuity plans during crisis scenarios thereby safeguarding ongoing operations from disruption.
  • Conducted gap analysis exercises for clients, identifying areas requiring attention in order to achieve complete adherence to requisite standards.
  • Delivered detailed reports on audit findings, providing actionable insights for clients to strengthen their internal control systems.
  • Implemented financial risk management policies, limits and strategies that complied with standards and strategic imperatives of organization.

IT Audit Consultant

ISVA Ltd
08.2023 - 12.2023
  • Employed for a short-term government project in collaboration with ISVA Ltd and the Government of Cameroon.
  • Managed multiple audit engagements simultaneously while maintaining strict adherence to timelines and budgets.
  • Delivered high-quality audit reports within deadlines, resulting in increased client satisfaction levels.
  • Championed continuous improvement initiatives within the organization by sharing knowledge about industry developments.
  • Demonstrated versatility by adapting quickly to new industry sectors or changing client expectations during engagements.
  • Provided expert guidance on accounting standards, regulations, and best practices throughout the audit process.
  • Facilitated clear communication between stakeholders, ensuring a smooth auditing process from inception to completion.
  • Collaborated with cross-functional teams to ensure accurate financial reporting and compliance with regulations.
  • Prepared working papers, reports and supporting documentation for audit findings.
  • Achieved timely resolution of outstanding audit issues through diligent follow-up activities with clients.
  • Provided journal entries and performed accounting on accrual basis.
  • Improved company''s risk management strategy by identifying, assessing, and mitigating potential risks related to noncompliance.
  • Assisted in the preparation of reports for senior management, outlining findings from investigations into suspected non-compliant activities.
  • Developed improvement and corrective action plans to bring operations in line with requirements.
  • Assisted in the development of a comprehensive risk assessment framework for evaluating potential threats to organizational compliance systems.
  • Reviewed audit and monitoring reports related to consumer and client activities.
  • Contributed to the development of a strong compliance culture within the organization by promoting awareness of relevant rules and guidelines through training sessions and communications campaigns.

INDEPENDENT GRC CONSULTANT

Cardan Manor
10.2022 - 07.2023
  • Monitored and optimized tracking and assessment systems to reduce risks from emergencies
  • Developed contingency plans and disaster management strategies
  • Conducted security assessments and provided recommendations for security improvements
  • Reported internal control issues and provided comprehensive risk mitigation recommendations
  • Applied frameworks: HIPAA, ISO 27001/27002, COBIT
  • Produced and filed reports to inform senior management of current activities and progress with investigations
  • Assessed liquidity and market risk levels and applied risk-based approach to oversee financial activities.

CYBERSECURITY COMPLIANCE ANALYST

Charles Schwab Inc.
07.2022 - 07.2023
  • Generated comprehensive incident reports and executed meticulous investigations, unveiling critical vulnerabilities inherent in operational workflows
  • Played a pivotal role within the team spearheading security audits and conducting vulnerability assessments on a portfolio of 100 systems, ensuring compliance with industry standards, including PCI DSS (Payment Card Industry Data Security Standard)
  • Instrumental in devising and implementing remediation strategies that resulted in a remarkable 60% reduction in potential security threats while upholding unwavering compliance with industry standards, including PCI DSS
  • Fostered productive partnerships with senior executives to provide expert counsel on risk assessment and proactively devised robust mitigation strategies, particularly in the context of PCI security requirements
  • Spearheaded the creation and meticulous documentation of streamlined response protocols and stringent security policies, incorporating PCI DSS guidelines to safeguard payment card data
  • Delivered instructive seminars to enlighten staff members on meticulous procedures, resulting in a noteworthy decrease in the occurrence of compliance violations, including those related to PCI standards
  • Revolutionized server configurations and elevated network security standards through the implementation of proactive end-user training initiatives, with a focus on PCI DSS requirements
  • Effectively employed the NIST Cybersecurity Framework to fortify the organization's cyber defenses, ensuring adherence to industry-leading standards, including PCI security compliance
  • Proactively assessed and ensured CIS (Center for Internet Security) compliance across all systems, implementing robust controls and procedures to fortify cybersecurity measures and uphold industry-leading standards
  • Collaborated with cross-functional teams to conduct regular reviews of data security protocols, playing a pivotal role in the continuous enhancement of security measures and the development of comprehensive documentation aligning with PCI DSS guidelines.

