RICHARD

BOSSMAN

ad415n@r.postjobfree.com 631-***-****

Corona, NY 11368

PROFESSIONAL SUMMARY

Risk Management Framework (RMF) Analyst /Security Compliance Specialist Dedicated and detail-oriented IT Security Analyst with over 10+ years of experience in Cybersecurity, Risk Assessments/Audits, and mitigation. Experienced in identifying and remediating vulnerabilities; eliminating critical control gaps and driving strategic security initiatives, with expertise in Ostrich Cyber Product, Collaborative team player and natural leader with proven success coaching junior analysts, meeting tight deadlines, and establishing improved processes. CORE STRENGTHS Information Security Risk Analysis & Remediation Security Controls Assessments Compliance Plans of Action and Milestones (POAM) Security Awareness Documentation Team Leadership Security Artifacts Vulnerability Scans & Tests Stakeholder Engagement Governance Coaching/Mentoring Reporting Security Information and Event Management Identity Access Management System Vulnerability Testing Threat Analysis Encryption/Decryption Firewalls Penetration Testing System Security Plan [SSP] Incident plans respond and putting up mitigation measures, Familiar with CIS & ISO 27001. ISO 27002, DIRA - Digital Identity Risk Analysis, NIST 800-53, FIPS 199, FIPS 200, NIST 800-171, NIST 800-53A, NIST 800-037, NIST 800-60,

NIST 800-137

SKILLS

Incident Response

Data Encryption

Patch management

Network Security

Multitasking

MS Office

Team building

Computer Skills

Organizational Skills

Self-Directed

Compliance Monitoring

Risk mitigation strategies

Risk Reporting

Legal Compliance

Vendor Risk Management

Cybersecurity Risk Assessment

WORK HISTORY

Risk Management Officer (RMF) Cyberisk Beyond Solution - Huntsville, AL 06/2020 - Current

Reduced risk exposure by analyzing and mitigating potential threats to the organization.

Streamlined risk assessment processes for increased efficiency and effectiveness in identifying vulnerabilities.

Established comprehensive risk management frameworks, ensuring organizational adherence to industry best practices.

Developed strong relationships with stakeholders, promoting a culture of open communication and continuous improvement in risk management efforts.

Compliance Specialist CyberTech Solutions - Allentown, PA 01/2018 - 06/2020

Enhanced company compliance by developing and implementing comprehensive policies and procedures.

Streamlined regulatory processes for improved efficiency and reduced errors, leading to better overall compliance.

Conducted thorough risk assessments to identify potential areas of non-compliance and recommended corrective actions.

Maintained strong relationships with regulators, promoting open communication and fostering a culture of transparency.

Assisted in the preparation of regular reports for senior management, detailing compliance activities and progress toward established goals.

Reduced instances of non-compliance through meticulous monitoring of internal controls and periodic audits.

Cyber Security Specialist Northwell Health System - New York, NY 03/2015 - 01/2018

Enhanced network security by implementing advanced threat detection and prevention tools.

Reduced cyber risks by conducting regular vulnerability assessments and penetration tests.

Increased employee awareness of cybersecurity best practices through comprehensive training programs.

Developed robust incident response plans to minimize damage from potential cyber-attacks.

Collaborated with IT teams to ensure secure implementation of new software applications and systems.

Maintained up-to-date knowledge of emerging threats, providing proactive solutions for potential vulnerabilities.

Junior Security Analyst Mount Sinai South Nassau - Oceanside, NY 11/2013 - 03/2015

Enhanced system security by conducting regular vulnerability assessments.

Improved overall security posture by staying abreast of emerging cyber threats and implementing appropriate countermeasures.

Managed patch deployment schedules to ensure timely updates of critical systems, reducing exposure to known vulnerabilities.

Reduced potential cyber threats through continuous monitoring of network traffic and analyzing logs for suspicious activities.

Implemented robust firewall rules and network segmentation to minimize unauthorized access and data breaches.

Collaborated with IT team members to develop comprehensive incident response plans, streamlining the process for handling cybersecurity events.

EDUCATION

New York University

Associate of Science: Cyber Operations and Warfare

University of Education-Winneba

Ghana

CERTIFICATIONS

CompTIA Security+

CompTIA Network+

Certified Information System Auditor (CISA)

HYPERLINKS

https://bold.pro/my/richard%2Dbossman%2D231124203056/266, Bold Profile

Contact this candidate