Obed Attamah
Houston,TX
Summary
Experienced in reviewing vulnerability scan results and coordinating patching and remediation efforts. Possesses advanced knowledge of cyber threats, vulnerability management, and mitigative measures. Skilled in planning and conducting incident response tabletop tests. Proficient in interpreting and applying information security policies and standards, performing internal and external security assessments, and conducting cyber gap analysis. Thoroughly evaluates the operational effectiveness of technical and administrative internal controls. Familiar with HIPAA and HITRUST security requirements, as well as experienced with Standardized Information Gathering (SIG) questionnaires.
Overview
10
10
years of professional experience
1
1
Certification
Work History
Senior Security Compliance Analyst
Finthrive LLC
05.2023 - Current
- Lead and manage the organization’s security compliance program, ensuring adherence to industry standards, regulations, and internal policies
- Conduct comprehensive risk assessments and vulnerability assessments to identify security weaknesses and provide recommendations for mitigation
- Collaborate with cross-functional teams to develop and implement security policies, procedures, and guidelines in alignment with NIST, ISO, and other industry frameworks
- Analyze security incidents and breaches, investigate root causes, and recommend corrective actions to prevent recurrence
Information Security Analyst
Blue Sky Solutions
05.2022 - 05.2023
- Conduct security assessment, following NIST Special Publication 800-53A guidance in support of obtaining an Authority to Operate new systems or existing systems that undergo significant change
- Coordinate security assessment activities with the appropriate system and security
- Document comprehensive security assessment results that fully describe the weaknesses and deficiencies discovered during the assessment
- Manage, prioritize, and complete client questionnaires, and risk assessments
- Support Audit and compliance programs by understanding and ensuring adherence to HIPAA, SOC, and other requirements from an information security perspective
- Analyze trends in questionnaires and based on new requests, recommend improvement of security policies and procedures
- Conduct vulnerability assessments and security impact analyses based on the NIST requirements
- Document security assessment results in the Cyber Security Assessment Management (CSAM) system
- Work with the Data Privacy team to put in place data handling policies in line with CCPA
- Review and Update System Security Plans using the NIST 800-18 as a guide
- Collect, review, update, and maintain IT Supporting artifacts based on the NIST 800-53 Rev 4
Information Security Analyst
General Electric
08.2018 - 05.2022
- Company Overview: Houston
- Conduct NIST 800-53 and ISO27001-based security assessments on new systems added to the company network boundary
- Collaborate with critical service suppliers in adapting practices, policies, and procedures to conform to ISO 27001, NIST 800 standards, and CISA standards
- Provide expertise and assistance in the development of continuous monitoring programs and plans
- Categorized Information Systems based on processed data; Restricted, Confidential, and public data categories
- Review technical and security addendum with vendor and customer
- Perform Continuous threat monitoring and review to assess and prioritize vulnerabilities
- Provide oversight and advisement on proposed major change requests to IT System
- Develop security policy and procedural controls relating to Management, Operational, and Technical Controls
- Manage, prioritize, and complete client inquiries (questionnaires, risk assessments, etc.)
- Analyze trends in questionnaires and based on new requests, recommend improvement of security policies and procedures
- Houston
End User Support Analyst
General Electric
04.2015 - 08.2018
- Company Overview: Houston
- Followed Asset Management Policies and procedures to ensure the accuracy of all information
- Installed, maintained, and upgraded end-user hardware, software, and peripheral equipment collected
- Demonstrated ability to build strong relationships with business partners, vendors, and other TO organizations
- Partnered with the business and other TO departments for incident and problem resolution
- Served as an escalation point for all L1/L2 issues
- Maintain inventory tracking for hardware and software
- Proactively identify opportunities to educate business partners on leveraging the use of technology more effectively
- Houston
Helpdesk Support Specialist
Harris County Community Services
11.2015 - 04.2016
- Helped turn business obstacles into technical solutions
- Simulated user problems to resolve operating difficulties
- Recommended systems modifications to reduce user
- Performed system administration-related tasks such as imaging and deploying Windows-based workstations
- Provided onsite and remote support for emergency activations and specials
- Provided technical advice, guidance, and informal training to attorneys and staff using hardware and software programs
- Performed root cause analysis and developed checklists for typical problems
- Developed and maintained an up-to-date knowledge base to provide accurate information and guidance to customers.
- Conducted regular training sessions for new help desk staff, ensuring consistent quality of service across the team.
- Configured hardware, devices, and software to set up work stations for employees.
- Implemented remote support tools to assist clients effectively without on-site visits, reducing overall costs.
Education
B.S - Computer Science
University of Ghana
01.2007
Skills
- Compliance Monitoring
- Due diligence
- Compliance understanding
- Regulatory knowledge
- Internal Auditing
- Corrective action plans
- Risk Mitigation
- Risk Assessment
- Continuous Improvement
- Data Security
Educationcertification
- B.S., Computer Science, University of Ghana, 05/01/07
- CompTIA Security +, 05/01/18
- Certified Ethical Hacker, 05/01/18
Certification
Security+
CISA
Languages
Spanish
Limited Working
Timeline
Senior Security Compliance Analyst
Finthrive LLC
05.2023 - Current
Information Security Analyst
Blue Sky Solutions
05.2022 - 05.2023
Information Security Analyst
General Electric
08.2018 - 05.2022
Helpdesk Support Specialist
Harris County Community Services
11.2015 - 04.2016
End User Support Analyst
General Electric
04.2015 - 08.2018
Security+
CISA
B.S - Computer Science
University of Ghana
Similar Profiles
Analise RavenAnalise Raven
VP, Client Services at Alpha II, LLCVP, Client Services at Alpha II, LLC
Shauna-Kay Thomas-ScottShauna-Kay Thomas-Scott
Buisness Operation Rep III at FinthriveBuisness Operation Rep III at Finthrive
Charu SharmaCharu Sharma
Senior Analyst (US Healthcare) at Finthrive Pvt LtdSenior Analyst (US Healthcare) at Finthrive Pvt Ltd