CYBER SECURITY ANALYST

CarMax
10.2021 - 06.2022
  • Monitored and ensured continued compliance with internal security controls and regulations
  • Conducted comprehensive risk analysis and vulnerability assessments for business applications and infrastructure systems
  • Supported internal and external security reviews, audits, and control evaluations
  • Implemented thorough vulnerability and penetration testing to enhance system resilience
  • Applied industry-standard frameworks, including The NIST Cybersecurity Framework and PCI-DSS
  • Planned and designed system improvements to meet changing demands
  • Provided user training and support for a variety of hardware and software issues.

SENIOR CYBER SECURITY ANALYST

EmiratesNBD Bank
05.2018 - 11.2019
  • Enforced security of applications and systems through collaboration with other teams
  • Identified and monitored cyber and information security risks
  • Investigated incidents and educated employees on security procedures
  • Collaborated with senior leaders to advise on risk management
  • Applied frameworks: The NIST Cybersecurity Framework, PCI-DSS, ISO 27001
  • Conducted security audits to identify vulnerabilities
  • Performed risk analyses to identify appropriate security countermeasures
  • Analyzed network traffic and system logs to detect malicious activities
  • Drafted security reports and metrics to track security performance and strategize improvements
  • Implemented security measures, including knowledge of PCI security compliance, to reduce threats and damage related to cyber-attacks
  • Investigated and resolved incidents of unauthorized access to sensitive information
  • Worked with other teams to enforce security of applications and systems.

SENIOR CYBERSECURITY CONSULTANT

ISVA Ltd.
09.2015 - 01.2017
  • Audited security systems for companies in Cameroon in collaboration with the National Agency for Information and Communications Technologies (ANTIC)
  • Through ANTIC, worked with esteemed clients like United Bank of Africa and SONARA (Cameroon Oil Refinery)
  • Educated staff on cybersecurity best practices
  • Managed relationships with third-party intrusion detection system providers
  • Conducted security audits and risk analyses
  • Applied frameworks: ISO 27001 and PCI security compliance
  • Monitored the use of data files and regulated access to protect secure information
  • Developed, tested, and implemented security policies, plans, and procedures for organizational protection
  • Implemented security measures to reduce threats and damage related to cyber-attacks
  • Worked with other teams to enforce security of applications and systems
  • Drafted security reports and metrics to track security performance and strategize improvements
  • Delivered services to customer locations within specific timeframes.

NETWORK DESIGN/PLANNING AND PRODUCT MANAGER

VPS Technologies Ltd.
02.2015 - 09.2015
  • Designed and implemented robust security solutions for network infrastructure to ensure a secure environment
  • Created customized cloud security solutions for all clients, tailoring approaches to specific needs
  • Translated customer requirements into actionable features and collaborated with development teams for successful feature launches
  • Planned and executed efficient projects while maintaining network integrity
  • Collaborated with sales, marketing, and support teams to ensure timely and budget-friendly product launches
  • Actively participated in weekly planning sessions to review sales, address customer concerns, and identify new business opportunities
  • Developed comprehensive product documentation for clear communication of upcoming features and products to internal teams
  • Analyzed metrics to measure and enhance product performance
  • Coordinated project planning and execution in collaboration with team members and leads.

