Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
References
Languages
Activities
Timeline
Generic

NEHAWA NGUNDAM EP ABAM

Peekskill,USA

Summary

A highly accomplished Cybersecurity Specialist with a proven track record in risk assessment, security initiative implementation, audits, and regulatory compliance. Leveraging a strategic mindset and extensive experience, I excel in safeguarding corporate assets through disaster recovery planning, conducting in-depth security audits, and managing robust cloud security solutions. Skilled in evaluating vulnerabilities, I specialize in developing comprehensive network designs and implementing security frameworks with a strong emphasis on PCI security compliance and industry standards. Proficient in managing end-to-end cybersecurity projects using advanced tools such as RSA Archer, Tableau, and JIRA, while ensuring regulatory compliance across diverse environments. Renowned for being team-oriented, diplomatic, and adept at fostering strategic alliances to elevate organizational security posture and reputation.

Overview

14
14
years of professional experience
1
1
Certification

Work History

CYBERSECURITY COMPLIANCE LEAD

Charles Schwab Inc.
Lone Tree, USA
07.2022 - 05.2024
  • Generated comprehensive incident reports and executed meticulous investigations, unveiling critical vulnerabilities inherent in operational workflows
  • Played a pivotal role within the team spearheading security audits, conducting vulnerability assessments, and managing compliance across 100 systems, ensuring adherence to regulations such as PCI DSS
  • Instrumental in devising and implementing remediation strategies that resulted in a 60% reduction in potential security threats
  • Fostered productive partnerships with senior executives to provide expert counsel on risk assessments and mitigation strategies
  • Spearheaded the creation and documentation of streamlined response protocols and stringent security policies incorporating PCI DSS guidelines
  • Delivered instructive seminars to reduce compliance violations and improve adherence to regulations
  • Utilized RSA Archer for compliance reporting and oversight
  • Leveraged RSA Archer for regulatory tracking and compliance management, Tableau for data visualization, and JIRA for project tracking
  • Effectively employed RCSA processes to evaluate risk controls and ensure organizational resilience
  • Leveraged Tableau to create dashboards that enhance data exploration and stakeholder understanding
  • Proactively assessed and ensured CIS (Center for Internet Security) compliance across all systems, implementing robust controls and procedures

INDEPENDENT GRC CONSULTANT

Cardan Manor
Aurora, CO
10.2021 - 11.2022
  • Monitored and optimized tracking systems to mitigate risks and enhance emergency preparedness
  • Developed contingency plans and disaster management strategies to ensure operational resilience
  • Conducted security assessments and provided actionable recommendations for improvements
  • Worked on enhancing and safeguarding IT infrastructure to ensure stability, security, and scalability
  • Applied frameworks such as HIPAA and ISO 27001/27002 to ensure regulatory compliance and robust risk controls
  • Implemented ISO 27001 standards to establish and maintain Information Security Management Systems (ISMS), safeguarding data confidentiality, integrity, and availability
  • Ensured HIPAA compliance by implementing stringent privacy and security controls for resident health information
  • Produced detailed reports for senior management on activities, investigations, and risk mitigation efforts
  • Created compliance and GRC dashboards in Excel to enhance data analysis, trend identification, and stakeholder decision-making
  • Implemented real-time monitoring systems to promptly identify risks and deviations, providing customized insights for auditors and compliance officers

CYBER SECURITY ANALYST

CarMax
Parker, CO
10.2021 - 06.2022
  • Monitored and ensured continued compliance with internal security controls and regulations
  • Conducted comprehensive risk analysis and vulnerability assessments for business applications and infrastructure systems
  • Supported internal and external security reviews, audits, and control evaluations
  • Implemented thorough vulnerability and penetration testing to enhance system resilience
  • Applied industry-standard frameworks, including The NIST Cybersecurity Framework and PCI-DSS
  • Planned and designed system improvements to meet changing demands
  • Provided user training and support for a variety of hardware and software issues
  • Enforced the security of applications and systems through collaboration with other teams
  • Identified and monitored cyber and information security risks
  • Investigated incidents and educated employees on security procedures
  • Collaborated with senior leaders to advise on risk management

