LIBABATIE PEDRO
INFORMATION SYSTEMS SECURITY OFFICER (ISSO)
Profile
With over 7 years of practical involvement as an Information Systems Security Officer (ISSO), I have consistently showcased my proficiency in safeguarding critical data and maintaining rigorous security standards. My capabilities extend across risk assessment, vulnerability management and the enforcement of security protocols, ensuring the confidentiality, integrity and availability of organizational assets. I thrive in collaborative environments, adept at facilitating the seamless integration of impactful security measures across diverse teams. I am enthusiastic about contributing to a dynamic organization, leveraging my expertise and skills in the capacity of an ISSO. My proven track record underscores my commitment and proficiency in this domain, positioning me to make significant contributions to any team I join.
SKILLS
●Risk Management: Risk assessment and risk mitigation analysis, Information Assurance & Privacy, RMF, System / Network vulnerability analysis, Testing IS Controls, Cloud Cybersecurity (NIST SP 800-Series, FIPS 199, FIPS 200).
●Regulatory Compliance: HIPAA, FedRAMP, NIST SPs, PCI-DSS, ISO 27001, CMMC, Contingency planning.
●Policy and Compliance Review: SOPs, ISAs, MOUs, test results, firewall policy, Ports & Protocols, Plug-ins.
●Security Tools: Nessus Scan [Tenable io], Web Inspect, STIGS.
●Software: Microsoft Office Suite 2016: Word, Outlook, Excel, Visio, PowerPoint, Teams, Virtualization, Windows and Linux Operating Systems, SharePoint, Risk Vision, Splunk.
●Server: Windows Server 2016.
●GRC Tools: RSA Archer, eMASS, CSAM, ServiceNow.
●Soft skills: Strong oral and technical writing skills, team player, detail-oriented, ability to work independently, strong leadership and organizational skills.
Employment History
Information System Security Officer (ISSO), CITIBANK N.A., New York.
JUNE 2021 — PRESENT
●Implemented Plan of Action and Milestones (POA&M) through CSAM, executing annual security assessments, encompassing NIST SP 800-53 and autonomous security evaluations.
● Executed evaluations of designated information systems security prerequisites, assessed the prevailing security stance, and suggested priorities for rectification.
●Revised System Security Plans (SSPs) for systems, executing requisite tasks in CSAM to compile a comprehensive SSP.
●Formulated, sanctioned, and verified POA&M ensuring their currency, precision, and efficacy in addressing identified security vulnerabilities.
●Orchestrated and executed compliance procedures as per Federal directives (NIST 800-53, 800-53A, 800-37, etc.) and client specifications.
●Assisted and documented security control assessments, aiding in remediation endeavors, and overseeing proper POA&M management.
●Scrutinized and improved standardized Security Authorization & Assessment (SA&A) Documentation, Security Assessment Reports, while furnishing recommendations for security infrastructure enhancements (e.g., firewalls, vulnerability scanning tools).
●Offered ISSO assistance for evaluating security assessments and their associated documentation.
Information System Security Officer (ISSO), George Mason SCHAR School of Policy, Arlington, Virginia
OCTOBER 2017 — DECEMBER 2020
●Conducted annual security assessments, including NIST SP 800-53 assessment and independent security assessments as required.
●Established and managed an IT System Security Compliance Schedule, covering POA&M Action Items, required ITSS reports/updates, Change Control Board Meetings, scheduled Vulnerability Scans, and updates to System IT Security Documentation.
●Identified the hardware and software components to be covered by the Security Authorization Package.
●Conducted assessments of assigned information systems security requirements, evaluated current security posture, and recommended priorities for remediation.
●Planned engagements, leveraging relevant work completed for other systems to achieve schedule cost savings and minimize impact on customer staff resources.
●Updated System Security Plans (SSPs) for IT systems and completed necessary activities in CSAM to generate a complete SSP.
●Coordinated the distribution of SSPs for review by project teams, tracked progress, and revised applicable areas in the CSAM tool as required.
●Drafted, approved, and validated POA&M, ensuring they remained up-to-date, accurate, and represented a true plan to mitigate identified security weaknesses.
●Conducted assessments of NIST SP 800-53, Rev 4 controls, documented findings in DOJ's CSAM repository, and ensured data quality and alignment with DOJ requirements.
●Reviewed and conducted NIST-based self-assessments, identifying weaknesses requiring attention, and developed a POAM for each based on industry best practices.
●Supported and documented security controls tests, assisted in remediation, and ensured appropriate management of POAMs.
Information Assurance Analyst, First Atlantic Bank, Richmond, Virginia
JULY 2015 — SEPTEMBER 2017
●Utilized expertise in NIST, OMB, RMF, FISMA, and government security requirements to improve organizational security protocols.
●Oversaw the monitoring and identification of risks and exceptions, ensuring resolution through the creation of Plans of Action and Milestones (POA&M).
●Executed risk and vulnerability assessments at the network system and application levels.
●Reviewed Nessus findings and generated vulnerability reports.
●Orchestrated the system accreditation process, collaborating with stakeholders to ensure successful reviews.
●Implemented security controls and devised operational risk mitigations.and assisted in conducting security awareness programs.
●Assessed and recommended new security tools, techniques, and technologies.
●Conducted routine assessments of site implementation of FISMA controls to support Continuous Monitoring.
Education
George Mason University (GPA: 3.70), MBA - International Commerce & Finance Policy
Relevant Coursework: Multilateral Development Banks Partnerships, Strategic Trade Controls
and Compliance, Global Business Finance, Microeconomics and Computational Policy, Managerial
Economics, Macroeconomics and Trade Policy, Contract Negotiations, Methods of Analysis.
University of Ghana (GPA: 3.29), Bachelor of Science: Mathematics & Computer Science
Relevant Coursework: Linear and Abstract Algebra, Systems Programming, Advance Calculus,
Object Oriented Programming, Statistics, Practical Physics, Electromagnetism, Atomic and Nuclear
Physics, Software Engineering
Sookmyung University, South Korea (GPA: 3.06), Bachelor of Science: Computer Science
Relevant Coursework: Cryptography Encryption, Signal Algorithms, Computer Security and
Computer Network, SQL Database Management and Design, Korean Language, Agile, Linux, C++,
Java Script
Certifications
Certified DOD Secret Clearance - Active
Certified Scrum Master - Active
Professional Scrum Master (PSM I) - Active
Professional Scrum Master (PSM II) - Active
CompTIA Network Security + - Active
Certificate of US Army Leadership
AWS Solutions Architect- Associate (SAA) - Active
AWARDS AND CERTIFICATIONS
2023 JBSA Fort Sam Houston Echo Company Leadership Medal (US Army)
2019 Virginia Business Council Scholarship
2012 Government of Ghana STEM Scholarship (Computer Science)
2011 Professor F.T. Sai Award for Best Female (Mathematical Science)
SECURITY CLEARANCE LEVEL
Certified DOD Secret Clearance - Active
WORK STATUS
US CITIZEN
REFERENCES
Available upon request
Details
1961 Gableridge Turn, Woodbrige, Virginia 22191, United States
***********@*****.***