IT SECURITY ANALYST

ACE Technologies PLC
06.2013 - 09.2013
  • Investigated and resolved incidents of unauthorized access to sensitive information
  • Provided proactive security solutions by closely monitoring intrusion detection and prevention systems
  • Supported user needs and ensured compliance with security controls
  • Applied frameworks, including ISO 27001
  • Quickly learned and adapted to new technology and software applications
  • Recommended improvements in security systems and procedures
  • Performed risk analyses to identify appropriate security countermeasures
  • Encrypted data and implemented firewalls for the protection of confidential information
  • Developed plans to safeguard computer files against modification, destruction, or disclosure
  • Conducted security audits to identify vulnerabilities
  • Monitored computer virus reports to update virus protection systems promptly
  • Administered and monitored firewalls, intrusion detection systems, and anti-virus software to detect risks
  • Developed, tested, and implemented security policies, plans, and procedures for organizational protection
  • Drafted security reports and metrics to track performance and strategize improvements
  • Executed penetration testing to identify security weaknesses and developed disaster recovery plans
  • Implemented security measures to reduce threats and damage related to cyber-attacks
  • Reviewed violations of computer security procedures and developed mitigation plans
  • Researched and developed new computer forensic tools
  • Monitored the use of data files and regulated access to protect secure information.

ASSISTANT NETWORK ENGINEER

PresPrint PLC
01.2010 - 09.2010
  • Implemented effective security solutions for network infrastructure
  • Tracked and reported identified information system vulnerabilities
  • Monitored network performance and provided recommendations for security measures
  • Recommended network security standards and upgrades to management
  • Offered network support services for devices like hubs, bridges, routers, and other hardware
  • Assisted in the implementation and support of network monitoring tools
  • Conducted troubleshooting for Juniper, Cisco, and performed packet analysis
  • Established VPN infrastructure to facilitate secure remote connections
  • Monitored network capacity and performance, diagnosing, and resolving complex network problems.

Education

BACHELOR OF SCIENCE - CYBERSECURITY

Purdue University Global
09.2024

Skills

  • Information Auditing
  • Risk Analysis & Mitigation
  • Vulnerability & Penetration
  • Network System Design
  • PCI Compliance
  • Compliance with Security
  • Incident Response & Disaster
  • Documentation
  • Complex Problem-Solving
  • Conflict Resolution
  • Background / expertise in assessing risks, implementing security initiatives and audits, protecting corporate assets and disaster recovery planning
  • Security Information and Event Management

Certification

Completed Certifications:


  • CompTIA Security+ Certification
  • CCNA (Certified CISCO Network Associate)
  • CCNP (Certified CISCO Network Professional)
  • MCP (Microsoft Certified Professional 2.0)
  • Microsoft Certified Professional Database Administrator 2008
  • MCTS SQL Server 2008, Implementation and Maintenance
  • MCTS Microsoft Exchange Server 2007, Configuration
  • MCTS Microsoft Windows Vista, Configuration
  • MCITP Server Administrator
  • MCTS Windows Server 2008 Applications Infrastructure, Configuration
  • MCTS Windows Server 2008 Network Infrastructure, Configuration
  • ITIL V 3.0 Foundation


Currently Pursuing:

  • Certified Information Systems Auditor (CISA) : Expected April 2024
  • COBIT 5.0 IT Governance Framework
  • Certified Information Systems Security Professional (CISSP): expected December 2024

Accomplishments

  • CompTIA Security+ Certification: Recently achieved CompTIA Security+ certification, demonstrating a commitment to staying abreast of cybersecurity best practices and acquiring skills to effectively safeguard corporate assets.
  • Risk Analysis & Security Audits: Successfully conducted risk analyses and security audits, pinpointing vulnerabilities and implementing tailored countermeasures. Improved disaster recovery plans and elevated overall security posture.
  • Project Leadership & Collaboration: Collaborated with senior leaders and cross-functional teams to provide insights on risk management. Played a key role in the planning and implementation of comprehensive network design and security frameworks, contributing to the success of security initiatives.
  • Certifications & Growth: Attained certifications including Certified CISCO Network Associate (CCNA), Certified CISCO Network Professional (CCNP), Microsoft certifications, and ITIL v3 certification. Pursuing ISACA CISA certification for continued cybersecurity expertise.
  • Linux Proficiency: Demonstrated substantial proficiency in Linux, contributing to robust cybersecurity practices and solutions.
  • Active Involvement in Tech Communities: Engaged member of Black Women in Tech, Denver Chapter for ISACA, and other tech communities in Nigeria, Cameroon, and the United States. Fostering inclusivity and diverse talent growth in the global tech industry.
  • Academic Excellence: Maintained a stellar 3.8 GPA, recognized on the Dean's List, and honored by the National Society of Leadership and Success (NSLS). Demonstrated dedication to academic excellence and showcased leadership qualities.

