RICHARD
BOSSMAN
ad415n@r.postjobfree.com 631-***-****
Corona, NY 11368
PROFESSIONAL SUMMARY
Risk Management Framework (RMF) Analyst /Security Compliance Specialist Dedicated and detail-oriented IT Security Analyst with over 10+ years of experience in Cybersecurity, Risk Assessments/Audits, and mitigation. Experienced in identifying and remediating vulnerabilities; eliminating critical control gaps and driving strategic security initiatives, with expertise in Ostrich Cyber Product, Collaborative team player and natural leader with proven success coaching junior analysts, meeting tight deadlines, and establishing improved processes. CORE STRENGTHS Information Security Risk Analysis & Remediation Security Controls Assessments Compliance Plans of Action and Milestones (POAM) Security Awareness Documentation Team Leadership Security Artifacts Vulnerability Scans & Tests Stakeholder Engagement Governance Coaching/Mentoring Reporting Security Information and Event Management Identity Access Management System Vulnerability Testing Threat Analysis Encryption/Decryption Firewalls Penetration Testing System Security Plan [SSP] Incident plans respond and putting up mitigation measures, Familiar with CIS & ISO 27001. ISO 27002, DIRA - Digital Identity Risk Analysis, NIST 800-53, FIPS 199, FIPS 200, NIST 800-171, NIST 800-53A, NIST 800-037, NIST 800-60,
NIST 800-137
SKILLS
Incident Response
Data Encryption
Patch management
Network Security
Multitasking
MS Office
Team building
Computer Skills
Organizational Skills
Self-Directed
Compliance Monitoring
Risk mitigation strategies
Risk Reporting
Legal Compliance
Vendor Risk Management
Cybersecurity Risk Assessment
WORK HISTORY
Risk Management Officer (RMF) Cyberisk Beyond Solution - Huntsville, AL 06/2020 - Current
Reduced risk exposure by analyzing and mitigating potential threats to the organization.
Streamlined risk assessment processes for increased efficiency and effectiveness in identifying vulnerabilities.
Established comprehensive risk management frameworks, ensuring organizational adherence to industry best practices.
Developed strong relationships with stakeholders, promoting a culture of open communication and continuous improvement in risk management efforts.
Compliance Specialist CyberTech Solutions - Allentown, PA 01/2018 - 06/2020
Enhanced company compliance by developing and implementing comprehensive policies and procedures.
Streamlined regulatory processes for improved efficiency and reduced errors, leading to better overall compliance.
Conducted thorough risk assessments to identify potential areas of non-compliance and recommended corrective actions.
Maintained strong relationships with regulators, promoting open communication and fostering a culture of transparency.
Assisted in the preparation of regular reports for senior management, detailing compliance activities and progress toward established goals.
Reduced instances of non-compliance through meticulous monitoring of internal controls and periodic audits.
Cyber Security Specialist Northwell Health System - New York, NY 03/2015 - 01/2018
Enhanced network security by implementing advanced threat detection and prevention tools.
Reduced cyber risks by conducting regular vulnerability assessments and penetration tests.
Increased employee awareness of cybersecurity best practices through comprehensive training programs.
Developed robust incident response plans to minimize damage from potential cyber-attacks.
Collaborated with IT teams to ensure secure implementation of new software applications and systems.
Maintained up-to-date knowledge of emerging threats, providing proactive solutions for potential vulnerabilities.
Junior Security Analyst Mount Sinai South Nassau - Oceanside, NY 11/2013 - 03/2015
Enhanced system security by conducting regular vulnerability assessments.
Improved overall security posture by staying abreast of emerging cyber threats and implementing appropriate countermeasures.
Managed patch deployment schedules to ensure timely updates of critical systems, reducing exposure to known vulnerabilities.
Reduced potential cyber threats through continuous monitoring of network traffic and analyzing logs for suspicious activities.
Implemented robust firewall rules and network segmentation to minimize unauthorized access and data breaches.
Collaborated with IT team members to develop comprehensive incident response plans, streamlining the process for handling cybersecurity events.
EDUCATION
New York University
Associate of Science: Cyber Operations and Warfare
University of Education-Winneba
Ghana
CERTIFICATIONS
CompTIA Security+
CompTIA Network+
Certified Information System Auditor (CISA)
HYPERLINKS
https://bold.pro/my/richard%2Dbossman%2D231124203056/266, Bold Profile