Patrick Osei
Philadelphia,PA
Summary
I'm looking for an analyst position with a respected organization where I can put my abilities and experience to work. My primary focus is on the Assessment and Authorization process, risk assessments, audit engagements, and testing information security procedures in accordance with important compliance laws such as FISMA, ISO 270001, and HIPAA.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Cyber Security Analyst
PENNSYLVANIA DEPARTMENT OF TRANSPORTATION
Allentown, PA
07.2019 - Current
- Create and update the following documents: Risk Assessment Report, E-Authentication, Security Assessment Plan, System Security Plan, Contingency Plan, Contingency Plan Test, Security Assessment Report, Plan of Action and Milestone (POA&M)
- Generate, review and update the Systems Security Plan (SSP) in accordance with NIST SP 800-18; and security documentations as required by A&A process
- Review, analyze and document scan results and ensure immediate remediation of critical and high vulnerabilities via emergency change request (CR)
- Develop POA&M (Plan of Action & Milestones) document to take corrective actions resulting from Security Assessment of systems controls
- Perform comprehensive Security Controls Assessment (SCA) and write reviews of management, operational and technical security controls for information system
- Identify security risks, threats and vulnerabilities of networks/systems/applications
- Review and update E-Authentication and Privacy Threshold Analysis (PTA)
- Conduct security awareness training and expected rules of behavior for end-users
- Participate in the FIPS 199 process of Categorization using SP 800-60
- Document and finalize Security Assessment Report (SAR)
- Recommend security enhancements and purchases
- Train new hired on networks and information procedures on the MOU ISA Team
- Develop, improve and help implement best practices for risk reduction across a broad range of enterprise applications, systems, networks and interfaces
- Works with clients to implement system security measures, assists with computer security plans and documentation and provides technical guidance and training.
Cyber Security Analyst
INNOVATIVE ENVIRONMENTAL TECHNOLOGIES INC
Pipersville, PA
01.2019 - 06.2019
- Prepared and reviewed Authorization to Operate (ATO) packages (i.e
- SSP, RA, CMP, ISCP, DRP, IRP and PIA) for systems and facilities using NIST publications
- Assisted POA&M teams to remediate vulnerabilities of various entities for low, moderate and high
- Performed comprehensive Security Controls Assessment (SCA) and write reviews of management, operational and technical security controls for audited applications and information systems
- Assisted Security assessments to evaluate the systems security posture
- Ensured all POA&M actions are completed and tested in timely fashion to meet client deadlines
- Conducted FISMA-based security risk assessments for various organizations and application systems – including interviews, tests and inspections, produce assessment reports and recommendations and conduct out-briefings
- Determined Security Categorizations using the FIPS 199 and NIST 800-60 as a guide
- Document and Reviewed security plans (SP), contingency plans (CP), contingency plan tests (CPT), privacy impact assessments (PIA), and risk assessment (RA) documents per NIST 800 guidelines for government agencies
- Monitored controls post authorization to ensure continuous compliance with the security requirement
- Oversee the preparation of a Comprehensive and Executive Certification & Accreditation (C&A) packages for approval of an Authorization to Operate (ATO)
- Generated, reviewed and updated System Security Plans (SSP) against NIST 800-18 and NIST 800-53 requirements
- Ensured all POA&M actions are completed and tested in timely fashion to meet client deadlines.
Security Analyst
LoanLogics
Feasterville, Trevose, PA
07.2018 - 10.2018
- Prepared and review Authorization to Operate (ATO) packages (i.e
- SSP, SAR, POAM, RA, CMP, ISCP, DRP, IRP, E-authentication and PIA/PTA) for systems and facilities using NIST 800-18, 800-37, 800-53R4, 800-53A and appropriate NIST Publications/Standards as a guide
- Assisted POA&M teams to remediate vulnerabilities of various entities for low, moderate and high impact systems
- Ensured all POA&M actions are completed and tested in timely fashion to meet client deadlines
- Assisted Security assessments to evaluate the systems security posture
- Performed analytical changes based on client needs and work with clients to improve delivery of service
- Develop strategies and processes in a cross-functional team to drive a higher level of service delivery across our global customer base
- Cultivated relationships with system stakeholders and internal resources to support time-sensitive security activities integrate risk management into their daily activities for optimal enterprise-wide risk objective while serving as a dedicated analysis point of contact for clients
- Conducted verification and validation for information systems, products, and components and Provide recommendations for new network architectures
- Enhanced key relationships with top clients and perspective clients during site visits, identifying gaps in their security strategy and facilitating enhancements to service while increasing customer satisfaction
- Worked closely with clients’ Information Assurance Analysts to oversee the preparation of a Comprehensive and Executive Certification & Accreditation (A&A) packages for approval of an Authorization to Operate (ATO); generate, review and update System Security Plans (SSP).
