Joseph Atta Mokwah
573-***-**** Phone
*******@*****.***
EXPERIENCE
CITIBANK, Sioux Falls 03/2016-Present
The Judge Group- Information Security Support
Performing analysis, maintaining security requirements dealing with application authorization, ID provisioning and ID management to minimize access control issues and segregation of duty (SOD) concerns
Using established processes to promote security changes following documented procedures
Configuring and managing identity and access management tools
Contributing to the IAM Security Administration team meeting target SLA’s, audit compliance, and management defined performance metrics.
Monitoring all aspects of IAM processes for security violations.
Respond to incidents opened to the IAM Security Administration Team
Assist in establishing minimum security baselines according to risk level
Defining process for certifying that information systems meet minimum security requirements and for obtaining management authorization to operate an information system
Monitoring compliance with information security requirements and assist in deploying security controls
Implementing a program for provision of security awareness and training
Ensuring that services provided by third-parties adhere to information security policy
Involves in several phases of implementing application security
MISSOURI DEPT. OF CORRECTIONS, Jefferson City 01/2013-03/2016
SmartThink Ltd- IT Security Analyst
Held meetings with CISO and system stakeholders prior to assessment engagements.
Prepared and submitted Security Assessment Plan (SAP) to CISO for approval.
Used NIST SP 800-37 Guide in applying the Risk Management Framework to Federal Information Systems
Worked with the NIST SP 800-53 Security and Privacy Controls for Federal Information Systems.
Developed and conducted Contingency Plan and Test
Developed and updated system security plan (SSP), plan of action and milestone (POA&M).
Monitored controls post-authorization to ensure continuous compliance with security requirements.
Used vulnerabilities assessment tools such as Retina, Nessus and MBSA vulnerability scanners to detect potential risks on single and multiple assets across the enterprise network.
Created reports detailing the identified vulnerabilities and the step taken to remediate them.
Knowledgeable in Risk Assessment and Risk Management
JC CLEANERS, Jefferson City 09/2011-12/2012
Information Security Administrator
Analyzing and defining security requirements for a variety of IT issues.
Designing, developing and implementing solutions to IT security requirements at various levels of the agency’s System Development Life Cycle (SDLC).
Gathering, analyzing and organizing technical information about systems, existing security products and ongoing programs.
Performing risk analysis that also include risk assessments.
Performing vulnerability checks and assessment
ELECTRICITY CORPORATION OF GHANA, Accra 09/2008-1/2011
Junior Fraud Analyst
Assisted on projects, audits, and other tasks reviewed and conducted in-depth analysis on regulatory and legal changes that affected the company.
Prepared written reports and analyzed for compliance management.
Assisted on projects, audits, and other tasks as assigned. Managed projects required to implement regulatory and legal changes, which included the implementation of project goals, coordination of efforts between multiple departments and monitoring for effectiveness
Reviewed incoming leads to determine if further investigation is warranted.
Conduct independent reviews resulting from the discovery of situations that potentially involve fraud, waste, or abuse.
Utilize basic data analysis techniques to detect aberrancies in Medicare claims
Complete written referrals to the PI Supervisor as needed on potential investigations derived from complaint reviews.
Review information contained in standard claims processing system files (e.g., claims history, provider files) to determine provider billing patterns and to detect potential fraudulent or abusive billing practices
Make potential fraud determinations by utilizing a variety of sources such as the ZPIC internal guidelines
Compile and maintain various documentation and other reporting requirements
EDUCATION
Dakota State University, Madison, SD Exp. Graduation date Dec 2018
Master of Science, Information Assurance & Computer Security
Webster University, St. Louis, MO Dec 2016
Master of Art, Procurement & Acquisition
University of Ghana, Accra, Ghana
Master of Business Administration May 2008
Lincoln University, Jefferson City, MO
Bachelor of Science, Computer Information Systems Dec 2014
University of Ghana, Accra, Ghana May 2005
Bachelor of Arts, Humanities
PROFESSIONAL CERTIFICATION/TRAINING
CISSP - In progress.
Information System Security Management Training.
Certification and Accreditation Document Review Training.
Information Assurance Awareness Training.
Anti-Phishing Training
TECHNICAL SKILLS
Standards: COSO, COBIT 4.1, Sarbanes-Oxley Act, SAS-70, ISO 17799, NIST 800-Series, FIPS, FISMA, FEDRAMP
Software/Platform/Artifacts: MS Office Suite (PowerPoint, Excel, Access), Fips199, NIST 800-37
SORN, E-Authentication, PTA, PIA, RA, SSP, CP, CIPT, ST&E, SAR, POA&M, ATO, NIST 800-53A, ISA