Career Overview

A results-driven Cybersecurity Specialist with a strategic mindset, I bring a robust background in risk assessment, security initiative implementation, and audits, along with expertise in safeguarding corporate assets and disaster recovery planning. Proficient in conducting meticulous security audits, evaluating vulnerabilities, and offering comprehensive network design and security frameworks. My experience also encompasses a strong focus on PCI security compliance, ensuring adherence to industry standards.

Awards

  • NSLS
  • Chancellor's List Purdue University Global

Languages

French
Full Professional
English
Native or Bilingual

Timeline

Independent GRC/IT Security Contractor

Jena Destinations LLC
09.2023 - Current

IT Audit Consultant

ISVA Ltd
08.2023 - 12.2023

INDEPENDENT GRC CONSULTANT

Cardan Manor
10.2022 - 07.2023

CYBERSECURITY COMPLIANCE ANALYST

Charles Schwab Inc.
07.2022 - 07.2023

CYBER SECURITY ANALYST

CarMax
10.2021 - 06.2022

SENIOR CYBER SECURITY ANALYST

EmiratesNBD Bank
05.2018 - 11.2019

SENIOR CYBERSECURITY CONSULTANT

ISVA Ltd.
09.2015 - 01.2017

NETWORK DESIGN/PLANNING AND PRODUCT MANAGER

VPS Technologies Ltd.
02.2015 - 09.2015

IT SECURITY ANALYST

ACE Technologies PLC
06.2013 - 09.2013

ASSISTANT NETWORK ENGINEER

PresPrint PLC
01.2010 - 09.2010

BACHELOR OF SCIENCE - CYBERSECURITY

Purdue University Global

Completed Certifications:


  • CompTIA Security+ Certification
  • CCNA (Certified CISCO Network Associate)
  • CCNP (Certified CISCO Network Professional)
  • MCP (Microsoft Certified Professional 2.0)
  • Microsoft Certified Professional Database Administrator 2008
  • MCTS SQL Server 2008, Implementation and Maintenance
  • MCTS Microsoft Exchange Server 2007, Configuration
  • MCTS Microsoft Windows Vista, Configuration
  • MCITP Server Administrator
  • MCTS Windows Server 2008 Applications Infrastructure, Configuration
  • MCTS Windows Server 2008 Network Infrastructure, Configuration
  • ITIL V 3.0 Foundation


Currently Pursuing:

  • Certified Information Systems Auditor (CISA) : Expected April 2024
  • COBIT 5.0 IT Governance Framework
  • Certified Information Systems Security Professional (CISSP): expected December 2024

Similar Profiles

  • Mark Thomas

    Mark ThomasMark Thomas

    Operator at Jena Asphalt Solutions, LLCOperator at Jena Asphalt Solutions, LLC

    View Profile
  • Steve Walters

    Steve WaltersSteve Walters

    Applications & Service Engineer at Analytik-Jena US LLCApplications & Service Engineer at Analytik-Jena US LLC

    View Profile
  • Riley Moon

    Riley MoonRiley Moon

    Customer Service Representative at Dreamscape Destinations, LLCCustomer Service Representative at Dreamscape Destinations, LLC

    View Profile
Nehawa Ngundam Abam