System Security Information

OGUNSEYE GABRIEL UTHMAN

**** **** **** **** *** #5 Lanham Maryland 20706

Phone: 240-***-**** Email: *******@*****.***

OBJECTIVE

To Support Information System Audit and compliance with a proven track record of performing risk assessments and compliance reviews throughout the system development life cycle. With a good understanding of cloud migration.

SKILLS & ABILITIES

NIST SP 800 -53, 800-53A Assessments ● Sarbanes Oxley Compliance

IT Security and Risk Management ● Identity Management

Computer Assisted Auditing Tools (CAATs) ● PCI DSS

Assessment of Internal Control ● Microsoft 365

Windows & Linux operating system ● ERP Applications

Patch management

Critical infrastructure resiliency

EMASS

POAM

Tenable Nessus scanning

Fed Ramp process

ISO27001

DITPR

Patch Management

EXPERIENCE

Rotikas Technologies LLC June 2017 to date

Information Assurance /Cybersecurity Analyst HPW40

Experience in the application of FISMA guidelines including the NIST special publications 800-18, 800-30, 800-37, 800-39, 800-53, 800-53A, and 800-60

Understanding of the NIST Supplemental guidance for Ongoing

Authorization

Experienced in selecting security controls for Low, Medium, and High systems from NIST 800 rev 3 and 4.

Ability to develop the following.

System Security Pan

Access control policies and procedures

Audit policies and procedures

Incident response plan

Configuration Management policies and procedures

Managed the development of System Security Authorization Agreements, performed threat vulnerability assessments, and provided security test and evaluation support.

Assisted with a review of policy, security alerts, guidance, regulations, and technical advances in IT Security Management

Utilized processes within the Security Assessment and Authorization environment such as system security categorization, security and contingency plans development, security testing and evaluation, system accreditation, and continuous monitoring.

Contributed to initiating FISMA metrics such as Annual Testing, POA&M Management, and Program Management.

Identified and assess key IT and data-related risks and controls within the business processes and develop effective test plans for engagements.

Reviewed and tested other important IT controls such as: Incident management, change management, segregation of duties, data integrity, etc.

Performed effective internal controls and regulatory compliance reviews for both IT and business processes.

Performed IT risk assessment analysis for clients, communicate results to clients, and provide recommendations.

Prepared well-documented and organized work papers to substantiate results documented in the audit report.

Provide guidance, training, and supervision to assigned staff in performing day-to-day engagement activities.

Work closely with senior auditors in the performance of audit test work; identify areas of recommendations and conduct follow-up where necessary.

Performs internal controls testing and documentation in compliance with SOX requirements for clients.

EDUCATION & CERTIFICATIONS

Certified Information System Auditor - CISA (2013

Security+ 2020

Certified Data Privacy Solution Engineer CDPSE 2021

Certified Information System Security Professional CISSP – preparation

Associate Chartered Preparation Accountant ICAN

Bachelor’s degree in accountancy - Yaba College of Technology

Grand Canyon University College of Science Engineering and Technology Master in Cybersecurity in Progress

Contact this candidate