Osa Inekhomon
Woodbridge,VA
Summary
A Cyber Security Analyst with over 6 years of professional experience in Assessment and Authorization, NIST 800-37 Risk Management Framework (RMF), The Federal Risk and Authorization Management Program
(FedRAMP), POA&M management and Operational Policy and Procedures. Experience in all phases of preparing and reviewing complete Assessment and Authorization (A&A) packages for information technology systems and applications as defined by the Federal Information Security Modernization Act (FISMA 2014) and implemented by the guidance of the National Institute of Standards and Technology (NIST). An outstanding
project and program leader.
Overview
18
18
years of professional experience
1
1
Certification
Work History
ISSO
Pearl River Technologies
08.2023 - Current
- Develop, implement, and maintain the organization's security policies, procedures, and guidelines in compliance with NIST, FISMA, and other security standards.
- Manage the Assessment and Authorization (A&A) process for systems, ensuring proper documentation and risk assessments.
- Perform regular security audits, vulnerability assessments, and continuous monitoring activities.
- Lead efforts to identify, report, and respond to security incidents while coordinating with the incident response team.
- Collaborate with IT teams to ensure secure configurations of hardware, software, and networks.
- Provide security awareness training to employees to promote best practices in safeguarding sensitive data.
- Prepare and present reports on system security status to senior management and stakeholders.
ISSO
KSE Consulting Group
12.2020 - 08.2023
- Conducted walk-through, formulated test plans and testing procedures, document gaps, test results, and exceptions and develop remediation plans for each area of testing
- In depth experience in security incident response and management including analysis of events, review of suspected malicious activity, identification of Indicators of compromise and providing guidance on resolution and remediation activities
- NIST 800-37 risk management framework—categorize systems, privacy impact assessments, security impact assessments, interconnection security agreements, risk assessments, waivers
- Performed assessments, POA&M remediation and document creation using ISO 27001 and NIST SP 800-53A rev5
- Monitor and analyze Security Information and Event Management (SIEM) alerts to identify security issues for remediation and investigate events and incidents, using wide variety of tools such as Splunk and Nessus to identify, prioritize, and manage potential security incidents
- Analyze and update System Security Plan (SSP), Risk Assessment (RA), Privacy Impact Assessment (PIA), System Security test and Evaluation (ST&E) and the Plan of Actions and Milestones (POA&M)
- Create and update the Security Assessment Report (SAR) in compliance with NIST and FISMA regulation
- Assist in the coordination and implementation of major detection enhancements to SOC analytics
- Provide security management, process engineering and operations management to a Security Operations Centre.
Security Analyst
Ezenius Inc
06.2017 - 12.2020
- Provide responses to data calls and all audit requests by due dates and Maintain tracking reports and central repository of data call artifacts
- Prepare and document System's ATO Brief for submission to Authorizing Official (AO) for adjudication to grant ATO to a new system or for the existing system to continue operation
- Schedule, track and manage the monthly and quarterly POA&M review process
- Coordinates meetings and tasking with System Owners (SOs), Information System Security Officers (ISSOs) and support remediation of opened POA&M items
- Review Information System Security Policies and Procedures, System Security Plans (SSP), and Security baselines in accordance with NIST, FISMA, OMB App III A-130, and industry best security practices
- Assess Security Controls through document review, interview, and test procedures to ensure compliance with FISMA, and NIST SP 800-53A
- Conducting in-depth technical reviews of new and existing IT systems to identify the appropriate mitigation strategies required to bring these systems into compliance with established policy and industry guidelines
- Providing ongoing gap analysis of current policies, practices, and procedures as they relate to established guidelines outlined by NIST, OMB, FISMA, etc
- Review and validate vulnerability scan results at the operating system (OS) and application level and work with stakeholders to architect and implement mitigations.
Department Sales Manager
Nordstrom INC
01.2007 - 01.2017
- Managed 9 different departments and a team of 50 sales professionals, providing coaching, mentoring, and performance management to achieve revenue targets
- Developed and executed sales strategies to increase market share and expand customer base, resulting in a 20% increase in sales revenue
- Conducted market research and analyzed sales data to identify customer needs, trends, and opportunities, and made recommendations for new products and services
- Collaborated with cross-functional teams to ensure timely delivery of products and services, and resolved customer issues and concerns to ensure customer satisfaction
- Implemented sales training programs and conducted regular sales meetings to improve team performance and foster a culture of continuous improvement.
Education
Bachelor of Science - Business Administration And Management
Ambrose Allí University
05.2005
Skills
- Team Management
- Microsoft Office
- Tenable Nessus
- Reliable & Trustworthy
- Team Building
- Customer Service
- People Skills
Certification
- CISM in review
- CompTIA Security+ Certified
Scan Tools: Nessus, WebInspect, BigFix, HP.
Timeline
ISSO
Pearl River Technologies
08.2023 - Current
ISSO
KSE Consulting Group
12.2020 - 08.2023
Security Analyst
Ezenius Inc
06.2017 - 12.2020
Department Sales Manager
Nordstrom INC
01.2007 - 01.2017
Bachelor of Science - Business Administration And Management
Ambrose Allí University
Similar Profiles
Elizabeth FincherElizabeth Fincher
Dealer at Pearl River ResortDealer at Pearl River Resort
Emma (Paula) HulseyEmma (Paula) Hulsey
Preschool Lab Assistant at Pearl River Community CollegePreschool Lab Assistant at Pearl River Community College
Kandace InmanKandace Inman
Special Education Teacher Assistant at Pearl River Central School DistrictSpecial Education Teacher Assistant at Pearl River Central School District
Kiet NguyenKiet Nguyen
Lease Contracting Officer/Realty Specialist at U.S. Department of AgricultureLease Contracting Officer/Realty Specialist at U.S. Department of Agriculture
Donald DeCarlo IIIDonald DeCarlo III
Cashier at Kroger MarkertplaceCashier at Kroger Markertplace