Information Security Engineer
Resume:
MB
OBJECTIVE
Experienced IT Security Engineer with 16 years of expertise in Information security and network operations coupled with strong business, problem-solving, and negotiation skills. Seeking opportunities to leverage a Master of Business Administration and a Master of Information Security, along with recent entrepreneurship skills and certification achievements, to contribute to a dynamic organization.
SKILLS
Experienced Security Engineer with a background in numerous programs in Information Technology Governance.
Excellent business ethics, strong problem-solving, analytical capabilities, and negotiation skills in dealing with third-party vendors.
In-depth knowledge of procedures and disaster recovery Business continuity planning.
Knowledgeable in security policies, and compliances comprising HIPAA, NIST, CIS, ITIL
In-depth understanding of security compliance processes (PCI-DSS) and regulations such as SOX (Sarbanes Oxley), FERPA, GDPR, etc.
Hands-on experience with Security Information and Event Management (SIEM) tools.
vulnerability scanners and SIEM tools: Security Onion, Splunk, Snort, Wireshark.
Web Security WAP tools such as MacAfee Gateway, WSA, and Umbrella.
Knowledge of quantitative, qualitative, and hybrid risk assessment procedures.
Forensics tools FTK, FTK Imager; PTKR.
Multi-lingual: fluent in English, French, Creole, and intermediary level in Spanish.
MANASSE BONNY (MBA, MS, CISM, CISA)
INFORMATION SECURITY PROFESSIONAL www.linkedin.com/in/manasse-bonny-55911752.
EXPERIENCE
SECURITY ANALYST• BANK OF AMERICA (BOA) APEX: CONTRACTOR 10/2023-11/2023
Validated alerted Compliance risk issues by accessing Data Log storage using alerting (Splunk, Elastic, bank-developed tools)
Investigated to triage Log-based use cases and alert creation.
Communicated with both technology/development and business partners to strategize on a compliance plan with a background in Information Security or Cyber Security
Collaborated with stakeholders to translate between these two constituencies
Investigated with stakeholders how technology interacts with other technology (i.e., Application Log Data) to build use case parameters for the security team Developer to create new alerts.
LEAD INFORMATION SECURITY ANALYST • ZEKELMAN INDUSTRIES 05/2022 – 01/19/2023
Managed end-to-end security practices and procedures delivery, ensuring operational governance and regulatory compliance.
Developed and implemented Security policies and procedures resulting in a 30% decrease in security incidents.
Led a group of 5 to analyze system/application event logs to detect vulnerabilities or malicious activity.
Investigated security incidents to determine root causes and remediation tactics for all security events.
Monitored and investigated suspicious activity and IOCs.
Performed Patch Management user and system access reviews.
Managed daily operation investigation while tuning and optimizing cybersecurity tools such as EDR, Microsoft Sentinel (SIEM), and Tenable for regular testing.
Provided coaching/training/problem-solving assistance to junior analysts.
Oversaw security awareness campaigns ensuring 100% employee participation.
Participated in all incident response tabletop exercises, business continuity/disaster recovery testing, penetration testing, and other compliance activities and tracked the progress of identified remediations.
Helped design, build, and coordinate the Vendor Risk Management function.
Enforced adherence to regulatory compliances to protect data entrusted to vendors.
Helped Leadership maintain risk management practices across multiple domains such as financial, business continuity, compliance, and information security.
Translated business requirements for the product team and conducted peer reviews to ensure that specifications were correctly interpreted to adhere to policies and standards.
Mentored and guided engineering/governance teams in support of day-to-day operations.
Assessed security profiles for new or emerging technologies.
Stayed up to date with emerging cybersecurity threats.
Maintained detailed records of security incidents, investigations, and remediation actions.
Provided advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation plans.
Coordinated asset management activities and third-party vendors to control risk.
Helped leaders drive compliance of global business units with Continuity Management activities allied with IT Governance, Risk Management, and Compliance Programs.
Assessed processes to identify gaps in business processes and assisted in the design and documenting processes to drive compliance according to business objectives.
Collaborated with business teams across the organization to execute Business Continuity Management plans, extending processes as necessary to help business partners sustain confidentiality, availability, and integrity while managing risks to an acceptable level.
Evaluated the state of Business Continuity (BC) and Disaster Recovery (DR)planning within assigned departments and helped facilitate the improvement/maintenance of the plans, considering best practices, industry standards, and critical focus areas.
Implemented and maintained the Business Continuity Automated Notification system.
Ascension Health/ AMITA Health 05/2020-2022 System Analyst
Maintained and improved the BC/DR document repository.
Identified changes required to improve BC/DR plans and validated those changes with live tests and tabletop exercises in various areas of the organization.
Organized annual BC/DR Plan reviews to ensure necessary documentation was current.
Collaborated with teams to ensure the plans were viable and met Internal Audit and regulatory compliance obligations.
Executed automated documentation training for team members.
Identified maturity options for the DR roadmap in coordination with other analysts.
Collaborated with stakeholders to determine recovery point objectives (RPOs) and recovery time objectives (RTOs) for critical applications.
Created and supported documentation for Business Continuity and Disaster Recovery procedures and determined escalation paths with the stakeholders.
Developed and maintained BC/DR training programs for all departments and locations.
Conducted periodic call notification tests with all departments.
Maintained the BC Intranet and other communications channels and repositories.
Provided inputs to the continuity management processes in developing controls needed to mitigate risks for applications that are not compliant with policies.
Worked collaboratively to influence and socialize strategies, standards, policies, procedures, communications & governance.
