Zillah Attah-Poku
Summary
* Guide an Information system successfully through the Risk Management Framework (RMF) Assessment and Authorization processes to obtain ATO by using federal security policies, standards and guidelines including NIST 800-18, NIST 800-30, NIST 800-37 Rev2, NIST 800-60 v2 rev1, NIST 800-53/53A and FIPS 199 & 200.
* Conduct kickoff meeting to collect systems information (information type, boundary, inventory, etc), assign the appropriate security categorizations to the information systems based on NIST SP 800-60 and FIPS 199.
* Knowledge of System Development Life Cycle (SDLC), Assessment and Authorization (A&A) processes. Security Control Assessment (SCA), Vulnerability Assessment, emerging security policy, governance and continuous monitoring technologies and information Security best practices.
* Knowledge of Federal ad international regulatory bodies such as Office of Management Budget (OMB), FISMA Reports and FedRAMP.
* Experience in the development of ATO Package Documents such as System Security Plans (SSP), Security Assessment Report (SAR), Security Assessment Plan (SAP), Plan Of Action and Milestone (POA&M), Contingency Plans (CP), Incident Response Plans (IRP), Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), System of Records Notice (SORN), and Configuration Management.
* Self-motivated, ability to multi-task, work independently and as part of a team and able to work in a fast-paced, deadline-driven, remote environment.
* Strong Innovative, analytical, quantitative, organizational, planning, an excellent communication skills.
Overview
6
6
years of professional experience
1
1
Certification
Work History
Information System Security Officer
Softafrique Group
08.2022 - Current
- Enhanced network security by implementing robust threat detection and prevention systems.
- Conducted regular risk assessments for proactive identification and mitigation of potential vulnerabilities.
- Managed incident response processes, ensuring timely resolution and minimal business impact.
- Developed comprehensive security policies, procedures, and training materials to strengthen organizational security posture.
- Collaborated with IT teams to integrate security best practices into system development and operations.
- Maintained compliance with industry standards such as HIPAA, GDPR, ISO 27001, and NIST by enforcing strict protocols and controls.
Information Security Analyst
Softafrique Group
06.2020 - 07.2022
- Strengthened network security by conducting regular risk assessments and implementing appropriate countermeasures.
- Enhanced system protection by designing and deploying intrusion detection systems.
- Reduced vulnerabilities by performing thorough penetration testing on a regular basis.
- Increased organizational resilience with the development of comprehensive disaster recovery plans.
- Streamlined threat monitoring processes for quicker identification of potential risks.
Computer Helpdesk Support
Softafrique Group
09.2018 - 06.2020
- Enhanced customer satisfaction by efficiently troubleshooting and resolving technical issues for computer users.
- Streamlined helpdesk processes, resulting in reduced wait times and increased productivity for end users.
- Developed comprehensive knowledge base articles to facilitate quick resolution of common issues, improving overall support efficiency.
- Collaborated with IT team members to identify trends and develop proactive solutions for recurring problems.
- Implemented ticketing system improvements that led to more accurate tracking of support requests and faster response times.
Education
Associate of Applied Science - Biology And Information Systems
Union County College
Cranford, NJ12.2019
Skills
- Risk Assessment & Management
- Security Assessment & Authorization (A&A Process)
- POA&M & Vulnerability Management
- System Security Documentation
- System Monitoring & Regulatory Compliance
- Nessus Scans
- Software: MS Office (Word, Excel, Powerpoint, Access, Outlook), Windows 10
Certification
* COMPTIA Security+ in progress
* Certified Authorization Professional (CAP) in progress
Timeline
Information System Security Officer
Softafrique Group
08.2022 - Current
Information Security Analyst
Softafrique Group
06.2020 - 07.2022
Computer Helpdesk Support
Softafrique Group
09.2018 - 06.2020
Associate of Applied Science - Biology And Information Systems
Union County College
Similar Profiles
Kwame Omari-DaddeyKwame Omari-Daddey
Customer Service Representative at Softafrique LLCCustomer Service Representative at Softafrique LLC
Sheng WangSheng Wang
Senior Data Scientist/Algo Solution PIC at Daraz Group (Alibaba Group - Alibaba International Digital Commerce Group)Senior Data Scientist/Algo Solution PIC at Daraz Group (Alibaba Group - Alibaba International Digital Commerce Group)
Timothy MooreTimothy Moore
Sales Manager at Retail Sales Group, Vanguard GroupSales Manager at Retail Sales Group, Vanguard Group
Gabriel R. HernandezGabriel R. Hernandez
INFORMATION SYSTEM SECURITY OFFICER/SYSTEM ADMIN(3D073/1D771Q) at United States Air Force National Guard- 162nd Air BaseINFORMATION SYSTEM SECURITY OFFICER/SYSTEM ADMIN(3D073/1D771Q) at United States Air Force National Guard- 162nd Air Base
Doreen CrawfordDoreen Crawford
Information System Security Officer at Avint LLCInformation System Security Officer at Avint LLC