Mary Akinmusire

Philadelphia, PA 267-***-**** ad2y1v@r.postjobfree.com US Citizen

OBJECTIVE

Detail-oriented and highly skilled Security Analyst and Assessor with 5 years of experience in Risk management Framework (RMF), Cybersecurity Framework (CSF), FedRAMP, and PCI-DSS. Adept at conducting thorough security assessments, identifying vulnerabilities, and implementing effective risk mitigation strategies. Seeking a challenging role to apply my expertise in analyzing and fortifying organizational security frameworks, ensuring the confidentiality, integrity, and availability of sensitive information. Dedicated to staying abreast of the latest security trends and technologies to proactively address emerging threats.

EDUCATION

Bachelor of Science Lasalle University, Philadelphia, PA January 2021

CERTIFICATIONS

Certified Authorization Professional (CAP) Expected March 2024

TECHNICAL SKILLS

Familiar with RMF process FISMA NIST SP 800 Series FedRAMP Tenable Nessus SNORT ISO 27001 PCI DSS

JIRA XACTA WebInspect POA&M Vulnerability scanning.

SOFT SKILLS

Team Player Meets Deadlines Attention to Details Problem Solving Excellent Communication Analytical Thinking Complex Problem Solving Sound Decision Making Time Management Integrity & Accountability Risk Management Continuous Learning and staying updated on emerging threats and technologies.

EXPERIENCE

Information Security Analyst June 2018- Present

Universal Health Services, Philadelphia, PA

Duties include:

Participates in the development of the analysis of product defect data and mapped it with corresponding action plans to reduce defects.

Implements and maintain RMF, CSF, FedRAMP, and PCI-DSS compliance standards across the organization's IT infrastructure.

Contributes to the development of security policies and procedures, emphasizing best practices and industry standards.

Leading security monitoring and incident response initiatives, identifying and mitigating security threats swiftly.

Develops and execute daily, weekly, and monthly action plans that increases quality, inventory accuracy, and service.

Collaborates with cross-functional teams to carry out risk assessments, vulnerability assessments, and security investigations, which resulted in improved security postures.

Manage the installation and upkeep of security tools, including firewalls, intrusion detection systems, and antivirus software.

Established and maintained robust security controls, ensuring the protection of sensitive data and compliance with regulatory requirements.

Initiates the vulnerability management program, conducting regular scans, and leading the remediation efforts to minimize security risks.

Jr Security Control Assessor May 2017- June 2018

Better Health Care, Philadelphia, PA

Duties include:

Conducted independent security control testing and assessments of the management, operational, and technical security controls to determine the overall effectiveness of security controls, based on the NIST Risk Management Framework (RMF)

Prepared all security documentation required in each step of the RMF process, ex. System Security Plan (SSP) and security control implementation using SP800-53 rev5 for the information system and ensured its entry into governance tool (e.g., Xacta, eMass).

Developed Security Assessment Report (SAR) on over 2000 controls on high, moderate and low categorization systems.

Managed and coordinated with project team members to acquire and maintain ATO for client’s products.

Collaborated with the IT team to address security control deficiencies, assuring the protection of vital assets.

Aided in the preparation of audit and compliance-related security documentation and reports.

Developed and reviewed artifacts, such as Security Assessment Plan (SAP), Security Assessment Reports

(SAR), and Security Configuration Reports.

Monitor compliance by transaction parties with Security Agreements entered between multiple Government

agencies. Provide technical expertise and advice on the design, development, implementation, and adherence to cyber/data security procedures, plans and policies required under certain Security Agreements.

Proactively engage with transaction parties, third-party monitors, third-party auditors, and interagency partners to assess the robustness and effectiveness of compliance with relevant cyber/data security obligations under Security Agreements.

Prepared for and conduct compliance activities in compliance with Federal Guidelines (NIST 800-53, 800-53A, 800-37) and client requirements.

Contact this candidate