Post Job Free
Sign in

Risk Management Machine Learning

Location:
Oxon Hill, MD
Posted:
October 12, 2023

Contact this candidate

Resume:

Collins Djeukui

**** ****** **, **** **********, MD 20744

Email: *********@*****.*** Phone: 301-***-****

Professional Profile

IT Security Analyst with 16 years of experience performing research, analysis, and troubleshooting to identify, resolve, and explain complex security issues.

Cybersecurity, Incident Management, and IT compliance support across the Enterprise Infrastructure

Cybersecurity capabilities and risk management to ensure network and IT systems are protected against cyber-attacks and malicious intrusion.

Cybersecurity capabilities and risk management in line with the Systems Engineering Life Cycle and consistent with technical requirements to ensure network and IT systems are protected against cyber-attacks and malicious intrusion.

Security policies interpretation and implementation requirements to ensure confidentiality, integrity, availability of information, systems, and network.

Performed research, analysis, and troubleshooting to identify, resolve, and explain complex security issues to members of the company.

Security Assessment and Authorization (SA&A) professional knowledgeable in Risk Management Framework (RMF), Systems Development Life Cycle (SDLC), security life cycle and vulnerability management using FISMA, and applicable NIST standards.

Implemented the Continuous Monitoring process of the RMF to perform a near real-time risk management and continuous information systems authorization.

Working knowledge of different Operating Systems such as Linux, and Windows

Possessed a unique combination of technical abilities, communication skills, and ability to multitask that allow me to collaborate with end-users or business.

Great attention to detail, and ability to work effectively as a team member with excellent communication, strong analytical and collaborative skills.

Highly motivated, organized and results and detail-oriented with excellent interpersonal, communication and presentation skills

Cloud Specialist

AWS architect

Technical Skills

Security Technologies: FireEye, IronPort, Sourcefire, McAfee Web Gateway, Splunk, Splunk Express, McAfee DLP, Nessus Security Center, Nmap, Wireshark, IDS/IPS; Log Management, Anti-Virus Tools; (Norton, Symantec).

Application: MS Office (Word, Excel, Outlook, PowerPoint, Access); Wireshark, NMAP, Nessus, ArcSight, SharePoint, Nessus, VMware, CSAM, STIGs, and SCAP

Splunk, RSA network, Deep packet analysis, NetFlow analysis

MS Data Protection includes Azure Information Protection.

· Collaborate with Data Analyst, Data Scientists, Machine Learning Engineers to identify and transform data for ingestion, exploration, and modeling with the focus of security.

· Work with data governance team and implement security into the process for data quality checks and maintaining security in the data catalogs.

· Understand and apply concepts like data lake, data warehouse, lake-house, data mesh and data-fabric where relevant with security being paramount.

Operating Systems: Unix-Based Systems (Solaris, Linux); Windows.

Networking: LANs, VPNs, Routers, Firewalls, TCP/IP, palo alto

Software: MS Office (Word, Excel, Outlook, Access, PowerPoint)

Ticket Systems: ServiceNow, Remedy

OSINT: URLVOID.COM, VirusTotal.com, zscaller.com, urlvoid, abuseip, mxtoolbox, etc.

Specialties Skills: Testing & Troubleshooting, System Administration, Security Analyst, Application Support, Project Management, Technical Support & Customer Service, Azure platform, palo Alto deployment

Log analysis

Incident Response

Threat Intelligence

Linux Admi

Education and Background

Master of Science: in Cybersecurity Dec. 2020

University of Maryland Global Campus

Master of Science: in Physics Dec. 1996

University of Abomey Calavi, Benin

Membership & Certifications

CompTIA Security+ May 2020

CISSP - In Progress

CAP- In progress

AWS Certified Solutions Architect -In progress

Employment History

Information-Business Security Analyst 05/2007 – 01/02/2023

Midzone cable, Fort Washington, MD

Responsibilities:

Provides high-level analysis of security data to identify significant activity.

