Leslie Olajuwon-Yakubu

Lanham, MD. *****

301-***-****

ac0z70@r.postjobfree.com.

US CITIZEN

OBJECTIVES

An Information System Security Analyst proficient in building security authorization packages using NIST Publications 800-53A, 800-**-***-**, 800-30, 800-37, FIPS 199, FIPS 200, OMB A-130 APP. III. Vast knowledge of Federal Information Processing Standards (FIPS) 199 System Categorization, System Security Plan (SSP), Security Assessment Plan (SAP), Plan of Action &Milestone (POA&M), Risk Assessment (Impact Analysis) and Contingency Planning.

PROFESSIONAL EXPERIENCES

Employer: Lolubyte IT Consultant.

Title: Information Security analyst

Duration: July 2013 – Present

Working in the capacity of an Information Security Analyst, working with a team responsible for Creating/developing authorization package, Maintaining, reviewing and updating Information Security System documentations, to include but not limited to System Security Plan (SSP), Plan of Action & Milestone (POA&M), Risk Assessment (RA), policies and procedures, security control baselines in accordance with NIST, FISMA guideline and system security monitoring practices.

•Develop and assess cyber security documentation for client information systems in accordance with FISMA, NIST Risk Management Framework, and departmental requirements.

•Participate in continuous monitoring activities.

•Address security concerns of those organizations related to the design, development, implementation, operation, and disposal of information systems and the environments in which those systems operate.

•Use the security control selection and specification process that are organized into eighteen (18) security control families.

•Identify and mitigate risks throughout assessment.

•Identify specific assurance-related controls that are included in the low-, moderate-, and high-impact baselines.

•Produce security evidence (artifacts) from developmental or operational activities.

•Participate in compliance related discussions (this includes a growing understanding of security control requirements).

•Work with customers to resolve concerns and explain how compliance is achieved.

•Coordinate the day-to-day activities required to deliver a project on time and within budget.

•Attend and participate in regular project meetings; deliver succinct and accurate status updates

Employer: Lolubyte IT Consultant.

Title: Information Security Compliance Analyst

Duration: Feb 2012 – July 2013

•Involved with developing, reviewing, maintaining, and ensuring all Assessments and Authorizations (A&A) documentation are included in system security package.

•Involved with developing, reviewing and updating policies and procedures, audit and compliance with but not limited to RMF, NIST and FISMA.

•Ensure Implementation of appropriate security control for Information System based on NIST Special Publication 800-53 rev 4, FIPS 200, and System Categorization using NIST 800-60, and FIPS 199.

•Review and update remediation on (POAMs), in organization's Cyber Security Assessment and Management (CSAM) system. Work with system administrators to resolve POAMs, gathering artifacts and creating mitigation memos, residual risk memos and corrective action plans to assist in the closure of the POA&M.

•Apply appropriate information security control for Federal Information System based on NIST 800-53A rev4, SP 800-53 rev4, FIPS 199, FIPS 200 and OMB A-130 Appendix III.

•Work with stakeholders and system application teams to conduct testing, interviews, and collection of artifacts relevant to assessment of security controls.

•Responsible for ensuring that Security Authorization packages such as System Security Plan (SSP), Plan of Action and Milestones (POA&M), Security Assessment Report (SAR) are maintained reviewed and updated in accordance to NIST guidelines.

•Participate in client interviews to determine the security posture of the System.

•Supported the Information Assurance (IA) team to conduct risk assessments, documentation for Security Control Assessment, vulnerability testing and scanning.

•Prepare and submit Security Assessment Plan (SAP) to CISO for approval.

•Develop and update Security Plan, Plan of Action and Milestones (POA&M).

•Monitor controls post authorization to ensure continuous compliance with the security requirements.

•Prepare and update the Security Assessment Report (SAR)

•Analyze and perform technical and non-technical security risk assessments of computer

and network systems via network scans, interviews, documentation review and walk-through of both new and existing federal information systems for FISMA compliance using NIST guidelines and controls.

•Conduct Risk Assessment on all system changes.

•Conduct policy development research and analyze information system issues.

•Re-assess remediated controls for effectiveness.

Employer: Lolubyte It Consultant.

Title: Linux System Administrator

Duration: July 2011-Feb 2012

Participated in team activities as a member of the Linux / UNIX System Administration.

Set up and administer user and groups’ accounts, setting permissions Web servers, file servers, firewalls, and directory services with ability to diagnose basic Apache Issues.

Build and installed multiple Linux machines.

System and Application troubleshooting and other related issues.

Provided management of system process in areas like boot process, startup and system shutdown.

Install, configure, maintain and administer Linux / UNIX operating systems and components. Diagnosed and resolved problems associated with DNS, DHCP, VPN, NFS, and Apache.

Disk management, and implementation of RAID levels using parted and mdadm

Planned and executed packages and updates installations necessary for optimal system performance.

Diagnosed and resolved problems associated with DNS, DHCP, VPN, NFS, and Apache.

Experienced with Linux family (Red Hat Enterprise Server, Cent OS, and VMware).

Experienced with inter networking using TCP/IP and maintaining network.

Installation and administering mail using Postfix (MTA)

Build, installed, configured Red Hat Linux servers in a data center environment.

Implement advance disk configuration such RAID 5 using Linux Software RAID program

Install new servers using kick-start installation & configuration method.

Monitoring of web servers using nagios monitoring tool.

Implementation of package management, FHS systems and LVM management.

Administered local and remotely servers on daily basis providing weekly status reports to management

Supporting data management through on-site & off-site storage and retrieval service.

Installation and configuration of puppet, and nagios monitoring tool.

Troubleshoot and resolve software and hardware problems, interface with vendor technical support to resolve problems and work with other technical staff on supporting their needs.

Respond to security alerts with risk evaluation and monitoring /report on unauthorized access attempts.

Monitor security logs to determine security problems.

Employer: My Heating and Cooling

Title: Computer Technician / IT consultant

Duration: August 2009- July 2011

Support person on Computer devices and peripherals sales, installations and configurations.

Installation and configuration of windows 95,98,2000 and XP in a client server environment.

Installation and configuration of printers on LAN.

Maintenance and Repairs of computers and Peripherals in a network environment.

Implementing Troubleshooting procedures in isolating local area network faults.

Assisted users with hardware and software installation. Provided technical support and documentation for Y2K issues, Applied and tested patches and service packs for Y2K on operating system and applications.

Build and test revised operating system configurations as necessary.

Document special procedures required for continuous operations of Systems.

Schedule vendor maintenance and services activities

Performing remedial hardware maintenance, new software and hardware upgrades.

Monitor security logs to determine security problems.

Optimize system performance by tracking daily system utilization, to determine if problems are imminent.

Monitor and provide daily reports on system performance to pinpoint performance bottlenecks and on an as needed basis, select various system options and parameters.

EDUCATION:

School: University of Maryland

Degree BS in Business administration and Finance, May 2016

GPA: 3.6

Degree Master in Information Technology

Expected Graduation: May 2018

Certifications:

Cert/ date: CompTIA Linux (Powered by LPI) April 2015 – present

License Number: COMP001020852783

Cert/date: VMware Certified Associate Data Center Virtualization April 2015 - present

License Number: 16454755-B41A-2BF4BA9015C8

Certified Authorization Professional CAP – In Progress

Contact this candidate