SENIOR CYBER SECURITY ANALYST

Emirates NBD Bank
Dubai, UAE
05.2018 - 11.2019
  • Enforced application and system security through seamless collaboration with cross-functional teams
  • Identified and monitored cyber and information security risks, ensuring proactive threat management
  • Investigated incidents and educated employees on security best practices and procedures
  • Partnered with senior leaders to provide strategic advice on risk management and mitigation
  • Applied industry-leading frameworks, including the NIST Cybersecurity Framework, PCI-DSS, and ISO 27001, to strengthen security postures
  • Conducted comprehensive security audits to uncover vulnerabilities and recommend actionable solutions
  • Oversaw penetration testing teams during audits, ensuring effective identification and remediation of risks
  • Directed cybersecurity projects, driving coordination across teams to align with organizational goals and meet timelines
  • Performed risk analyses to determine and implement appropriate security countermeasures
  • Analyzed network and system logs to detect malicious activities and safeguard critical assets
  • Drafted detailed security reports and metrics to track performance and inform strategic improvements
  • Implemented advanced security measures, leveraging expertise in PCI security compliance to minimize cyber-attack risks and potential damages

SENIOR CYBERSECURITY CONSULTANT

ISVA Ltd.
Limbe, Cameroon
09.2015 - 11.2017
  • Audited security systems for companies in Cameroon in collaboration with the National Agency for Information and Communications Technologies (ANTIC)
  • Partnered with ANTIC to work with high-profile clients such as United Bank of Africa (UBA) and SONARA (Cameroon Oil Refinery)
  • Applied frameworks including ISO 27001, COBIT 5.0, and PCI security compliance to enhance organizational security and ensure compliance
  • Leveraged COBIT 5.0 to establish comprehensive IT controls, align IT strategy with business goals, and implement rigorous security measures for clients like UBA, ensuring robust cybersecurity governance, and protection against cyber threats
  • Monitored and evaluated the effectiveness of COBIT 5.0 controls, continuously enhancing IT governance frameworks to meet evolving security needs
  • Conducted security audits, risk analyses, and vulnerability assessments, overseeing teams for penetration testing to identify vulnerabilities, and strengthen security postures
  • Oversaw and coordinated the implementation of advanced penetration testing methodologies for high-profile clients, providing detailed reports on vulnerabilities, and actionable remediation strategies
  • Managed cybersecurity projects using ITIL v3 methodologies, ensuring efficient delivery through meticulous planning, execution, and monitoring while enhancing service delivery processes
  • Developed and implemented ISO 27001-based Information Security Management Systems (ISMS) to ensure compliance and bolster organizational security
  • Ensured PCI compliance by implementing stringent measures to protect cardholder data, conducting regular audits, and addressing vulnerabilities to maintain security standards
  • Educated staff on cybersecurity best practices to foster a culture of awareness and proactive defense
  • Managed relationships with third-party intrusion detection system providers to enhance threat monitoring and mitigation
  • Monitored data file usage and regulated access to secure, sensitive information, reducing risks related to data breaches
  • Developed, tested, and implemented security policies, plans, and procedures to safeguard organizational assets
  • Worked cross-functionally to enforce application and system security and implemented security measures to mitigate threats from cyber-attacks
  • Drafted security reports and metrics to monitor performance, identify trends, and strategize security improvements
  • Delivered services to customer locations within specified timeframes, ensuring operational efficiency and client satisfaction

