Anthony Affum Kwakye

**** ******** **** **.

Haltom City Tx 76117

Email: adbct3@r.postjobfree.com Cell: 972-***-****

Objective

Seeking an Information System Security Officer or Information Assurance position in a growth-oriented organization with a focus on Cybersecurity.

Education

Tarrant County college Hurst Texas 08/2015- 05/2017

Civil Engineering

Bachelor of Science University of Technology 08/2004- 03/2007

Computer Science/ Engineering

Certification

CompTIA Security+

Clearance

No but Clearable U.S Citizen

Training

MS Office Suit,

Operating Systems: Windows (XP) and MAC OS X

Summary of Qualification

Review the System Security Plan (SSP) using NIST SP 800-18 as a guide

Participated in FIPS 199 process in which Security Categorization takes place, and selecting the Technical, Operational and Managerial Controls using NIST SP 800-60 guidelines.

Reviewing and developing of E-Authorization document using NIST 800-37 as a guide.

Ability to develop POA&M (Plan of Action & Milestones) document to take corrective actions resulting from ST&E (System Test & Evaluation).

Reviewing and developing Risk Assessment (RA) using NIST SP 800-30 guidelines.

Understanding in IT Security Compliance work, including demonstrated experience documenting/reviewing policy, Plan and Procedures and IT Security artifacts in accordance with NIST.

Professional knowledge in providing support and guidance to System Owner's through the NIST Risk Management Framework & Systems Assessment and Authorization processes.

Developing SAP, Security Categorization using 800-61/FIPS 199, selecting of security controls using 800-53/FIP 200.

Working Experiences

Federal Cyber LLC Fort Worth, TX

Information Assurance Officer 05/2017 to Present

Responsible for implementing and enforcing an Information Assurance (IA) program at the organization.

Ensured all systems and applications are certified and accredited and that RMF packages were processed, reported and coordinated in a timely fashion with the organization.

Assisted subordinate IAMs to create RMF artifacts and Plans of Actions and Milestones (POA&Ms).

Developed and reviewed artifacts such as eAuthentication, PTA, PIA, CM Plan, CP Plan, SAR, POA&M, SSP

Ensured POA&M mitigations and timelines were adhered to and documented any changes that occurred.

Reviewed status of Information Systems for modifications and assessed the impact to current system accreditation.

Develop kickoff meeting slides and emails

Validated system requirements, security policies and procedures, contingency plans, incident response plans, personnel security, access control mechanisms and identification and authentication mechanisms.

Performed technical assessments to ensure the system or application proposed for accreditation or connection met the classification and sensitivity levels of the systems and applicable policies, regulations, and standards.

Ensured the implemented security safeguards were adequate to assure the integrity, availability, and confidentiality of the information being processed, transmitted, or stored consistent with the level of sensitivity of that information.

Ensured system POA&M mitigations and timelines were adhered to and documented all changes that occurred.

Responsible for 4 accredited systems and ensuring that system security postures are maintained.

.

Evoke Consultant Forth Worth, Tx

Information Security Analyst 04/2015 to 04/2017

Provide services as control assessor (SCA) and perform independent comprehensive Assessment of the management, operational controls within the information system to determine the overall effectiveness of the controls as defined in NIST 800-37 and Authorization process to include A&documentation, reporting, reviewing and a technical analysis requirements.

As a team, we determined Categorizations using the FIPS 199/NIST 800-60 as a guide, reviewed, update and develop Privacy Impact Assessment (PIA), Privacy Threshold Analysis (PTA), and initiated SSP.

Worked with ISSO, system Owner and team to access controls selected, and assess the weakness and all findings reported in our SAR report.

Assisted subordinate IAMs to create RMF artifacts and Plans of Actions and Milestones (POA&Ms).

Ensured POA&M mitigations and timelines were adhered to and documented any changes that occurred.

Review and develop contingency plans (CP), privacy impact assessments (PIA), and risk assessment (RA) documents per NIST 800 guidelines for various agencies.

Review and update of the SSP using NIST SP 800-18 guidelines.

Specialize in the entire Risk Management Framework (RMF), and system control assessment processes using NIST SP 800-60, NIST SP 800-53A, preparing and reporting SSP, SAP, PTA, PIA, E-Authentication, POA&M.

Develop and conduct ST&E according to NIST SP 800-53A and perform on-site testing and reviewing vulnerability scan results.

Reference:

Will be giving upon request.

Contact this candidate