Resume

Security Analyst Customer Service

Location:

Waldorf, MD

Posted:

January 09, 2024

Contact this candidate

Resume:

COMFORT A. ATOH

CYBER SECURITY ANALYST.

CERTIFICATES

COMPTIA, CASP+

CERTIFIED SCRUM MASTER

ORACLE OCA CERTIFIED,

BACHELORS IN HCM

SECRET CLEARANCE ACTIVE

Maryland

ad2l6r@r.postjobfree.com TEL 240-***-****

PROFESSIONAL SUMMARY:

•Security Analyst working experience of over 4 -6 years of performing research, analysis, and troubleshooting to identify, resolve, and explain complex cybersecurity and physical security issues

•Cybersecurity, incident management, and IT compliance support across the enterprise infrastructure

•Assessed risks and threats of theft, explosions, fire, emergency evacuations, and unauthorized access capabilities; site, facility, restricted areas, materials, and information

•Cybersecurity capabilities and risk management in line with the Systems Engineering Life Cycle and consistent with technical requirements to ensure network and IT systems are protected against cyber-attacks and malicious intrusion

•Have a combine ability of technical abilities, communication skills, and ability to multitask that allow me to collaborate with end-users or business.

•Great attention to detail, and ability to work effectively as a team member with excellent communication, strong analytical and collaborative skills.

•With the capability of adapting to new and fast-changing technologies

•Creates and document reports, rules, trends and dashboards.

•Analyzes ArcSight and related tools and resolved IT secuirty failures.

•Performs Splunk tuning and filtering of alerts and monitoring components to ensure only relevant secuirty data are gathered.

•Security policies interpretation and implementation requirements to ensure confidentiality, integrity, availability of information, systems, and network.

•Performed research, analysis, and troubleshooting to identify, resolve, and explain complex security issues to members of the company.

•Security Assessment and Authorization (SA&A) professional with in-depth knowledge in Risk Management Framework (RMF), Systems Development Life Cycle (SDLC), security life cycle and vulnerability management using FISMA, and applicable NIST standards.

•Working knowledge of different Operating Systems such as Linux, Solaris and Windows

•Assists in the gathering and preservation of evidence used in the prosecution of computer thief. Identify IT security program implications of new technologies or technology upgrades

•Conduct IA cost benefit, economic and risk analysis in the IT acquisition decision making process.

•• Interpret security requirements relative to the capabilities of new information technologies. Interprets patterns of non-compliance to determine their impacts on levels of risk and/or overall effectiveness of IA programs.

•• Analyze and identify security strategies and recommends the best approaches and/or practices. Monitor and evaluate the effectiveness of IA security procedures and safeguards to ensure they provide the intended level of protection.

•Over-see the preparation of Risk Management Framework (RMF) cybersecurity certification and accreditation documentation plus identify and verify scanning requirements and remediation task order assigned cybersecurity enclaves.

• Security policies interpretation and implementation requirements to ensure confidentiality, integrity, availability of information, systems, and network.

•Performed research, analysis, and troubleshooting to identify, resolve, and explain complex security issues to members of the company.

•Security policies interpretation and implementation requirements to ensure confidentiality, integrity, availability of information, systems, and network.

•Performed research, analysis, and troubleshooting to identify, resolve, and explain complex security issues to members of the company.

•Working knowledge of different Operating Systems such as Linux, Solaris and Windows

•Maintain data standards, including adherence to the Data Protection Act.

•Write database documentation, including data standards, procedures, and definitions for the data dictionary (metadata).

•Perform backup/recovery and refresh of databases using the best practices followed in the industry and Database team.

•Performance monitoring/tuning/troubleshooting on for systems in with the company SLA

•Ability in building operating system on servers in linux, knowledgeable in configuring kvm virtual machines, input memory and allocate it as needed by the company.

•Innovative IT professional with a proven track record for managing and leading various large-scale business projects from ideation to implementation using agile practices. Total 9 years’ experience in IT, Worked with business stakeholders, project teams and other personnel to coordinate efforts of team members to deliver on deadlines. Used Atlassian products (Jira, Confluence) to track metrics and for documentation.

•Facilitate all scrum ceremonies: daily stand-up, sprint planning, sprint review/demo, and retrospective meeting.

•Worked closely with Product Owners and Stakeholders to establish a simple, solid, and understandable product backlog, then work with cross-functional teams to help understand the product backlogs as well as write good user stories.

•Facilitate the removal of impediments for the team by targeting the issue internally within the team, escalating to the right company personnel or to other external teams as needed.

•Successfully determined gaps in the team’s efforts and performance; developed and implemented improvement plans and strategies.

•Developed weekly agile metrics reports and dashboards for senior management including capacity tracking, task burn-downs, story burn-ups, and velocity metrics.

•Assisted with internal/external communications and encouraged sharing of information on the task board to help improve transparency.

•Resolved issues and conflicts which affected management, technology peers and business partners.

