Security Information Systems

Joseph Atta Mokwah

573-***-**** Phone

*******@*****.***

EXPERIENCE

CITIBANK, Sioux Falls 03/2016-Present

The Judge Group- Information Security Support

Performing analysis, maintaining security requirements dealing with application authorization, ID provisioning and ID management to minimize access control issues and segregation of duty (SOD) concerns

Using established processes to promote security changes following documented procedures

Configuring and managing identity and access management tools

Contributing to the IAM Security Administration team meeting target SLA’s, audit compliance, and management defined performance metrics.

Monitoring all aspects of IAM processes for security violations.

Respond to incidents opened to the IAM Security Administration Team

Assist in establishing minimum security baselines according to risk level

Defining process for certifying that information systems meet minimum security requirements and for obtaining management authorization to operate an information system

Monitoring compliance with information security requirements and assist in deploying security controls

Implementing a program for provision of security awareness and training

Ensuring that services provided by third-parties adhere to information security policy

Involves in several phases of implementing application security

MISSOURI DEPT. OF CORRECTIONS, Jefferson City 01/2013-03/2016

SmartThink Ltd- IT Security Analyst

Held meetings with CISO and system stakeholders prior to assessment engagements.

Prepared and submitted Security Assessment Plan (SAP) to CISO for approval.

Used NIST SP 800-37 Guide in applying the Risk Management Framework to Federal Information Systems

Worked with the NIST SP 800-53 Security and Privacy Controls for Federal Information Systems.

Developed and conducted Contingency Plan and Test

Developed and updated system security plan (SSP), plan of action and milestone (POA&M).

Monitored controls post-authorization to ensure continuous compliance with security requirements.

Used vulnerabilities assessment tools such as Retina, Nessus and MBSA vulnerability scanners to detect potential risks on single and multiple assets across the enterprise network.

Created reports detailing the identified vulnerabilities and the step taken to remediate them.

Knowledgeable in Risk Assessment and Risk Management

JC CLEANERS, Jefferson City 09/2011-12/2012

Information Security Administrator

Analyzing and defining security requirements for a variety of IT issues.

Designing, developing and implementing solutions to IT security requirements at various levels of the agency’s System Development Life Cycle (SDLC).

Gathering, analyzing and organizing technical information about systems, existing security products and ongoing programs.

Performing risk analysis that also include risk assessments.

Performing vulnerability checks and assessment

ELECTRICITY CORPORATION OF GHANA, Accra 09/2008-1/2011

Junior Fraud Analyst

Assisted on projects, audits, and other tasks reviewed and conducted in-depth analysis on regulatory and legal changes that affected the company.

Prepared written reports and analyzed for compliance management.

Assisted on projects, audits, and other tasks as assigned. Managed projects required to implement regulatory and legal changes, which included the implementation of project goals, coordination of efforts between multiple departments and monitoring for effectiveness

Reviewed incoming leads to determine if further investigation is warranted.

Conduct independent reviews resulting from the discovery of situations that potentially involve fraud, waste, or abuse.

Utilize basic data analysis techniques to detect aberrancies in Medicare claims

Complete written referrals to the PI Supervisor as needed on potential investigations derived from complaint reviews.

Review information contained in standard claims processing system files (e.g., claims history, provider files) to determine provider billing patterns and to detect potential fraudulent or abusive billing practices

Make potential fraud determinations by utilizing a variety of sources such as the ZPIC internal guidelines

Compile and maintain various documentation and other reporting requirements

EDUCATION

Dakota State University, Madison, SD Exp. Graduation date Dec 2018

Master of Science, Information Assurance & Computer Security

Webster University, St. Louis, MO Dec 2016

Master of Art, Procurement & Acquisition

University of Ghana, Accra, Ghana

Master of Business Administration May 2008

Lincoln University, Jefferson City, MO

Bachelor of Science, Computer Information Systems Dec 2014

University of Ghana, Accra, Ghana May 2005

Bachelor of Arts, Humanities

PROFESSIONAL CERTIFICATION/TRAINING

CISSP - In progress.

Information System Security Management Training.

Certification and Accreditation Document Review Training.

Information Assurance Awareness Training.

Anti-Phishing Training

TECHNICAL SKILLS

Standards: COSO, COBIT 4.1, Sarbanes-Oxley Act, SAS-70, ISO 17799, NIST 800-Series, FIPS, FISMA, FEDRAMP

Software/Platform/Artifacts: MS Office Suite (PowerPoint, Excel, Access), Fips199, NIST 800-37

SORN, E-Authentication, PTA, PIA, RA, SSP, CP, CIPT, ST&E, SAR, POA&M, ATO, NIST 800-53A, ISA

Contact this candidate