Data Steward
VEEVA SYSTEMS
Fort Washington, PA
10.2016 - 07.2018
- Contribute to on-going cleansing and maintenance of customer and product data by driving data entry standards for formatting, completeness, and accuracy for attributes within the customer and product master
- Provide day-to-day support to cross-functional internal and external customers as related to customer accounts which includes legal entities, locations and contacts data elements and attributes
- Responsible for ongoing data quality initiatives such as research, match/merging and various aspects of data cleansing to remediate issues identified
- Actively participate in team objectives
- Contribute to and execute ongoing process improvement initiatives
- Entering data into database software and checking to ensure the accuracy of the data that has been inputted
- Make sure all data remains secure and follow all safety measure
- Routinely check for discrepancies within the system and follow company measure to resolve all conflicts
- Recommend changes to the system if inefficiencies present themselves
- Indexing documents according to specific classifications
Data Management Officer
SINAPI ABA SAVINGS AND LOANS
Accra
02.2009 - 11.2014
- Supervised data processing, banking operations and management for the southwest region
- Developed and implemented strategies in data management for seven branches
- Prepared regular reports for the head office and the various branches
- System audit bank teller transactions in T24 database
- Monitored the effectiveness of the database tools and services
- Managed branch records and documents and authorized transactions using Temenos T24
- Reviewed and processed data entries and bank vouchers
Education
Master of Science - Applied Geoscience (Data Modelling
UNIVERSITY OF PENNSYLVANIA
2018
Bachelor of Science - Technology Management, Statistics and Economics
GARDEN CITY UNIVERSITY COLLEGE
2012
Skills
- A&A artifact, Information System Categorization, Controls Selection and Implementation, Risk Assessment, Monitoring Compliance, Contingency Planning, Incident Response, Disaster Recovery Plan, POA&M Management, Vulnerability Management, FISMA, NIST SP 800-60, SP 800-53 Rev 3& Rev 4, SP 800-53A, SP 800-37, SP 800-137, SP 800-18, SP 800-34, FIPS 199 and FIPS 200
- Vast knowledge on MS Office (Word, Excel, PowerPoint, Access, Outlook)
- Plan of Actions & Milestones (POA&M)
- Security Improvements
- Threat Research
Certification
CompTIA Security+
Microsoft Certified: Azure Data Engineer Associate
Certified Scrum Master (CSM)
Certificate in Creating a Master Data Solution with SQL Server Master Data Services (MDS),
MICROSOFT, June 2018
Timeline
Cyber Security Analyst
PENNSYLVANIA DEPARTMENT OF TRANSPORTATION
07.2019 - Current
Cyber Security Analyst
INNOVATIVE ENVIRONMENTAL TECHNOLOGIES INC
01.2019 - 06.2019
Security Analyst
LoanLogics
07.2018 - 10.2018
Data Steward
VEEVA SYSTEMS
10.2016 - 07.2018
Data Management Officer
SINAPI ABA SAVINGS AND LOANS
02.2009 - 11.2014
Master of Science - Applied Geoscience (Data Modelling
UNIVERSITY OF PENNSYLVANIA
Bachelor of Science - Technology Management, Statistics and Economics
GARDEN CITY UNIVERSITY COLLEGE
Similar Profiles
Sean LetterloughSean Letterlough
Drivers License Examiner Assistant at Commonwealth Of Pennsylvania - Department Of TransportationDrivers License Examiner Assistant at Commonwealth Of Pennsylvania - Department Of Transportation
Samuel GoldingerSamuel Goldinger
Civil Engineering Intern at Pennsylvania Department of TransportationCivil Engineering Intern at Pennsylvania Department of Transportation
Nilen PatelNilen Patel
Engineering, Scientific, and Technical Intern at Pennsylvania Department of TransportationEngineering, Scientific, and Technical Intern at Pennsylvania Department of Transportation
Brodey ScogginsBrodey Scoggins
Engineering Scientific and Technical Intern at Pennsylvania Department of TransportationEngineering Scientific and Technical Intern at Pennsylvania Department of Transportation
Esta AkoyEsta Akoy
Financial Advisor/Analyst at Confidential Insurance ServicesFinancial Advisor/Analyst at Confidential Insurance Services