Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Seth Agyemang

Columbia,U.S

Summary

Information Security Specialist with a passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security frameworks for cloud-based software and on-prem security systems. Versed in robust network defense strategies. Subject Matter Expert in FISMA/RMF, FedRAMP and NIST 800 series .

Overview

7
7
years of professional experience
1
1
Certification

Work History

Senior Information Security Analyst

Minerva Security Services
Frederick, MD
01.2022 - Current
  • Ensure systems are operated, maintained, and disposed of by security policies and procedures
  • Prepare system documentation for assessment using Risk Management Framework (RMF) and NIST Special Publication (800-37, 800-53, and others)
  • Implement baseline changes under tech lead oversight
  • Review audit logs
  • Conduct vulnerability scans and review results for compliance
  • Monitor POA&M status
  • Analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives
  • Provide oversight on security as it relates to different architecture models: microservices, traditional application
  • Engage system owners and program managers to understand their gaps and needs
  • Prepare and present Vulnerability Reports that highlight problem areas that require attention along with recommended corrective actions
  • Present to stakeholders Federal requirements that affect IT security policies and procedures and perform documentation updates as necessary
  • Develop, organize, implement, and maintain IT systems security awareness, role-based, and/or professional training programs to ensure security of all components and system infrastructure
  • Monitor various dashboards and scorecards to ensure department follows all applicable laws and regulations.
  • Conducted security audits to identify vulnerabilities
  • Monitored use of data files and regulated access to protect secure information
  • Draft security reports and metrics to track security performance and strategize improvements
  • Implement security measures to reduce threats and damage related to cyber attacks

Information System Security Officer

U.S Army/Department of Defense
05.2018 - 12.2021
  • ,Recommended improvements in security systems and procedures
  • Performed security assessment for FedRAMP cloud based services
  • Conducted security audits to identify vulnerabilities
  • Performed risk analyses to identify appropriate security countermeasures
  • Strengthened communication skills through regular interactions with stakeholders
  • Exercised leadership capabilities by successfully motivating and inspiring others
  • Designed company-wide policies to bring operations in line with Center for Internet Security (CIS) standards
  • Developed and maintained incident response protocols to mitigate damage and liability during security breaches
  • Drafted security reports and metrics to track security performance and strategize improvements
  • Developed, tested and implemented security policies, plans and procedures for organizational protection
  • Educated and trained users on information security policies and procedures
  • Applied effective time management techniques to meet tight deadlines

Security Control Assessors

Cyber Beyond Solution Inc
08.2017 - 02.2018
  • Conducted categorization to identify required impact level for information systems
  • Developed and reviewed system security plan implementation statement
  • Served in advisory capacity on systems alignment with NIST Cyber Security Framework (CSF)
  • Reviewed system security documentation to accommodate changes to policy or technology
  • Evaluated certification documentation and provided written recommendations for accreditation to government PMs
  • Assessed system changes to identify operational needs that could affect accreditation
  • Developed, maintained, and managed Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), and other relevant security documentation for existing and new systems
  • Reviewed proposed change requests related to system design/configuration and performed security impact analysis (SIA) to provide approval or denial recommendations
  • Implemented and managed Security Controls under current revision of NIST 800-53
  • Perform vulnerability/risk assessment analyses to support Assessment & Authorization (A&A) activities
  • Provide continuous monitoring to enforce client security policy and procedures and create processes that provide increased visibility to system owners on impacts on security posture of systems
  • Develop, maintain, and facilitate appropriate closure of POA&Ms and any related remediation activities

Education

Master of Science - Statistics

University of Akron
Akron, OH
09.2016

Bachelor of Science - Applied Mathematics

University of Cape Coast
Ghana
08.2009

Skills

  • FISMA Compliance
  • FedRAMP
  • Security Control Assessment
  • Vulnerability Management
  • NIST 800-Series documents & NIST SP 800 - 171
  • Security System documentation development
  • Cloud Security (AWS, GCP, Azure)
  • Vulnerability Analysis & Report
  • Developing Security Plans
  • Data Security
  • Regulatory Compliance

Certification

  • CompTIA Security + Certified
  • Cyber Security Compliance Framework and System Administration (IBM)
  • CISM

Timeline

Senior Information Security Analyst

Minerva Security Services
01.2022 - Current

Information System Security Officer

U.S Army/Department of Defense
05.2018 - 12.2021

Security Control Assessors

Cyber Beyond Solution Inc
08.2017 - 02.2018

Master of Science - Statistics

University of Akron

Bachelor of Science - Applied Mathematics

University of Cape Coast

Similar Profiles

CREATE PROFILE
Seth Agyemang