RAYMOND IDEMUDIA
Colorado Springs
Summary
High-achieving Information Security Analyst with years of experience in safeguarding organizational assets through risk management and strategic security measures. Proficient in assessing, implementing, and maintaining security protocols aligned with industry standards such as (GDPR, HIPAA, COBIT, COSO, HITRUST, and SOX) and IT Security Frameworks (ISO27001, GLBA, NIST, SOC2, CIS Control, and PCI-DSS). Proficient at conducting comprehensive security audits and vulnerability assessments, resulting in a 30% reduction in cybersecurity incidents. Demonstrated capacity to develop and execute incident response plans, minimizing downtime by 25%.
Overview
9
9
years of professional experience
1
1
Certification
Work History
Security Control Assessor
FEDITC
Colorado Springs, CO
10.2023 - Current
- Evaluate the effectiveness of security controls to protect organizational information and assets against cyber threats
- Develop and implement comprehensive assessment plans to ensure security controls meet policy and regulatory requirements
- Identify vulnerabilities and risks associated with organizational systems and networks through rigorous testing and analysis
- Document assessment findings, including evidence of control effectiveness and recommendations for remediation of identified weaknesses
- Coordinate with system owners and IT personnel to review and validate the implementation of corrective actions for identified security deficiencies
- Provide guidance on security best practices and control
- implementation strategies to enhance organizational security posture
- Assess the security impact of system modifications, upgrades, and decommissioning to ensure continuous protection of information assets
- Perform compliance audits against industry standards and regulations such as NIST, ISO, and GDPR to ensure organizational adherence to legal and contractual obligations
- Recommended changes in organizational processes based on the outcomes of security control assessments.
- Assessed third-party vendors' compliance with applicable regulatory requirements and industry best practices.
- Participated in risk assessment meetings with senior management teams.
Information System Security Officer
US Army
11.2020 - 09.2023
- Spearheaded the implementation and enforcement of Infrastructure RMF Packages, crafting Package Implementation and Security Plans for DoD Infrastructure and IT Shared Services, resulting in 100% compliance with RMF requirements
- Directed the preparation and review of Risk Management Framework documentation, encompassing System Security Plans, Authorization to Operate packages, Risk Assessment Reports, Security Control Traceability Matrices, Plans of Action and Milestones, System Assessment Plans, and Continuous Monitoring Plans, achieving a 95% reduction in approval time
- Maintained Approval to Operate (ATO) status and initiated Plans of Action and Measure (POMAs), ensuring swift resolution of security issues and minimizing downtime, with a 98% reduction in unresolved vulnerabilities
- Facilitated the acquisition of ATC/ATO for new and existing system applications, while documenting and managing the inventory of ATC/ATO statuses, resulting in a 90% decrease in compliance discrepancies
- Authored and revised Information Security, Compliance, and Privacy policies and standards, bolstering organizational resilience and ensuring alignment with evolving regulatory landscapes
- Identified vulnerabilities and promptly reported findings to appropriate points of contact, overseeing mitigation efforts, resulting in a 75% reduction in potential security breaches
- Delivered crucial support in the development and implementation of LAN/WAN/PC/Server-related security policies, fortifying the organization's cyber defense posture and minimizing vulnerabilities by 80%
- Ensured adherence to the DoD cybersecurity program implementation plan and RMF policies, delivering cybersecurity reports to DHA leadership, facilitating informed decision-making and strategic planning
- Managed the inventory of DoD Infrastructures, streamlining asset tracking processes and facilitating resource optimization
Information System Security Officer
Zane Medical Group
Las Vegas
07.2017 - 11.2020
- Pioneered the creation and maintenance of comprehensive security plans, instructions, and standard operating procedures, ensuring alignment with industry standards and regulations
- Superintended risk management activities, ensuring 100% compliance with relevant laws and regulations
- Identified and reported potential security breaches, leading to a swift resolution of incidents
- Developed and assembled Authorization to Operate (ATO) packages using advanced tools such as XACTA, eMASS, and ServiceNow, expediting approval processes by 30%
- Facilitated the implementation of stringent security frameworks including ICD 503, NIST 800-53, and JSIG, enhancing system resilience and integrity
- Generated and maintained essential policy documentation and diagrams to support ATO submissions, streamlining the approval process by 25%
- Coordinated cybersecurity inspections and tests, ensuring thorough evaluations of system environments, and achieving a 100% inspection completion rate
- Integrated cybersecurity requirements seamlessly into organizational continuity planning, bolstering resilience against potential threats
Information Technology Specialist
Afrikfest
Las Vegas
05.2015 - 04.2017
- Ensured cyber domain security through intelligence gathering and network support
- Supervised and optimized network defense tools, enhancing efficiency by 20%
- Championed incident response efforts, reducing resolution time by 30%
- Executed surveillance and reconnaissance operations on targeted systems, resulting in the identification of 15 potential threats
- Conducted network terrain audits, penetration testing, and basic digital forensics, contributing to a 25% decrease in vulnerability exposure
- Engineered compliance assessments, ensuring adherence to Gaming MICS and PCI standards, and company policies, resulting in a 100% compliance rate
- Analyzed data to derive actionable insights, leading to the implementation of 5 strategic security improvements
- Masterminded technical phishing simulations, enhancing employee awareness, and reducing susceptibility to phishing attacks by 40%
Education
Master of Science in Information Technology -
CTU Colorado Springs
Colorado Springs, ColoradoSkills
- Network Security
- Vulnerability Assessment
- Penetration Testing
- Intrusion Detection Systems (IDS)
- Intrusion Prevention Systems (IPS)
- Incident Response
- Malware Analysis
- Risk Assessment
- Endpoint Security
- Identity and Access Management (IAM)
- Compliance Monitoring
- Problem-solving abilities
- Information Protection
- Effective Communication
- Teamwork and Collaboration
- Organizational Skills
- Problem-Solving
Certification
- Security+
- CySA+
- Network+
Technicalacumen
ServiceNow
Awards
- Soldier of the Month
- National Defense Service Medal
- Army service Ribbon
Languages
English
Professional
Timeline
Security Control Assessor
FEDITC
10.2023 - Current
Information System Security Officer
US Army
11.2020 - 09.2023
Information System Security Officer
Zane Medical Group
07.2017 - 11.2020
Information Technology Specialist
Afrikfest
05.2015 - 04.2017
Master of Science in Information Technology -
CTU Colorado Springs
- Security+
- CySA+
- Network+
Similar Profiles
Kevin James Lamson JrKevin James Lamson Jr
Sr PC Technician at FEDITCSr PC Technician at FEDITC
Anitra EllisAnitra Ellis
Technical Support Specialist at FEDITC, LLCTechnical Support Specialist at FEDITC, LLC
ERICA HARPERERICA HARPER
Billing Analyst II at FEDITC, LLCBilling Analyst II at FEDITC, LLC