Cyber Security Project Management

Summary

With *+ years of experience in Cyber Security, I specialize in Network Security, adept at implementing robust solutions to protect critical infrastructures. My skills include problem-solving, effective communication, and conducting audits to fortify cybersecurity posture and minimize the impact of security incidents on business operations. I posses exceptional skills in conducting vulnerability assessments, managing security incidents and colaboration with cross-functional teams to implement security controls and solutions. in data analysis, project management, and compliance with data privacy regulations. My expertise in network monitoring systems ensures comprehensive protection against cyber threats.

Experience

Cybersecurity Analyst - 2019 to PRESENT

Peraton 540 Annapolis Junction (Project: DoD).

Expertise in implementing the Risk Management Framework (RMF) and NIST SP 800-37, ensuring robust selection, assessment, and monitoring of security controls for information systems.

Conducted a comprehensive security risk assessment, identifying and prioritizing critical risks and recommending security enhancements that resulted in a 40% rediction in overall risk.

Managed and maintained security-related hardware and software list, ensuring that all systems were up-to-date and in compliance with industry standards and regulations.

Proficient in crafting Department of Defense (DoD) RMF accreditation packages, adhering to CNSS 1253 guidelines, and preparing comprehensive System Security Plans (SSP).

Skilled in providing RMF services, including developing audit policies, scanning policies, POA&Ms, CONOPS, COOP/DR plans, IA Cert Checks, and facilitating MOU/MOAs.

Directed in-house cyber security auditing program to detect flaws and weaknesses in software and system.

Developed and maintanied incidents response protocols to mitigate damage and liability during security breaches.

Coordinate and facilitate assessment and authorization audits, acting as a liaison between assessors and subject matter experts (SMEs), ensuring adherence to proper assessment procedures.

Thoroughly review and validate security documentation such as POAMs, SARs, SSPs, and WADs in alignment with the Assessment and Authorization (A&A) Process.

Proficient in quarterly Security Technical Implementation Guide (STIG) checklist reviews, ensuring compliance with DoD guidelines and standards.

Experience in analyzing and remediating vulnerabilities identified through ACAS, Xray, BURP, and SCAP scans, providing recommendations for mitigation and remediation plans.

Ensure accurate identification, tracking, and reporting of policy and compliance documentation, enhancing organizational security posture.

Conduct regular scans using Burp and Xray, analyze results, and coordinate vulnerability remediation with SMEs, adhering to cyber team guidelines.

Stay updated on emerging cyber threats by reviewing regulatory bulletins and sources such as US Certs and Udemy.

Prepare security control scorecards using the latest eMASS updates, presenting them during bi-weekly sprint review meetings.

Prepare Khanban slide decks showcasing completed Jira stories within sprint periods, submitting them to relevant personnel for review.

Technologies Used: eMASS, eMASTER, Vulnerator, Xray, ACAS, BURP, SCAP, Jira, and BurpSuits for comprehensive security assessments, vulnerability scanning, and project management.

Cybersecurity Analyst - Jan 2016 to Oct 2019

Paragon Inc, Chantilly, VA (Project: DHS).

Develop and implement test plans to assess security control effectiveness on information systems, ensuring compliance with FISMA and OMB A-130 Circular requirements.

Analyze vulnerability scan reports, categorize identified vulnerabilities by severity, and generate targeted Plans of Action and Milestones (POA&Ms) for remediation.

Conduct in-depth interviews with System Administrators and observe security control implementation and operation to validate effectiveness during testing.

Review and validate Configuration Management Plan (CMP) and Baseline Configuration documents, ensuring accurate documentation and management of updated configuration items for relevant systems.

Maintain and update Plan of Actions & Milestones (POA&Ms) regularly to track remediation progress and newly discovered vulnerabilities accurately.

Review and revise system boundary diagrams to reflect current network topology and device configurations, ensuring accurate representation of system architecture.

Collaborate closely with system engineers to identify and mitigate threats, as well as address vulnerabilities effectively.

Utilize tools such as vulnerability scanners, configuration management software, and network mapping tools to streamline assessment processes and enhance system security.

