Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Solange Ngoh

Upper Marlboro,MD

Summary

Results-driven Cybersecurity and GRC Analyst with 7+ years of experience supporting federal systems across NIST 800-53, FedRAMP, ISO/IEC 27001, and CMMC frameworks. Skilled in vulnerability management, risk assessment, cloud security posture management, and audit coordination. Hands-on experience securing and monitoring Azure AD, Microsoft Defender, Intune, and Microsoft 365 Security environments. Adept at bridging governance, compliance, and technical controls through evidence-based reporting, automation, and continuous monitoring.

Overview

9
9
years of professional experience
1
1
Certification

Work History

Information System Security Officer (ISSO)

TekGlobal LLC
01.2021 - Current
  • Led implementation of NIST RMF lifecycle for multiple federal systems; maintained ongoing authorization packages (SSP, SAR, POA&M) achieving 100% compliance for annual A&A reviews.
  • Coordinated patch management and vulnerability remediation with System Administration via Nessus Pro and PDQ Deploy, reducing critical findings by 30% within a quarter.
  • Supported ISO 27001 and CMMC L2 audits by aligning control evidence, resulting in successful external certification reviews.
  • Administered and monitored Azure Defender and M365 Security Center, implementing Conditional Access Policies, MFA enforcement, and endpoint hardening.
  • Developed PowerShell scripts to extract Nessus findings and generate compliance evidence reports for executive dashboards.
  • Responded to IAVAs, DISA Tasking Orders, and DCISE alerts, analyzing exposure and coordinating mitigations.
  • Provided input on secure system architecture design and configuration baselines aligned with FedRAMP and ISO 27001 controls.

Information Systems Security Officer

E-Talent Network INC
09.2018 - 12.2020
  • Created FIPS 199 system categorizations and developed ATO packages (SSP, RAR, SAP, POA&M) aligned with NIST SP 800-53 Rev 5.
  • Performed continuous monitoring and vulnerability assessments; implemented corrective actions to maintain FISMA compliance.
  • Conducted risk assessments and updated the Security Assessment Plan and Rules of Engagement, reducing residual risk scores across three systems.
  • Supported Web Application Security Testing and coordinated with developers to mitigate OWASP Top 10 issues.
  • Delivered weekly risk and compliance status reports to leadership, ensuring transparency and traceability of all findings.

Front Desk Specialist

Integrated Community Services
01.2017 - 07.2018
  • Managed client scheduling and administrative coordination for 200+ appointments per month while maintaining confidentiality and customer satisfaction.

Education

Bachelor of Science - Cybersecurity

University of Maryland Global Campus
Hyattsville, MD
05-2025

Skills


    NIST 800-53 Rev 5 , RMF (800-37 r2) , FedRAMP , CMMC , ISO 27001 , A&A Packages , SSP , SAR , POA&M , ISMS , SOA , Audit Support


    Azure Security Center , Defender for Cloud , Microsoft Sentinel , Azure AD , M365 Security , Conditional Access , RBAC , Intune MDM , Vulnerability Remediation , Incident Response


    Tenable Nessus , AlienVault (USM/OTX) , ServiceNow , SysAid , PDQ Inventory / Deploy , Jira , PowerShell , Python (basic scripting)

Certification

CORE QUALIFICATIONS

CompTIA Security +
CompTIA CySA +
AWS Certified Security – Specialty (in progress, expected Nov 2025)



• Excellent written & verbal communication skills
• Strong analytical and problem-solving abilities
• Works independently and collaboratively in team environments
• Highly organized and deadline-driven

Timeline

Information System Security Officer (ISSO)

TekGlobal LLC
01.2021 - Current

Information Systems Security Officer

E-Talent Network INC
09.2018 - 12.2020

Front Desk Specialist

Integrated Community Services
01.2017 - 07.2018

Bachelor of Science - Cybersecurity

University of Maryland Global Campus

Similar Profiles

CREATE PROFILE