Coordinated deployment and measurement of security awareness efforts across units
Aligned Associates’ individual goals with team goals.
Served as subject matter expert providing advice to stakeholders regarding compliance with applicable frameworks ISO 22301, 27001, CIS, CSC, NIST, and NIST SP 800-53.
AMITA Health -- Presence Health 08/2017-2020 Security Engineer – Governance
Responsible for the timely resolution of Security incidents.
Worked directly with the ServiceNow Strategy & Support team to monitor the overall performance of services and timelines to deliver the service packages.
Served as a point of escalation for less experienced associates.
Maintained the system operations following all regulatory requirements, primarily focusing on confidentiality, HITRUS, and HIPAA Security Regulations.
Solved issues related to various IS Security domains: Disaster Recovery, Identity and Access Management, network/system security, system hardening, security principles, protocols, techniques, and technologies (e.g., TCP/IP, Web security, Access gateways, email security, network/system security, firewalls, identity management, Active Directory, group policies, threats investigations, packet analysis, etc.
Created/implemented security standards, policies, and procedures.
Planned and coordinated security activities to safeguard company assets.
Participated in knowledge sharing with other associates and developed solutions.
Helped develop and implement internal and external business security solutions.
Collaborated with Senior engineers to configure new security technologies.
First-hand contact for HR litigation issues (Release/admission).
Responsible for the timely resolution of problems and incidents in the security environment.
Led technology processes and procedures to be documented.
Analyzed and evaluated Security operations issues to identify risks/opportunities.
Configured new application security technologies with vendors.
Communicated changes within the IT infrastructure to all affected parties proactively.
Followed and documented strict testing and deployment methodologies for auditing.
Troubleshooted all Security issues with clients to provide appropriate solutions.
Managed Business Plan for Disaster recovery through Selm Catalyst (Cloud SaaS).
Evaluated third-party vendors’ projects through a security checklist as part of the Security Governance Capacity, Configuration, and Architecture Management.
Supervised the installation/maintenance of all security systems.
Managed system capacity using monitoring tools and statistical analysis through research
Collaborated with teams to maintain and support the SOC 24/7.
Presence Health 10/2016-08/2017 Senior Information Security Analyst
Provided IT recommendations to leaders and assisted in creating and revising policies for incoming event queues using security Event management tools (SIEM).
Collected, analyzed, investigated, and reported on relevant Cyber threat intelligence or other actionable security information in collaboration with different departments.
Resolved/created tickets daily security issues in the SOC.
Identified, categorized, prioritized/investigated correlated events.
Performed investigation and triage of events and incidents and escalated if necessary.
Researched and provided technical expertise in the implementation of hardware/software.
Collected Data and analyzed them to determine security needs.
Tuned/optimized SIEM infrastructure to capture relevant/required security.
Provided leadership, direction, coordination, and training to Junior technical staff.
Researched and advised about unknown hardware and software vulnerabilities.
Prepared reports and made presentations on internal investigations for losses, or violations of regulations, policies, and procedures.
Halfaker: US Department VA – SOC: Security Operation Center 05/2015-10/2016 Network Administrator
Configured Cisco routers/switches/firewall rules via command line interface and incorporated them in the VA network according to network standards.
Worked with multi-area OSPF, BGP, and MPLS environments.
Established solid and secure site-to-site VPN connections via Cisco firewalls.
Troubleshooted VPN Gateways connection and Citrix environment with Client.
Manipulated Firewall rules Recertification upon security request.
Decommissioned IP/Firewall security Rules from requirements.
Created/applied new ACL rules upon the client’s request.
Assisted in evaluating, configuring, and maintaining network security devices such as Cisco firewalls, VPN (Virtual Private Network), and ASA.
Resolved several network security tickets daily.
Used NOM, SolarWinds, and Splunk to monitor and analyze Network and security alerts.
Participated in technical reviews and recommended solutions for improvements.
Provided outstanding client service for the hospital environment.
Maintained updated documentation of network configurations and Systems diagrams.
EDUCATION
William Woods University, Fulton, MO – MBA (2022). GPA 3.9
Lewis University, Romeoville, IL – Master of Science Information Security (2012). GPA 3.7
DeVry University, Addison, IL – Bachelor of Science in Computer Information Systems (2007). GPA 3.3
CISM (Certified Information Security) Certification in Oct 23
CISA (Certified Information System Auditor) December 2023
ACE Forensic: Access Data Certified Examiner (2012)
VOLUNTEER EXPERIENCE OR LEADERSHIP
Founder/Owner of BonnyM Investment LLC – January 2023
Successfully establish an independent real estate business venture.
Surmount challenges to make the business fully operational within eight months.
Acquire valuable skills in entrepreneurship, business management, and strategic decision-making.
Manage property’s financial operations, including rent collection, invoicing/budgeting
Monitor and analyze property expenses and income, identifying cost savings and revenue enhancement opportunities. Schedule and supervise contractors and maintenance staff as needed to address repair issues promptly
Conduct regular inspections of units and common areas of buildings to identify maintenance needs and ensure compliance with safety standards.
Devote time to self-study from January to October and obtained two Certificates
CFN (CALEB FINANCIAL NETWORK)
Manage the Real Estate line of Business to acquire Buildings in the range of $1.2-$1.5 million with an assumption of a 30% down payment and cash flows
Create an LLC structure and fundraising programs touching interested partners (20 at least).
Research and Identify Opportunities
Gather Information on the State of Intervention
Presiding the After/Happy Hours Activities
Contact this candidate