Funmilayo Tosin Soares

301-***-****

Email: ad29pm@r.postjobfree.com

PROFESSIONAL SUMMARY

Devoted highly skilled Security Analyst with analytical skills, knowledgeable in NIST standards, FISMA, security life cycle and vulnerability management. Equally knowledgeable in system security monitoring and auditing, risk assessments, testing information technology controls and developing security policies, procedures and guidelines.

EDUCATION

Nigerian Law School, Abuja, Nigeria

LL.B 2002

Lagos State University, Lagos, Nigeria

Bachelors of Law, B.L 2001

CERTIFICATION

● CompTIA Security+

● CISM- In Progress

PROFESSIONAL EXPERIENCE

Security Control Assessor/Security Analyst April 2018 - Present ABBTECH Professional Solution, Sterling, VA/ FDA

● Participates in kick-off & close out meetings with system security personnel and stakeholders.

● Develops Security Assessment Plan (SAP) identifying assessment methodology and controls to be assessed.

● Performs security control assessment for management, operations, and technical controls against NIST SP 800-53A Rev 4, NIST SP 800-53 Rev 4, FIPS 199, and FDA guidelines.

● Ensures all the RMF steps are properly completed.

● Examines system artifacts to facilitate understanding, achieve clarification, and obtain evidence.

● Review existing POA&Ms for tracking purposes and monitor milestones.

● Interview system and security personnel to achieve clarification and obtain evidence on control implementation.

● Prepare Rules of Engagement (ROE), analyzes, and conducts a vulnerability scan report summarizing scan results.

● Determines the extent to which controls are implemented correctly, operating as intended, and producing desired results with respect to the security requirements of the information system in accordance with NIST SP 800-53A, NIST SP 800-115, NIST 800-37.

● Performed compliance reviews on systems which entailed reviewing pre-& post-assessment packages, including but not limited to the FIPS 199, FIPS 200, SSP, SAP, SAR, SLAs/MOUs/MOAs and POA&Ms; then completed deliverable to the Client.

● Documents overall assessment results in a Security Control Assessment Report and an executive summary.

● Provides recommendations to initiate Plan of Action and Milestones (POA&Ms).

● Assembles Security Authorization Package (SSP, SAR, and the POA&M) to obtain ATO for assessed systems.

● Creates Plans of Action and Milestones (POA&M) for identified vulnerabilities and performs compliance monitoring.

SKILLS

● Linux (Intermediate), UNIX, Microsoft Windows 98 to 10.

● Strong interpersonal, team building, active listening, and absolute attention to details.

● Excellent written and verbal communication skills.

● Extensive knowledge of FISMA, FIPS, OMB, and NIST SP 800 series.

● High proficiency in Microsoft Word, PowerPoint, Excel, Outlook, SharePoint.

● Experience with Cyber Security Asset Management (CSAM), XACTA, and Nessus tools.

SOFTWARE TOOLS AND UTILITIES

● Active Directory, Window Server 2003, 2008, 2012 and 2012 R2, and 2016

● Firewall, Routers, Switch, Hub, Proxy, DNS, TCP/IP

● Microsoft Office (Word, Excel, PowerPoint, Project)

● Vulnerability Assessment

Contact this candidate