Samuel Obeney
Albany,New York
Summary
Detail-oriented Business Analyst with 7+ years of experience conducting analysis and research to come up with solutions to common business problems. Polished in formulating business improvement strategies and overseeing new technology and system implementation. Commercially-aware professional with in-depth knowledge of computing systems and project management techniques.
Overview
8
8
years of professional experience
3
3
Certification
Work History
Information Security Analyst
Department of Defense
New York
04.2019 - Current
- Support assessment and authorization activities, provide support to the operations department on security program analysis, and collaborate with stakeholders to identify opportunities for program improvement to reduce risk and increase compliance.
- Lead in developing core documents including System Security Plan, Contingency Plan, Incident Response Plan, Plan of Actions and Milestones, Remediation Plans, and Configuration Management Plan.
- Making decisions and recommendations significantly changing, interpreting and developing important public policies and programs.
- Maintained Plan of Action and Milestones and support remediation activities as well as review corrective action plans for internal control review with guidelines for security controls established by OMB and NIST
- Lead in writing and implementing department-related procedures for a successful ISO 9001 requirements in conformance with global/local policies, procedures, and industry standards
- Work with internal teams to provide remediation guidance and track remediation activities
- Use established methods to assess risk both qualitatively (impact/probability) to establish a risk rating and quantitatively to show the impact in dollars of a realized risk (SLE/ALE), and to determine the cost of addressing risk such that residual risk is at an acceptable level.
- Developed and implemented security policies and procedures.
- Monitored network traffic to detect suspicious activities or policy violations.
- Review applications vulnerability reports generated by the enterprise vulnerability monitoring tool for applications managed within the Business Service Technology organization
- Analyzed system logs and identified potential threats or risks.
- Implemented access control measures to protect information assets.
- Investigated security incidents and developed incident response plans.
- Assessed the effectiveness of existing security solutions and identified areas for improvement.
- Conducted regular risk assessments to identify vulnerabilities in systems, networks, applications and databases.
- Reviewed firewall to ensure compliance with organizational security policies.
- Maintained up-to-date knowledge of emerging cyber threats, attack vectors, malware trends.
- Configured firewalls according to best practices standards for secure data transmission.
- Participated in disaster recovery drills as part of business continuity planning.
- Developed strategies for responding to various types of attacks such as phishing emails or malicious websites.
- Developed risk management strategies to reduce or mitigate potential losses due to financial market fluctuations, operational issues, and legal liabilities.
- Manage and establish a governance process for governance documents and risk taxonomies for enterprise technology.
Compliance Analyst
Bank of America
Bronx, New York
01.2016 - 07.2019
- Reviewed and monitored compliance with applicable laws, regulations, and policies to ensure compliance with regulatory requirements.
- Monitored operational activities to identify areas of potential risk exposure.
- Provided guidance on legal issues related to products or services offered by the company.
- Monitored changes in legislation that could affect the organization's operations.
- Conducted periodic reviews of existing controls and identified gaps in control environment.
- Provided guidance on regulatory compliance requirements related to operational risk management.
- Documented key findings from investigations into potential instances of fraud or abuse within the organization.
- Identified trends in operational risk incidents and developed recommendations for improvement initiatives.
- Reviewed audit reports for accuracy and completeness prior to submission for review by senior management.
- Analyzed financial statements to assess creditworthiness of counterparties involved in high-risk transactions.
- Worked closely with other teams such as legal, compliance, finance, IT security, on matters pertaining to Operational Risk Management.
- Developed and led risk assessment projects to assess compliance with regulatory requirements, industry standards and operating procedures.
Education
Bachelor of Arts - Computer And Information Systems Security
CUNY Lehman College
The Bronx, NY08-2016
Skills
- POAM Management
- System Control testing and review
- Technical writing (Policies & Procedures)
- Vendor / Third party security review
- System Categorization & Control Selection
- Security and Risk Management
- Awareness and Training
- Disaster Recovery Planning
- Vulnerability Assessment
- Business Impact Assessment
- Risk Management & Mitigation
- Assessment & Authorization (A&A) process
- Disaster Recovery
- Incident Response
- Risk Mitigation
- Compliance Management
- Information Auditing
- Network Security
- Access Control
- Protecting Networks
Education Certification
- Bachelor of Science (BSc.), Computer Science, City University of New York- Herbert H. Lehman College, New York
- Military Training, Military Education, Fort Jackson, SC Ordinance School, Fort Lee, VA
- Military Education, Military Education, Fort Dix NJ Leadership Course, Fort Dix, NJ
- CompTIA Security+ Certified, CompTIA
- Certified Scrum Master (CSM)
Certification
- CompTIA Security+
- Certified Scrum Master (CSM)
- CISSP - Certified Information System Security Professional
Software Hardware Experience
Nessus, Web application Security, Cloud Security, Windows Security, GRC Risk Vision, One Trust, DNS, DHCP, Cisco Routers, Microsoft Active Directory, Switches, SNMP, SDM, MARS, Cisco Works LMS, Nagios, VMS
Clearance Level
Secret
References
References available upon request.
Timeline
Information Security Analyst
Department of Defense
04.2019 - Current
Compliance Analyst
Bank of America
01.2016 - 07.2019
Bachelor of Arts - Computer And Information Systems Security
CUNY Lehman College
Similar Profiles
Amber TomaszewskiAmber Tomaszewski
Administrative Assistant at Department of Defense - Defense Contract Management AgencyAdministrative Assistant at Department of Defense - Defense Contract Management Agency
Isabella Manzione DearbornIsabella Manzione Dearborn
Student Intern at Department of Defense - Defense Counterintelligence and Security AgencyStudent Intern at Department of Defense - Defense Counterintelligence and Security Agency
Roderick Balancio TolentinoRoderick Balancio Tolentino
TRANSPORTATION ASSISTANT at Department of Defense/Defense Logistics AgencyTRANSPORTATION ASSISTANT at Department of Defense/Defense Logistics Agency
Malik HeadenMalik Headen
Administrative Officer at Department of Defense, Defense Intelligence AgencyAdministrative Officer at Department of Defense, Defense Intelligence Agency
Samroon MasihSamroon Masih
Security Professional at Allied UniversalSecurity Professional at Allied Universal