NETWORK DESIGN/PLANNING AND PRODUCT MANAGER

VPS Technologies Ltd
Lagos, Nigeria
01.2015 - 09.2015
  • Designed and implemented robust security solutions for network infrastructure to ensure a secure environment
  • Created customized cloud security solutions tailored to meet specific client needs
  • Translated customer requirements into actionable features, collaborating with development teams to ensure successful feature launches
  • Planned and executed client projects while maintaining network integrity and minimizing downtime
  • Collaborated with sales, marketing, and support teams to deliver timely and budget-friendly product launches
  • Actively participated in weekly planning sessions to review sales performance, address customer concerns, and identify new business opportunities
  • Developed comprehensive product documentation to clearly communicate upcoming features and products to internal teams
  • Analyzed metrics to measure and enhance product performance, driving data-informed decisions
  • Coordinated project planning and execution, working closely with team members and project leads
  • Led the end-to-end product management lifecycle for network security solutions, from ideation, development, to deployment, and continuous optimization
  • Conducted comprehensive market research and competitive analysis to identify gaps and opportunities, guiding product development, and ensuring market fit
  • Established and monitored key performance indicators (KPIs) to track product success, using insights to drive continuous improvement in product strategies
  • Orchestrated cross-functional teams to define product roadmaps, prioritize features, and ensure alignment with business objectives, successfully delivering high-impact network security products on time and within budget
  • Designed innovative strategies for feature prioritization and resource allocation, leveraging Agile methodologies to streamline development processes, and deliver exceptional, customer-focused solutions

Lead Information Technology Specialist

Caisse Nationale De Prevoyance (CNPS)
Yaounde, Cameroon
01.2014 - 01.2015
  • Managed and maintained IT infrastructure, ensuring seamless operation and system availability
  • Conducted regular system audits and performance assessments to enhance IT efficiency
  • Provided technical support and troubleshooting for hardware and software issues across departments
  • Collaborated with cross-functional teams to implement network upgrades and improve system security
  • Administered Active Directory, managing user accounts, group policies, and access controls to maintain a secure and organized IT environment
  • Trained staff on new technologies and best practices to optimize productivity and IT resource utilization
  • Monitored and resolved network connectivity issues to minimize downtime and ensure uninterrupted service delivery
  • Developed and implemented IT policies and procedures to strengthen data security and compliance with organizational standards

IT SECURITY ANALYST

ACE Technologies PLC
Limbe, CO
06.2013 - 10.2013
  • Investigated and resolved incidents of unauthorized access to sensitive information
  • Provided proactive security solutions by closely monitoring intrusion detection and prevention systems
  • Supported user needs and ensured compliance with security controls
  • Applied frameworks, including ISO 27001
  • Quickly learned and adapted to new technology and software applications
  • Recommended improvements in security systems and procedures
  • Performed risk analyses to identify appropriate security countermeasures
  • Encrypted data and implemented firewalls for the protection of confidential information
  • Developed plans to safeguard computer files against modification, destruction, or disclosure
  • Conducted security audits to identify vulnerabilities
  • Monitored computer virus reports to update virus protection systems promptly
  • Administered and monitored firewalls, intrusion detection systems, and anti-virus software to detect risks
  • Developed, tested, and implemented security policies, plans, and procedures for organizational protection
  • Drafted security reports and metrics to track performance and strategize improvements
  • Executed penetration testing to identify security weaknesses and developed disaster recovery plans
  • Implemented security measures to reduce threats and damage related to cyber-attacks
  • Reviewed violations of computer security procedures and developed mitigation plans
  • Researched and developed new computer forensic tools
  • Monitored the use of data files and regulated access to protect secure information

ASSISTANT NETWORK ENGINEER

PresPrint PLC
Limbe, Cameroon
01.2010 - 10.2010
  • Implemented effective security solutions for network infrastructure
  • Tracked and reported identified information system vulnerabilities
  • Monitored network performance and provided recommendations for security measures
  • Recommended network security standards and upgrades to management
  • Offered network support services for devices like hubs, bridges, routers, and other hardware
  • Assisted in the implementation and support of network monitoring tools
  • Conducted troubleshooting for Juniper, Cisco, and performed packet analysis
  • Established VPN infrastructure to facilitate secure remote connections
  • Monitored network capacity and performance, diagnosing, and resolving complex network problems

