BERTHA AKUA ASARE

ad3j3a@r.postjobfree.com • linkedin.com/in/berthaasare • 321-***-****)

CYBER SECURITY

PROFESSIONAL PROFILE:

Results-driven SOC Analyst with expertise in monitoring, detecting, and responding to security incidents. Also experience in managing and protecting Enterprise Information Systems, Network Systems and Operational processes through, Compliance verifications, Risk Assessments, Vulnerability Assessment in accordance with NIST, FISMA, ISO with industry best security practices. Impressive, successful track record, insightful, and result driven.

SKILLS

Knowledge in Iaas, Paas, Saas, SEIM’s, EDR, SOAR ticketing and threat intelligence platforms

Security Authorization and Continuous Monitoring process using National Institute of Standard Publications (NIST) 800-30, 800-37 Rev 1, 800-60, 800-53A, 800-53 Rev 3 & 4, FIPS 199, ISO 270001

SOX 404, COSO, COBIT, PCIDSS, SOC 2 and Vendor Risk Management.

Strong organizational, communication (verbal and written) presentation and analytical skills

Broad knowledge of Microsoft Windows, Carbon black, Jira, Proofpoint, Splunk, Duo, Fortinet

Federal Information Processing Standards (FIPS) 199 System Categorization, System Security Plan

(SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR). PROFESSIONAL EXPERIENCE

BRANDEIS UNIVERSITY, Waltham MA Oct 2022- Present

Senior Information’s Security Analyst

• Monitor and analyze security events using the SPLUNK SIEM tool to identify potential threats and vulnerabilities.

• Investigate and respond to security incidents, conducting root cause analysis and recommending mitigation strategies.

• Collaborate with cross-functional teams to develop and implement incident response plans and playbooks.

• Assists with vulnerability and risk analysis of existing and planned systems and collaborates with law enforcement and internal personnel on security investigations.

• Assists in the daily operation and maintenance of Brandeis University's security infrastructure, including Firewalls, Splunk, IDS/IPS, VPN, and other systems.

• Work directly for the Chief Information Security Officer. Also collaborates with ITS, legal, and risk management team members to assure compliance with federal, state, and industry. regulations, including FERPA, 201 CMR 17, GDPR, PCI, other state privacy and security laws and the organization's privacy and security policies and procedures.

• Developed and launched a cybersecurity awareness program for University employees that includes computer-based training, phishing simulations, webinars, in-person workshops, and digital communications.

B ertha Akua Asare ad3j3a@r.postjobfree.com (321) 438- 8472 Page 2 RAPID MICRO BIOSYSTEMS, Lexington, MA July 2021 – Aug 2022 Senior Systems Security Analyst (SOC)

• Performed daily reviews of security events and incidents in accordance with Rapid’s incidence response policy.

• Worked with IT support to ensure that all endpoints throughout the organization were configured with industry-standard security settings and that the necessary security tools (MDM, EDR, etc.) were installed.

• Monitored the SIEM solution for Arctic wolves for suspicious occurrences and incidents. Ran weekly analytical report based on Arctic wolves’ events and present to IT Director and team.

• Identified vulnerabilities / missing patches across all physical servers, virtual servers, end-user workstations and containers. Ensured all were prioritized for remediation using manage engine solution.

• Championed security awareness and training for all users, using Know B4 training platform to ensure users were aware of the current risk and hackers’ techniques.

• Reviewed and updated Rapid’s security policies and controls in accordance with the Nist framework.

• Collaborated with Auditors and compliance teams to meet policy requirements and collect evidence. SMART THINK LLC, Baltimore, MD Apr 2020 – June 2021 Information Security Analyst

• Prepared and updated IT security policies, procedures, standards, and guidelines in accordance with department and federal requirements to safeguard organizational assets, ensure data integrity, availability, and confidentiality.

• Developed and reviewed System Security Plan (SSP), Security Assessment Report (SAR), Plan of Action and Milestone (POAM) and specific security documentation in accordance with NIST SP 800- 37 rev 1, 800-18, 800-53 rev 4 and 800-34.

• Performed information security risk assessments and assisted with the internal auditing of information security processes. Assessed threats, risks, and vulnerabilities from emerging security incidents.

CYCLERION THERAPEUTICS, Cambridge, MA Aug 2020 – Feb 2021 People Compliance

• Worked with IT and the People team to create adequate internal controls by reviewing documents and policies while maintaining compliance; established strong working relationships with all sox- related business areas.

• Worked with IT, Finance, and HR to create an effective security control of off-boarding process. Provided effective risk and control advice, maintained active communication to enhance risk and control awareness and manage expectations.

• Reviewed employee documentation with the People team making necessary changes to ensure availability and integrity of employee data coupled with weekly user education to ensure compliance with legal laws to meet all auditing and compliance standards.

• Assisted with the internal auditing of information security processes. Assessed threats, risks, and vulnerabilities from emerging security issues and identified mitigation requirements. B ertha Akua Asare ad3j3a@r.postjobfree.com (321) 438- 8472 Page 3 STANBIC BANK, Ghana Feb 2016 – Aug 2019

Security Compliance Analyst

• Good understanding of the NIST Risk Management Framework (RMF) and the System Development Lifecycle (SDLC).

• Served as one of several primary points of contacts for the customer, relative to matters of information security.

• Conducted annual assessments of systems on compliance with organizational policy.

• Collaborated with the ISSO to draft and manage POA&M for authorized systems with appropriate remediation suspense dates and track findings until closure.

• Provided compliance insight, guidance and training for new system implementations and other security related concerns.

EDUCATION & TRAINING

Arts in Sustainable International Development

Master of Arts in Sustainable International Development (2021) Brandeis University, Waltham, MA

Bachelor of Arts & Business Administration (2014)

University for Development Studies, Ghana

TRAINING:

Cybersecurity Security Training

Computer Forensics, CompTIA, Malware Analysis, Linux, Windows, Virtualization, Octa, Proofpoint

(Smart Think, LLC.)

ACHIEVEMENTS / AWARDS

Global Goodwill Ambassador Award-Humanitarian 08/2019

Beyond Excellence Award 08/2019

“MTN Heroes of Change”. One of 40 semi-finalists celebrating remarkable individuals who making an impact in the country of Ghana.

Contact this candidate