Post Job Free
Sign in

Security Officer Information Systems

Location:
Manhattan, NY, 10019
Posted:
June 25, 2024

Contact this candidate

Resume:

LIBABATIE PEDRO

INFORMATION SYSTEMS SECURITY OFFICER (ISSO)

Profile

With over 7 years of practical involvement as an Information Systems Security Officer (ISSO), I have consistently showcased my proficiency in safeguarding critical data and maintaining rigorous security standards. My capabilities extend across risk assessment, vulnerability management and the enforcement of security protocols, ensuring the confidentiality, integrity and availability of organizational assets. I thrive in collaborative environments, adept at facilitating the seamless integration of impactful security measures across diverse teams. I am enthusiastic about contributing to a dynamic organization, leveraging my expertise and skills in the capacity of an ISSO. My proven track record underscores my commitment and proficiency in this domain, positioning me to make significant contributions to any team I join.

SKILLS

●Risk Management: Risk assessment and risk mitigation analysis, Information Assurance & Privacy, RMF, System / Network vulnerability analysis, Testing IS Controls, Cloud Cybersecurity (NIST SP 800-Series, FIPS 199, FIPS 200).

●Regulatory Compliance: HIPAA, FedRAMP, NIST SPs, PCI-DSS, ISO 27001, CMMC, Contingency planning.

●Policy and Compliance Review: SOPs, ISAs, MOUs, test results, firewall policy, Ports & Protocols, Plug-ins.

●Security Tools: Nessus Scan [Tenable io], Web Inspect, STIGS.

●Software: Microsoft Office Suite 2016: Word, Outlook, Excel, Visio, PowerPoint, Teams, Virtualization, Windows and Linux Operating Systems, SharePoint, Risk Vision, Splunk.

●Server: Windows Server 2016.

●GRC Tools: RSA Archer, eMASS, CSAM, ServiceNow.

●Soft skills: Strong oral and technical writing skills, team player, detail-oriented, ability to work independently, strong leadership and organizational skills.

Employment History

Information System Security Officer (ISSO), CITIBANK N.A., New York.

JUNE 2021 — PRESENT

●Implemented Plan of Action and Milestones (POA&M) through CSAM, executing annual security assessments, encompassing NIST SP 800-53 and autonomous security evaluations.

● Executed evaluations of designated information systems security prerequisites, assessed the prevailing security stance, and suggested priorities for rectification.

●Revised System Security Plans (SSPs) for systems, executing requisite tasks in CSAM to compile a comprehensive SSP.

●Formulated, sanctioned, and verified POA&M ensuring their currency, precision, and efficacy in addressing identified security vulnerabilities.

●Orchestrated and executed compliance procedures as per Federal directives (NIST 800-53, 800-53A, 800-37, etc.) and client specifications.

●Assisted and documented security control assessments, aiding in remediation endeavors, and overseeing proper POA&M management.

●Scrutinized and improved standardized Security Authorization & Assessment (SA&A) Documentation, Security Assessment Reports, while furnishing recommendations for security infrastructure enhancements (e.g., firewalls, vulnerability scanning tools).

●Offered ISSO assistance for evaluating security assessments and their associated documentation.

Information System Security Officer (ISSO), George Mason SCHAR School of Policy, Arlington, Virginia

OCTOBER 2017 — DECEMBER 2020

●Conducted annual security assessments, including NIST SP 800-53 assessment and independent security assessments as required.

●Established and managed an IT System Security Compliance Schedule, covering POA&M Action Items, required ITSS reports/updates, Change Control Board Meetings, scheduled Vulnerability Scans, and updates to System IT Security Documentation.

●Identified the hardware and software components to be covered by the Security Authorization Package.

●Conducted assessments of assigned information systems security requirements, evaluated current security posture, and recommended priorities for remediation.

●Planned engagements, leveraging relevant work completed for other systems to achieve schedule cost savings and minimize impact on customer staff resources.

●Updated System Security Plans (SSPs) for IT systems and completed necessary activities in CSAM to generate a complete SSP.

●Coordinated the distribution of SSPs for review by project teams, tracked progress, and revised applicable areas in the CSAM tool as required.

●Drafted, approved, and validated POA&M, ensuring they remained up-to-date, accurate, and represented a true plan to mitigate identified security weaknesses.

●Conducted assessments of NIST SP 800-53, Rev 4 controls, documented findings in DOJ's CSAM repository, and ensured data quality and alignment with DOJ requirements.

●Reviewed and conducted NIST-based self-assessments, identifying weaknesses requiring attention, and developed a POAM for each based on industry best practices.

●Supported and documented security controls tests, assisted in remediation, and ensured appropriate management of POAMs.

Information Assurance Analyst, First Atlantic Bank, Richmond, Virginia

JULY 2015 — SEPTEMBER 2017

●Utilized expertise in NIST, OMB, RMF, FISMA, and government security requirements to improve organizational security protocols.

●Oversaw the monitoring and identification of risks and exceptions, ensuring resolution through the creation of Plans of Action and Milestones (POA&M).

●Executed risk and vulnerability assessments at the network system and application levels.

●Reviewed Nessus findings and generated vulnerability reports.

●Orchestrated the system accreditation process, collaborating with stakeholders to ensure successful reviews.

●Implemented security controls and devised operational risk mitigations.and assisted in conducting security awareness programs.

●Assessed and recommended new security tools, techniques, and technologies.

●Conducted routine assessments of site implementation of FISMA controls to support Continuous Monitoring.

Education

George Mason University (GPA: 3.70), MBA - International Commerce & Finance Policy

Relevant Coursework: Multilateral Development Banks Partnerships, Strategic Trade Controls

and Compliance, Global Business Finance, Microeconomics and Computational Policy, Managerial

Economics, Macroeconomics and Trade Policy, Contract Negotiations, Methods of Analysis.

University of Ghana (GPA: 3.29), Bachelor of Science: Mathematics & Computer Science

Relevant Coursework: Linear and Abstract Algebra, Systems Programming, Advance Calculus,

Object Oriented Programming, Statistics, Practical Physics, Electromagnetism, Atomic and Nuclear

Physics, Software Engineering

Sookmyung University, South Korea (GPA: 3.06), Bachelor of Science: Computer Science

Relevant Coursework: Cryptography Encryption, Signal Algorithms, Computer Security and

Computer Network, SQL Database Management and Design, Korean Language, Agile, Linux, C++,

Java Script

Certifications

Certified DOD Secret Clearance - Active

Certified Scrum Master - Active

Professional Scrum Master (PSM I) - Active

Professional Scrum Master (PSM II) - Active

CompTIA Network Security + - Active

Certificate of US Army Leadership

AWS Solutions Architect- Associate (SAA) - Active

AWARDS AND CERTIFICATIONS

2023 JBSA Fort Sam Houston Echo Company Leadership Medal (US Army)

2019 Virginia Business Council Scholarship

2012 Government of Ghana STEM Scholarship (Computer Science)

2011 Professor F.T. Sai Award for Best Female (Mathematical Science)

SECURITY CLEARANCE LEVEL

Certified DOD Secret Clearance - Active

WORK STATUS

US CITIZEN

REFERENCES

Available upon request

Details

1961 Gableridge Turn, Woodbrige, Virginia 22191, United States

703-***-****

***********@*****.***



Contact this candidate