YAWO KONDO

Walden University

08.2021 - Current

Educate students on cybersecurity principles, data protection, and compliance standards, including HIPAA
Conduct research on emerging cybersecurity threats, contributing to the advancement of knowledge in the field
Teach cybersecurity courses with a focus on data loss prevention and HIPAA regulations
Conducted research in vulnerability management and published articles in reputable journals
Mentored students in cybersecurity projects, fostering a solid understanding of industry best practices
Prep students to obtain cybersecurity certifications such as CompTIA SEC+, and CEH
Provide examples of gained experience to help prepare students for their daily duties as a SOC analyst, IT Security analyst, or cloud security analyst.

University of Maryland

03.2018 - Current

Develop processes and procedures to identify risks, implement remediation plans, and reduce organizational risk across the enterprise
Manage the organization-wide execution of IT risk strategies, incorporating changes to environmental practices while adhering to standards and regulations for critical systems and core infrastructure
Provide consultation to drive the implementation of a Risk Assessment process and remediation plans for sustainable organizational execution
Conduct IT security due diligence, 3rd-party risk assessments, gap analysis, and author comprehensive risk reports
Ensure the remediation of identified weaknesses from vulnerability scans following the organization's defined time frames
Prepare recommendation reports for system owners to address identify vulnerabilities during the risk assessment
Review and maintain Segregation of Duties (SOD) in all applicable environments.

Lausey Technology

03.2018 - 01.2021

Oversaw the security posture for one or more system(s) throughout the entire lifecycle; provides continuous monitoring through scheduled audits, controls testing, and audit reviews, and escalates issues as needed
Collaborated with clients to assess their cybersecurity needs and provide tailored solutions
Conducted HIPAA compliance audits and implemented measures to ensure the confidentiality and integrity of healthcare data
Developed and executed comprehensive vulnerability management programs, reducing the risk of security breaches
Monitored and analyzed security alerts to identify and mitigate potential data loss incidents
Implemented and maintained data loss prevention tools and technologies
Conducted risk assessments and vulnerability scans, providing actionable insights for risk mitigation
Assisted in implementing DLP solutions, analyzing security logs, and responding to incidents
Conducted risk assessments and contributed to the development of security policies.

Cheryl Health

Collaborated with various groups within the organization, serving as a Security Project Manager, managing and leading the development and/or implementation of security-focused solutions
Maintained a deficiency dashboard and monitored the status of remediation efforts to ensure completeness
Participated in developing an engagement letter, documenting and confirming the external auditor's acceptance, the objective and scope of the audit, the extent of the auditor's responsibilities to the company, and the acceptable form of reports
Conducted security assessments and audits for government and private sector clients, evaluating their compliance with various regulatory frameworks, including NIST SP 800-53 and FedRAMP
Developed and implemented information security policies, procedures, and controls for clients to enhance their overall security posture
Assisted clients in achieving and maintaining compliance with federal information security requirements
Conducted vulnerability assessments and penetration tests to identify security vulnerabilities and provide recommendations for mitigation.

Summary