Education

Bachelor of Science - Cybersecurity

Purdue University Global
Indiana
12.2024

Skills

  • Teamwork & Supervision
  • Incident Response Management
  • CIS Compliance
  • PCI Security Compliance
  • Data Security
  • Implementing Security Programs
  • Penetration Testing & Vulnerability Assessment
  • Risk Analysis & Mitigation
  • Project Management (ITIL v3/4)
  • Product Management
  • Network Security
  • Security Audit & Compliance
  • ISO 27001 Implementation
  • NIST Cybersecurity Framework
  • Cybersecurity Training & Awareness
  • Strategic Planning & Execution
  • Stakeholder Management
  • Dashboard Creation & Data Analysis (Tableau, Excel)
  • Regulatory Compliance & RCSA
  • Cloud Security
  • Security Assessment
  • RSA Archer
  • Tableau
  • JIRA

Certification

  • CompTIA Security+, 2023
  • ISACA Certified Information Systems Auditor (CISA), 2024
  • Cisco Certified Network Associate/Professional (CCNA/CCNP), 2009
  • ITIL v3, 2009
  • Working Toward CISSP, Expected 2025
  • Working Toward Certified Information Security Manager (CISM)
  • Working Toward Offensive Security Certified Professional (OSCP)

Accomplishments

  • Leadership Award, National Society of Leadership and Success (NSLS): Recognized for outstanding leadership and contributions to the organization.
  • Membership Award, National Honors Society: Awarded membership for academic excellence and exemplary leadership.
  • Chancellor's List, Purdue University Global: Achieved recognition for academic excellence and outstanding performance.

References

References available upon request.

Languages

  • English, Native/ Bilingual
  • French, Upper Intermediate (B2)

Activities

  • Leadership & Mentoring: Mentor peers and junior colleagues in cybersecurity best practices.
  • Community Engagement: Raise awareness about cybersecurity and digital safety through community outreach.
  • Professional Development: Attend industry conferences and webinars to stay updated on cybersecurity trends.
  • Volunteer Work: Apply cybersecurity skills to enhance data protection for local non-profits.
  • Fitness & Well-being: Maintain well-being through regular exercise and mindfulness practices.
  • Hobbies & Interests: Engage in technology innovation and problem-solving challenges.
  • Travel: Explore diverse cultures to gain new perspectives and enrich personal growth.

Timeline

CYBERSECURITY COMPLIANCE LEAD

Charles Schwab Inc.
07.2022 - 05.2024

INDEPENDENT GRC CONSULTANT

Cardan Manor
10.2021 - 11.2022

CYBER SECURITY ANALYST

CarMax
10.2021 - 06.2022

SENIOR CYBER SECURITY ANALYST

Emirates NBD Bank
05.2018 - 11.2019

SENIOR CYBERSECURITY CONSULTANT

ISVA Ltd.
09.2015 - 11.2017

NETWORK DESIGN/PLANNING AND PRODUCT MANAGER

VPS Technologies Ltd
01.2015 - 09.2015

Lead Information Technology Specialist

Caisse Nationale De Prevoyance (CNPS)
01.2014 - 01.2015

IT SECURITY ANALYST

ACE Technologies PLC
06.2013 - 10.2013

ASSISTANT NETWORK ENGINEER

PresPrint PLC
01.2010 - 10.2010

Bachelor of Science - Cybersecurity

Purdue University Global

Similar Profiles

  • LaDana Ard

    LaDana ArdLaDana Ard

    Production Manager at Charles Schwab Inc.Production Manager at Charles Schwab Inc.

    View Profile
  • ABANG JACKSON

    ABANG JACKSONABANG JACKSON

    Senior ServiceNow Developer at Charles SchwabSenior ServiceNow Developer at Charles Schwab

    View Profile
  • JEANNETTE GARZA

    JEANNETTE GARZAJEANNETTE GARZA

    Check Operations Research Specialist at Charles SchwabCheck Operations Research Specialist at Charles Schwab

    View Profile
NEHAWA NGUNDAM EP ABAM