Technologies Used: Vulnerability scanners, configuration management software, and network mapping tools to streamline security assessments and enhance system resilience.

Oracle Database Administrator - January 2014 – October 2015

Blue Water Federal Solutions, Inc.

Applied quarterly CPU patches and performed manual upgrades from Oracle 10g and 11g to 12c, ensuring the security and efficiency of database systems.

Conducted regular backup status checks on Mondays and Saturdays, managing failed and obsolete backups, and initiating manual backups as needed to maintain data integrity.

Designed, implemented, and enforced standardized security procedures for databases, safeguarding sensitive information against unauthorized access or breaches.

Generated weekly reports detailing completed tasks, ongoing work, and any encountered risks or blockers, facilitating transparent communication and informed decision-making.

Monitored service accounts to ensure timely password changes within 120 days, notifying stakeholders and the DBA team to uphold security protocols and compliance standards.

Participated in daily stand-up meetings to coordinate activities, discuss completed tickets, ongoing projects, and plan daily tasks efficiently.

Conducted daily health checks of database instances via Grid, verifying operational status, backup success, synchronization of redo logs, and completion of scheduled jobs for optimal performance.

Implemented database security checklists and lock-down procedures to adhere to configuration and server security standards, mitigating potential vulnerabilities and ensuring regulatory compliance.

Installed and configured ASM, Database software, Listeners, and patches, overseeing database creation across development, staging, and production environments for seamless operation.

Technologies Used: Utilized Oracle Database Management System (DBMS) for applying patches, performing upgrades, implementing security procedures, and executing database migrations, ensuring robust and efficient database operations.

Achievements

Successfully implemented Risk Management Framework (RMF) and NIST SP 800-37 at Periton 540 Annapolis Junction, ensuring robust selection, assessment, and monitoring of security controls for DoD projects.

Crafted comprehensive System Security Plans (SSP) at Periton 540 Annapolis Junction, aligning with CNSS 1253 guidelines, enhancing the security posture of DoD information systems.

Streamlined security assessments and compliance with FISMA and OMB A-130 Circular requirements at Paragon Inc, Chantilly, VA, through meticulous test plan development and execution following NIST SP 800-53A Revision 4 guidelines.

Enhanced vulnerability remediation and risk mitigation strategies at Paragon Inc, Chantilly, VA, by categorizing vulnerabilities and generating targeted Plans of Action and Milestones (POA&Ms) for remediation.

Implemented standardized security procedures and protocols at Blue Water Federal Solutions, Inc., ensuring the confidentiality, integrity, and availability of sensitive data within Oracle databases.

Facilitated transparent communication and informed decision-making through the generation of weekly reports detailing completed tasks, ongoing work, and encountered risks or blockers at Blue Water Federal Solutions, Inc.

Maintained optimal performance and security of database instances at Blue Water Federal Solutions, Inc., by conducting regular health checks, monitoring service accounts, and ensuring timely password changes.

Contributed to the seamless operation of database environments across development, staging, and production at Blue Water Federal Solutions, Inc., through the meticulous installation, configuration, and management of Oracle Database Management System (DBMS).

Skill Highlights

DBMS

Burp Suite

OSSEC

Jira

SonarQube

OpenVAS

Nessus

TCP/IP

Vulnerabilities Management tools

Risk Management Framework

Security Information and Event Management (SIEM)

Compliance management

Cross-functional collaboration

Security risk assessment

Encryption and cryptography

Identity and access management

Certifications

Security+

Master’s Degree in Cybersecurity Management and Policy

Certified Authorization Professional (ISCAP)

Oracle Certified Associate (OCA)

Oracle Certified Professional (OCP)

Education

Master’s Degree - Cybersecurity Policy and Management

University of Maryland

Doctorate Degree - Cybersecurity Policy and Management

Currently Pursuing

Languages

English - Native

Security Clearance : Secret (Active)

Declaration

I HEREBY DECLARE THAT ALL THE INFORMATION FURNISHED ABOVE IS TRUE TO MY BEST KNOWLEDGE.

Address:

Maryland, USA

Phone: 240-***-****

Email: **********@*****.***

Ernest Ajang

Contact this candidate