ERIC CHRISTIAN NYONGHA SEC+, CASP+, CISM

Reston VA 240-***-**** 703-***-**** ad3v29@r.postjobfree.com

US Citizen, TS/SCI Clearance in Process

OBJECTIVE:

Seeking an Information System or a Risk Analyst position in a growth-oriented Organization with focus on IT Security, System Security Monitoring, Risk Assessments, and Testing Information Technology Controls. Experienced IT Data Center Technician with emphasis on Server and links troubleshooting, monitoring and reporting. Analytical and detail-oriented problem solver with 10+ years overall IT experience. Self-motivated, comfortable taking initiative and working independently or in a Team with little or no supervision.

CAREER SUMMARY

A Cybersecurity specialist with six to seven years of hands-on experience leveraging industry leading Vulnerability Management tools (Qualys, Tenable.sc, Tenable.io, ServiceNow, ProcessUnity, OneTrust, BWise, Crowdstrike-Spotlight and Nessus Manager) to uncover and management enterprise both vulnerable on-prem and cloud systems. Experience in asset discovery, vulnerability analysis, assessments, risk management, system hardening, audit, compliance scans and mitigation activities.

FRAMEWORK/STANDARDS/TECHNOLOGIES

Nessus Tenable, Eye Retina, NMAP, WebInspect, MacAfee, IBM Appscan, CVE (XSS, CSRF, SQL Injection, DDOS, DOS), CWE and following OWASP, Oracle, Sybase, SQL Server, DB2, AWS, AZURE, O365, Google Cloud, PeopleSoft, VMware, Wireless Network, Mobile device, Cryptography policy and process, IRS Safeguards, NIST FIPS 140-2, cloud security alliance controls (CSA), NIST FISMA, FISCAM, SA&A (formerly known as C&A), RMF, FIPS 199 and DoD directives 8500 and 5200 series. NIST Special publication series 800-37, 800-39, 800-82 Rev.2, 800-30, 800-53 Rev.4, 800-53 Rev.5, 800-53A, 800-60, 800-171, 800-171A

EDUCATION

ESPRIT - Tunisia, Bachelor in Telecommunication Engineering - 2009

George Mason University, Continuing and Professional Education: Oracle Certification Training

CERTIFICATES

CompTIA Security+, CompTIA CASP+, ISACA CISM

ISACA CISA (Candidate), ISC2 CAP (Candidate), AWS SECURITY (Candidate)

TECHNICAL SKILLS

Use Tenable.sc and Tenable.io for asset discovery and end-to-end vulnerability management while creating custom templates, dashboards, and reports to help gain insight into the client’s most critical assets, reduced overall vulnerabilities per host, and help the organization remain secure and compliant, mostly using STIG or CIS Benchmarks for various platforms and technologies.

Provide prompt attention and visibility into risks, vulnerabilities, and issues serving as an escalation path for team member while driving actionable matrices and risk reports to Leadership.

Create, track resolve vulnerability RFI (Request for Information) and RFC (Request for Change) tickets through Service Now.

Configured option profile and schedule authentication scans in Qualys, Tenable.sc and Tenable.io

Performed both credentialed and non-credentialed scan using Qualys and Tenable

Configured credentials using authentication vault for authentication scans.

Created tags and asset group using Qualys and Tenable

Created both ad hoc and schedule report using custom templates in Qualys and Tenable

Created dashboards for both operational and executive reports in Qualys and Tenable

Setup policies for compliance, PCI and or audit scans in both Qualys and Tenable.sc

Configured EC2 Connectors in Qualys to scan AWS EC containers and bring EC2 real time data from the cloud for real time analysis.

Install and maintain Nessus agent on both endpoints.

Champion for vulnerability management and information security including broadening awareness and use of the team’s services, education of security best practices and integration with other business area.

Work with CISO to plan, develop, design, POA&M development and improve security principles, policies, and procedures to increase security awareness by training end users.

Excellent team player capable of productively contributing to the client mission by supporting fellow teammates in a dynamic growing and changing environment.

PROFESSIONAL EXPERIENCE

Panier Global LLC Ashburn, VA

Senior Vulnerability Management Supervisor June 2021 - Present

Configured option profile and schedule authentication scans in Qualys, Tenable.sc and Tenable.io

Performed both credentialed and non-credentialed scan using Qualys and Tenable

Configured credentials using authentication vault for authentication scans.

Created both ad hoc and schedule report using custom templates in Qualys and Tenable

Created dashboards for both operational and executive reports in Qualys and Tenable

Setup policies for compliance, PCI and or audit scans in both Qualys and Tenable.sc

Configured EC2 Connectors in Qualys to scan AWS EC containers and bring EC 2 real time data from the cloud for real time analysis.

Track and obtain CVEs data based on the newly zero day announced vulnerabilities and make this information available in a daily ThreatCon dashboard and notification that goes out to stakeholders.

Provide technical support for vulnerability management projects.

Provides analysis and validation post remediation, opportunities for improvements and out of the box thinking for optimizations and solving roadblocks.