•Provided escalation to senior management when appropriated. Provided accurate project task estimates and resource planning forecasts. Worked with the product owner on grooming and prioritizing product backlog items.

•Researched Agile/Scrum techniques and shared findings with the team, keeping the team practices up to date, constantly evolving into highly efficient, and self-organizing teams.

•System resource management including bottleneck detection, contention tuning on SGA, CPU, Memory and I/O etc.

•Ability to prioritize and meet operational deadlines in fast paced environment with good stress management skills.

•SQL Net installation/configuration/troubleshooting (Server and Client side

•Storage Management including fragmentation detection, tablespace growth ratio.

•Excellent interpersonal and strong analytical, problem-solving skills.

•Monitored the alert logs and troubleshot the errors.

Skill Sumary

Technologies and Tools: MS Office (Word, Excel, Outlook, PowerPoint, Access); Wireshark, ArcSight, Splunk, SharePoint, Nessus, Burp Suite, NMAP, Yara, Thunderbird, Snort, Cain and Abel, Ophcrack, OurSecret, Cryptool 2 Remedy, VMware, CSAM, STIGs, and Security Content Automation Protocol (SCAP), Oracle (Oracle Enterprise Manager, SQL*Plus, SQL Loader, DB Configuration Assistant) Toad, OEM Grid, RMAN, SQL*Loader, Exp/Imp/Data Pump, Log Miner, Statspack/AWR, Top, DBCA, DBUA, ADDM, Remedy, BMC Control-M, SSMS, MySQL Workbench, and pgAdmin.

Software Development Life Circle (SDLC); Communication; Iteration/Sprint Planning

Tasking Meetings/Retrospectives

Project Management Tools

• Jira, Confluence, Rally, TFS, Rational, Visual Studios,

OTHER TOOLS USED FOR SCRUM.

MS word, MS Excel, MS PowerPoint, MS Outlook, Google Apps, Zoom, Skype for Business, Join Me, Google Hangouts, webex for meetings, Microsoft Teams, Slack

Operating Systems and Databases:

MS Windows, UNIX, MS SQL Server, MS Access, UNIX (Solaris 8/9/10), AIX, HP-UX), LINUX, WINDOWS 2008, 2012 Centos 7

Oracle 10g, 11g, 12c, 19c SQL server 2008, 2012, MySQL 5.0, 5.0, OAM Confoguration 12c, oracle access ment, configured OUD, CONFURE ORACLE HTTP,, ORACLE WEBGATE FileMaker 16

Specialties Skills Cloud computing, System Administration, Security Analyst, Application Support, Project Management, Strong Analytical & Collaboration, Technical Support & Customer Service, Cyber kill chain methodology, MITRE ATT&CK framework, Incidence response, Vulnerability Management, RMF, NIST 800

PROFESSIONAL EXPERIENCE:

Information Security Analyst / Assurance Analyst.

DSA/JPEO-CNRND .

May 2022 – Present

Conducts security control Assessment to assess the adequacy of management, operational, privacy, and technical security controls implemented.

Develops, coordinates, implements, and maintains standards and procedures to protect the security and integrity of information systems and data.

Observes and analyses traffic to learn valuable lessons from known malicious actors and to determine countermeasures against such threats.

Daily review of logs and alerts from IDS/IPS devices, DLP system, and Splunk.

Provides high-level analysis of security data to identify significant activity.

Performs vulnerability scanning with Nessus to detect potential risks on single or multiple assets across the enterprise network.

Leverage Nessus to identify systems compliance risk levels, identify non-compliance issues, security vulnerabilities and manage remediation activities.

Keeping Track on the Company Asset Management List, by Conducting and updating IT Equipment Hand Receipts Annually.

Communicates security gaps with remediation recommendations to systems owner management.

Provides support and security overview on cloud-based solutions implementation, including private, community, hybrid, and public cloud deployment models.

Develops, reviews, and evaluated System Security plan based NIST special publications SP 800-53r4.

Possessed a unique combination of technical abilities, communication skills and ability to multitask that allow me to collaborate with end-users or business

Provides detailed status updates on existing cybersecurity incidents daily to include follow up with client/customer to ensure satisfactory resolution.

Develops risk assessment reports, identifying threats and vulnerabilities applicable to the system.

Evaluates the likelihood that vulnerabilities would be exploited and assess the impact associated with this threat and vulnerabilities.

< Experience working on SIPR&NIPR on eMASS, working on diffirent systems

Monitoring packages on eMASS.

Categorized information on the system and aplied the control necessary to implement on those systems.

Deployed artifacts and export to the systems needed by the teams.

Experience upgrading server operating systems, tech refresh, imaging, patch management

Investigate and research issues, determine the impact, and provide remediation and document root cause analysis (RCA) when required and Performs mitigation required to protect critical resources.

Conducts kick-off meetings to categorize the system according to NIST requirements of Low, Moderate, or High System. FIPS 199 and SP 800-60

System Security Analyst/Oracle dba

AVANCO INTERNATIONAL

September 23th 2020 – February 2022