CYBER SECURITY SPECIALIST

PROFESSIONAL SUMMARY

Insightful result driven Cyber Security Specialist with extensive NexGen SIEM tools experience. Ability to perform Intrusion Detection, Vulnerability Assessment, Security Event Response, and Risk Management. Self-motivated and goal-oriented, with demonstrated ability to handle complex responsibilities in a demanding environment. Extremely organized and able to work within multiple teams to provide solutions and planning and goal-setting acumen to achieve objectives. Effective communicator who easily builds consensus among diverse groups such as Programmers, Developers, Engineers, and other form of all organizational levels and organizational backgrounds.

CORE STRENGTHS

Splunk FireEye NIST 800 Series FIPS Microsoft Office Suite (Word, Visio, Excel, Power Point, Access, Outlook) TCP/IP VPN Hyperion Wireshark IDS/IPS PCI/ DSS SCADA/ICS Policy Planning Amazon Web Services (AWS) Nessus Vulnerability Scanning Nmap QRadar Policy Planning FedRAMP.

Cyber Security Assessor (Department of Biomanufacturing Technology In Maryland)

SMITH and Nephew Pharmaceutical Company January 2023–Present

Review system security and privacy controls (managerial, operational, and technical) to determine applicability against federal requirements (e.g., NIST SP 800-53A rev 5)

Assess security and Privacy controls using SSP document and using NIST 800-53A rev 5 as guide and documents the result on the POAM, SAR and SAP.

Document POA&Ms’ s for corrective action following assessment activities and in response to identified vulnerabilities Apply knowledge of Information Assurance Vulnerability Alerts using NIST 800-171 for compliance.

Maintain continuous monitoring operation of security and privacy control posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed using NIST SP 800-137 as my guide.

Cyber Security Assessor (Department of Agriculture In Maryland)

DTT Consulting November 2017–January 2022

Utilized Next Generation Security Information and Event Management (SIEM) tools including Splunk, Wireshark and FireEye.

Validate management, operational, and technical security controls as part of the continuous monitoring assessment plan for all major systems.

Categorize systems using FIPS 199, NIST 800-60 vol 1 and 2 as guides.

Select and Tailor security controls using NIST 800-53 as guide and documents the result on the SSP.

Effectively communicate to stakeholders’ detailed information around schedule, scope, required documentation, security objectives, risks/vulnerabilities, and remediation actions

Review test results and provide independent Q&A and validation of results. Manage risks by providing formal and information risk assessments and facilitate plans of action and milestones (POA&M) management.

Conduct ad hoc validation on an as-needed basis to assist with closing open POA&Ms’ or vulnerability remediation.

Collaborate with agency officials and stakeholders to facilitate meetings to address event driven triggers around system risks.

Understand FedRAMP requirements/regulations, cloud technology stacks, and translate 3PAO results into agency RMF methodology.

Review system security controls (managerial, operational, and technical) to determine applicability against federal requirements (e.g., NIST SP 800-53)

Document POA&Ms’ s for corrective action following assessment activities and in response to identified vulnerabilities Apply knowledge of Information Assurance Vulnerability Alerts (IAVAs)

Ensure integrity of IT systems by identifying and mitigating potential avenues of exploitation, including system level attacks and user level attacks

Coordinate planning, scheduling, and testing of projects in the Assessment and Authorization (A&A) process

Conduct hand on security testing, analyzes results, documents risks, and recommends countermeasures

Advise and assist with the Lifecycle Assessment and Authorization (A&A) process and development of Systems Security Plan (SSP)

Develop risk assessments, recommend mitigating countermeasures, and write short, succinct risk assessment and certification reports for submission to the Chief Information Officer

Apply working knowledge of Intelligence Community Information Assurance policies and regulations and how they relate to the A&A process

Assist with the management of security aspects of the information system and perform day-to-day security operations of the system

Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed

Provide security certification test and evaluation of assets, vulnerability management and response, security assessments, and customer support

SOC Analyst I (Department of Labor In Maryland)

DTT Consulting December 2016 – October 2016

Utilized Security Information and Event Management (SIEM), Intrusion Detection and Prevention (IDS/IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.

Monitor and analyst network traffic, Intrusion detection system (IDS), security events and logs.

Work with security operation center engineers to operate IDS/IPS such as SNORT to analyze and detect worms, vulnerabilities exploits attempts.

Monitored events responded to incidents and reported findings.

Apply incident handling processes-including preparation, identification, containment, eradication, and recovery to protect enterprise environments; Facilitate impact analysis, issue resolution and remediation, case management/reporting, root cause analysis, and other incident management functions as needed.

Block malicious domains, hashes and IPs following company’s Standard Operation Procedures.

Use Splunk to search and analyze email logs to confirm malicious emails were not delivered or are quarantined and malicious attachment dropped.

Investigate process and resolve security emails alerts from SIEM tools like Iron port, FireEye, Mcaffee DLP and Source Fire

Use ServicesNow to open tickets for third party supports in resolving SOC issues.

Coordinate with the CIRT team to investigate and resolve security incidents.

Respond to computer incident by collecting, analyzing, preserving digital evidence and ensuring that incidents are recorded and tracked in accordance with organizational SOC requirements.

Stay current with vulnerabilities, attacks, and countermeasures.

Develop follow-up action plan to resolve reportable issues and communicate with other IT teams to address security threats and incidents accordingly.

Prioritize and differentiate between potential intrusion attempts or false alarms.

Assists with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.

Monitor events respond to incidents and report findings and escalate critical ticket if need be.

Utilize IDS/IPS to monitor malicious activities on the network like Snort to detect and respond to security incidents, analyze firewalls logs, IDS/IPS logs to uncover malicious activities going on over the network. Initiate and recommend corrective action to the CIRT team.

Information Security and Risk Analyst (Medicaid department)

Hexis Cyber Solution November 2016 – June 2017

Applied industry standard risk management techniques to ongoing projects in application security

Promoted security engagement through knowledge transfer and awareness

Delivered risk reducing strategies to project teams via end-to-end security solution design

Perform risk assessments on Third Parties and ongoing projects, solutions and implementations

Examine emerging technologies and scrutinize possible implementation risks and rewards

Manage policy exceptions and track to ensure remediation

Evaluate data protection controls for sufficiency, ensuring data safety outside the company.

Review Third Party vendor security solutions for compliance with Bank policies and guidelines

Track remediation efforts and follow up to ensure key deadlines are met

Implement assessment process and metrics for identifying and reporting on third parties

Evaluate security posture of third-party vendors and partners to ensure proper data hygiene

Review and approve requests from procurement to initiate new vendor relationships based on data security

Coordinate with vendor managers and assessors on security solution implementation

Ensured Electronic Protected Health Information (ePHI) remains protected via HITRUST implementation

Conducted Vendor / Risk management assessments based on industry standards (HIPAA, HiTech, HITRUST)

Policy Management including process mapping within Archer enterprise Governance Risk Compliance system

Created and presented Security Awareness road show to promote Information Security knowledge sharing

EDUCATIONAL AND PROFESSIONAL DEVELOPMENT

Bachelor of Science in Bioinformatics University of Maryland Global Campus (UMGC)

Master of Science in Cyber Security University of Maryland Global Campus (in progress)

CAP, Security+ (in progress)

Reference:

Delphine Takoh: 202-***-**** ( CISO and Linus software engineer), Gilbert Taah (ISSO).

Contact this candidate