Security Controls Incident Response

JAMES OMOYELE

Sauk Village, Illinois • 240-***-**** • ***********@*****.***

RESOURCEFUL INCIDENT RESPONSE LEAD

IS Security Engineer • Validation Team Lead • Security Program Analyst • RMF Coordinator

Security Compliance Expertise • Risk Management Strategy • Incident Response Coordination

Enhanced Security Controls • Improved Compliance Documentation • Implemented RMF Processes

Promoted 2x • Yes • 1. How to Create Stunning Visual Content for Social Media • No

WORK EXPERIENCE

Trust Point.One; Washington, DC June 2019 - present

Cybersecurity Analyst/ ISSO

•Reviewed government agencies' documents like Security Plans, Contingency Plans, tests, Privacy Impact Assessments, Risk Assessments as per NIST 800 guidelines for FISMA compliance.

•Demonstrated proficiency in National Institute of Standards & Technology documentation: Performed assessments, POA&M Remediation using NIST SP 800-53 Special Publication.

•Propelled internal evaluations using NIST SP 800-53a in the organization's RMF process, guaranteeing successful execution and intended results of security controls.

•Utilized NIST 800-37 as a guide for comprehensive assessments and continuous monitoring to maintain high-level operational security posture.

•Assisted in choosing suitable security controls for two Department of Commerce systems, aiding their RMF efforts. Played a key role in creating contingency and Incident Response plans to enhance Business Continuity Plan initiatives.

•Collaborated with Information System Owners, Developers, and System Engineers to tailor and implement robust security controls for system information protection.

•Initiated weekly meetings with diverse System Owners & ISSOs providing guidance on evidence required for security controls while documenting assessment findings.

•Analyzed ATO Package components including security plans, assessment reports & plan of action milestones preparing them for Authorization official's approval.

•Piloted meetings with System Owners & ISSOs, guiding them on necessary evidence for secure control measures implementation and recording assessment findings.

•Documented significant changes occurring rapidly on information systems performing continuous monitoring aligning it with organizational strategy.

•Crafted OS images for quick deployment of user workstations & virtual machines, boosting productivity.

•Collaborated with developers to replicate issues in test environments for problem solving.

•Updated IT security policies and procedures to meet departmental and federal standards.

•Managed spam filters successfully, reducing risks of phishing and malware attacks.

•Phishing Experience ( Action Talion,Alerts, Defender/AMP/Netskope/DEVO Siem)

Rodot Nigeria; Lagos May 2015 - Dec 2018

Cyber Security Compliance Officer

•Demonstrated proficiency in ISO 12700 standards through assessments, POA&M Remediation, and artifact reviews using ISO 127001.

•Performed Information Systems Security Audits with Assessment & Authorization Tests in compliance with ISO 127001 standards.

•Ensured customer compliance with security protocols per ISO 127001 standards.

•Leveraged the organization's RMF process to guarantee accurate, current, and detailed system/application documentation for Security Control Assessment/Validation support.

•Initiated strategic discussions with System Owners and ISSOs, offering advice on essential evidence for security controls and recording assessment results.

•Provided top-notch POA&M Quality Management services, including reviewing, updating, and validating documents on behalf of the Assessment Manager.

•Developed ISO-compliant vulnerability assessments, technical documentation, and initial Plans of Action & Milestone (POA&M) documentation.

•Planned, assigned and performed comprehensive security validation review for A&A documentation while supervising team members effectively.

•Reviewed security controls thoroughly, offering responses on systems' compliance needs.

•Maintained an organized inventory of all Information Security systems for assessment.

•Reviewed deliverables diligently before uploading them into A&A repositories CSAM.

•Offered guidance and training to system owners and ISSOs on validation process.

•Executed quality control for package validation on the SSP, RA and PIA.

Keystone Bank Victoria Island; Lagos June 2012 - May 2015

Cyber Security Analyst

•Leveraged ISO 27001 and existing protocols to examine system/application documentation for precision, updates, and thorough details aiding the Security Control Assessment/Validation process.

•Initiated productive meetings with various System Owners, providing guidance on evidence required for security controls while documenting assessment findings.

•Executed Security Incident Response activities including investigations, follow-ups, and incident ticket resolution.

•Conducted vulnerability scans with Nessus and coordinated remediation efforts efficiently.

•Collaborated with Developers and Engineers to integrate robust security into SDLC process.

•Monitored systems with Splunk for real-time detection of potential security incidents.

•Performed web app security/penetration testing using Burp Suite Pro, Acunetix, SQLMap.

•Identified system flaws, analyzed security scans, and determined necessary actions.

•Utilized Symantec Enterprise for intrusion detection in enterprise infrastructure.

EDUCATION

Ladoke Akintola University of Technology, Ogbomoso, Nigeria.

Graduate Study: Computer Science

Yaba College of Technology Nigeria

Bachelor's Degree: Mechanical Engineering

TECHNOLOGIES, CERTIFICATIONS

Technologies: VMware, Microsoft SQL Server, Tenable SecurityCenter, Microsoft Azure, Oracle Database, Cisco Firewalls, Check Point Security Gateways, Git, RSA Archer, Microsoft Exchange Server, Mobile Device Management solutions like AirWatch or MobileIron, Amazon Web Services, Docker, Microsoft Active Directory

Certifications: CompTIA Security +

Contact this candidate