Advising multiple areas of Midzone's business, technology teams, and leadership on implementing cyber security best practices

Works in an Agile environment and supports review of business needs, priority refinement, milestones, and deliverables, and identifies opportunities and risks.

Performs vulnerability scanning with Nessus to detect potential risks on single or multiple assets across the enterprise network.

Develops, coordinates, implements, and maintains standards and procedures to protect information systems and data security and integrity.

Observes and analyses traffic to learn valuable lessons from known malicious actors and to determine countermeasures against such threats.

Possessed a unique combination of technical abilities, communication skills, and the ability to multitask that allow me to collaborate with end-users or business.

Provides detailed status updates on existing cybersecurity incidents daily to include follow-up with client/customer to ensure satisfactory resolution.

Develops risk assessment reports; identifying threats and vulnerabilities applicable to the system.

Evaluates the likelihood that vulnerabilities would be exploited and assess the impact associated with this threat and vulnerabilities.

Develop and implement Data-Loss prevention security standards.

· Design, develop and maintain data security models.

· Develop the various data transformation rules and data modeling capabilities.

· Collaborate with Data Analyst, Data Scientists, Machine Learning Engineers to identify and transform data for ingestion, exploration, and modeling with the focus of security.

· Work with data governance team and implement security into the process for data quality checks and maintaining security in the data catalogs

· Understand and apply concepts like data lake, data warehouse, lake-house, data mesh and data-fabric where relevant with security being paramount.

· Be familiar with data models for cloud data warehouses.

· Understand and be able to use different databases like Relational, Document, Graph and Key/Value.

· Analyze data using SQL.

· Work as part of an agile team.

· Provide regular data protection-related training of regulations and company procedure updates to staff.

· Draft policies and standard operating procedures related to privacy and data storage.

· Create technical documentation as needed.

MS Data Protection includes Azure Information Protection.

Apply required security patches within NIST and enterprise guidelines.

Conducts kick-off meetings to categorize the system according to NIST requirements of Low, Moderate, or High System. FIPS 199 and SP 800-60

Conducts security control Assessment to assess the adequacy of management, operational, privacy, and technical security controls implemented.

Prepares systems certification and Accreditation package, making sure that management, operational and technical security controls adhere to a formal and well-established security requirement authorized by NIST 800- 53R4.

Develops Security Assessment Report (SAR) detailing the results of the assessment along with the Plan of Action and Milestones (POA&M)

Conducted follow up meetings to assist information system owners to close/remediate POA&M items

Develops System Security Plans (SSP) to provide an overview of system security requirements and describe the controls in place or planned by information system owners to meet those requirements.

RCA when required, and Perform mitigation required to protect critical resources.

Information Security Analyst 07/2004– 04/2007

CCD Telecom, Silver Springs, MD

Responsibilities:

Enterprise- wide system security plan, Risk assessment and Privacy policies development

Perform incident response to investigate and resolve computer security incidents.

Compose security alert notifications and other communications.

Use McAfee DLP Manager to protect intellectual property and ensures compliance by safeguarding sensitive data.

Process Web Site Review Requests using McAfee Web Gateway GUI to grant temporal Web Access to users within the Company to websites that are being blocked for security.

Block malicious domains, Hashes, Files, and IPs following company's Standard Operation Procedures.

Stay up to date with current vulnerabilities, attacks, and counter measures.

Develop follow-up action plans to resolve reportable issues and communicate with other Analysts to address security threats and incidents.

Review and process accidental disclosure requests following standard operation procedures

Regularly develop new use cases for automation and tuning of security tools.

Analyze, investigate and process Malicious/Phishing Email alerts from IronPort and FireEye following standard operation procedure.

Contribute to security strategy and security posture by identifying security gaps, evaluate and implement enhancements.

Prioritize and differentiate between potential intrusion attempts and false alarms.

Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall, SOC functions.

Provide Incident Response (IR) support when analysis confirms actionable incident.

Strong working knowledge of network security monitoring and incident response, as well as superior written and technical communications skills.

Referee

Upon request



Contact this candidate