Work with the Business owners to effectively communicate the risks of identified vulnerabilities and make recommendations regarding the selection of cost-effective security controls to mitigate identified risks.

Ensures scan results are presented in appropriate dashboards, reports, and forwarded to other data systems as necessary.

Interface with third-party vendors and other Conduent organizations in improving the overall scanning process.

Review vulnerabilities' data from multiple sources (i.e., external / internal penetration testing, internal / external vulnerability scanning, etc.) across multiple technologies and a changing environment including infrastructure and applications to determine risk rating of vulnerabilities to business assets.

Used Service Now and Trello board to intake and tract vulnerabilities resulting from vendors such as zero days, third party research tools and vendors (Hackers One, Microsoft), Internal pen test team, Nessus scan results and CrowdSrtike – spotlight.

Create templates on and perform active scans on Tenable.io.

Used Nessus scan results, CrowdStrike and CMDB (Configuration Management Database) for assets validation after vulnerability patch has been applied.

Reviewed organization security documentation, including Security Authorization Package (SAP), updated systems security plans (SSP).

Reviewed manual and technical assessment reports and documented findings in the Security Assessment Report (SAR).

Created and updated the System Security Plan based on SAR, RAR, and system boundaries, analyzed and mapped scan results to security controls NIST 800-53, generated the Plan of Actions and Milestone (POA&M) report based on the assessment and scan results, assembled the SAP package for signature.

Create outreach campaigns and perform follow-ups on Asset and business owners on vulnerabilities for remediation.

Perform remediation on internal host and rescan for verification while working with other teams for remediation action.

TEKSYSTEMS (Contractor) Falls Church, VA

Senior Threat and Vulnerability Analyst April 2019 – May 2021

Deployed, configured, and maintained agents in an enterprise environment and integration with Tenable.sc and Tenable.io

Performed system vulnerability assessment and scan using ACAS (Assura Assured Compliance Assessment Solution) including Nessus, PVS (Passive Vulnerability Scanner), 3D tools.

Performed enterprise-wide network scanning, agent scan, container including credential scan of Unix, Windows, Network devices and VMWare.

Installed and troubleshoot Nessus Agent by reviewing logs using UUID (universally unique identifier), agent services and tags.

Reviewed failed Tenable.io services to determine errors and provided recommendation for remediations.

Troubleshoot Teenable.io plugin issues by performing version control, installations and/or removal.

Maintained Tennable.sc system logs for debugging and maintained an audit trail of users who access Tenable.sc and performed functions such as changing passwords, recasting risks, or running Nessus scans.

Performed Security Accreditation Package (SAP) Quality Assurance Review (QAR) using Assessment and Authorization (A&A) checklist tool.

Worked with systems’ stakeholders to coordinate Security Test and Evaluation (ST&E) implementation.

Tested management, technical and operational controls using NIST 800-53A rev5, Organizational Defined Values (ODVs), Provided by Clients (PBC) and documented findings in the Security Assessment Report (SAR).

Working Knowledge of Federal Government Security Assessment and authorization (S&A) practices and regulations, FISMA NIST SP 800 series.

Created dynamic asset, dashboards, and scan reports for both technical and management teams.

Identified applicable STIGs (Security Technical Implementation Guides) for systems in accordance with NIST compliant standard.

Assigned STIGs to specific systems or areas within the branch internal database.

Participated in technical meetings with stakeholders: provided executive and operational report for prioritization.

Developed SOPs for security testing of baseline on tools such as IVAM (Information assurance vulnerability management), eMASS (Enterprise Mission Assurance Support Service).

Both Windows and Linus OS security patch scheduling and IAVM testing.

OUTSOURCE (Contractor) Tysons, VA

Cyber Threat Analyst Dec 2017 – March 2019

Conduct containment of compromised host and perform remediation effort.

Perform proactive remediation such as blocking and taken-downs malicious IOCs through RecordedFuture and Anomali

Use Service Now to track, categorize, and escalate tickets to the appropriate teams.

Create work notes templates that got integrated into Service Now to reduce ticket creation time and improve consistency across the team.

Review incident analysis and provide feedback to junior analyst.

Use Tanium to track and discover assets and end users during investigation.

Assist in suppressing false position through Splunk notables.

Perform lead role in threat detection and incident response activities.

Monitor, defend and protect perimeter interface for malicious network traffic using Splunk ES.

Provide threat intelligence and an additional line of defense against cyber-attacks and advanced persistent threats (APTs) using tools like Anomali threat stream and FraudWatch Security.

Collect and analyze security data to find potential anomalies in the security environment and eliminate any risks and vulnerabilities.

Use all three industry accepted methodologies such as Hypothesis-driven investigation, IOC-driven investigation, and Machine learning investigation to drive threat hunt efforts.

Perform dynamic analysis through Malware Code Analysis Platform (MCAP) to disseminate malware and observe behavior indicators.

Use packet sniffer tools such as Wireshark to capture packets and stores data for offline analysis.

Conduct additional investigations within the client area of responsibility for malicious activity or activity that could indicate lateral movement within the environment.

Perform network analysis of egress and ingress traffic to inform determination and recommendation during an investigation.

Contact this candidate