WILLIAM PEFOK

Ellicott City MD *****, 301-***-****, adarop@r.postjobfree.com

Professional Summary

Information Security has been my passion for the past 2 years. I have extensively worked in organizations where I am actively involved in setting up processes, frameworks and implementing controls to make sure our various systems, networks, devices and software’s conform to security best practices

Professional Experiences

Afrius Technology (Laurel, MD) June 2019 - Present.

Project: Information Security and Assurance division focuses on setting up the security best practices for the entire organizations

Information Security Analyst

•Drafted the template for incident report file to be used across the security team.

•Identify and analyze business violations and standards - perform research, analysis and troubleshooting to narrow down issues, resolve and explain complex security issues to company management.

•Compile and generate security reports on system and network access on a weekly basis.

•Moderated workshops and interviewed key stakeholders to determine technical threats and risk.

•Developed detailed recommendations for mitigation findings and process improvement of projects

•Actively involved in identifying and labelling key system assets and drafting processes and practices to mitigate/reduce risk on those systems in the event of outages.

•Administer and maintain user access controls and procedure to prevent unauthorized access.

Vomoz Communications (Columbia, MD) September 2017 - May 2019.

Project: We built a telecom and IP software which enabled customers to be able to international calls at cheaper rate. Our team was tasked with providing the security architecture and framework for the company.

Security Analyst

•Drafted the template for incident report file to be used across the security team.

•Perform (A&A) agency’s system per NIST requirements of Low, Moderate, or High systems per FIPS 199 and NIST SP-800-60

•Perform (A&A) Assessment and Authorization projects in support of client security system.

•Created and updated the following Security Assessment and Authorization artifacts;FIPS 199, Risk Assessments Report (RAR), Privacy Threshold Analysis (PTA), Privacy impact Analysis (PIA), Contingency Plan, Security Test and Evaluations (ST &Es), E-Authentication, Plan of Action and Milestones(POAMs)

•Manage Vulnerabilities to detect potential risks on a single or multiple assets across the enterprise network

•Develop NIST-compliant vulnerability assessments, technical documentation and Plans of Action and Milestone (POA&M) and address system weaknesses

Security Frameworks Familiar with: SOX, NIST, RMF, PCI, FISMA

Security Tools: NMAP, ArcSight, Fireeye, Nessus

Technical Skills

Technical Experience

Able to Perform multiplatform Server builds on VMware, which include Windows Server 2008, UNIX Solaris 10, LINUX Centos 6.4, and RHEL 6.4.

Responsible for assigning hostnames, static IP addresses, default gateway addresses and DNS addresses to Windows 2008 Servers so as to introduce them to the network. Windows 7, 8 and 10 NOS imaging and configurations and software deployment.

Create new User accounts and profile on Windows, UNIX and LINUX systems. Troubleshoot and resolve OS, application, malware desktop related issues on various Windows NOS. Use TCP/IP troubleshooting tools to troubleshoot and resolve network connectivity and DNS related issues in the LAN

Configure Windows NOS clients to join the domain as well as configure file and print sharing on some Windows NOS to enable resource sharing. As well as bridging the Guess VMware systems to communicate with other physical LAN systems.

Education and Training

Morgan State University, Baltimore, Maryland

Bachelor of Arts in Philosophy (minor Information Systems) May 2019

Howard Community College, Columbia, Maryland

Associate of Arts 2016

Trinitech Consulting Global Network Academy, Beltsville, Maryland

Afrius Technology, Laurel, Maryland

Cybersecurity Fundamentals & Security

CompTIA

Security + Certified October 18 2019

Contact this candidate