Security Information

Joyce Ekanem

Greencard Holder

240-***-**** ************@*****.***

Insightful, result driven Cybersecurity Analyst with more than 5 years of experience in implementing and reviewing ATO package documents and remediating POAMs. Proven record of evaluating system vulnerability to recommend security improvements.

Risk Assessment

ATO packages

MS Office Suite(Word, Excel, PowerPoint,

Project)

NIST 800

Series

CSAM Splunk LDAP

POAM PowerShell Wireshark

TAF

FedRAMP

Salesforce

FISMA

Nessus

FIPS

Security Control Assessor May 2016 - Present

DelTaahTech Consulting MD

Conduct FISMA-based security risk assessments for various government contracting organizations and application systems, including interviews, tests, and inspections, produced assessment reports and recommendations, conducted out-briefings.

Utilize processes within the Security Assessment and Authorization environments such as system security categorization, development of security and contingency plans, security testing and evaluation, system accreditation and continuous monitoring.

Provide IA Support and Risk Management Framework and Continuous Monitoring processes

Support in the team of information security professionals to conduct Security Authorization packages (C&A) based on NIST standards for general support systems and major applications.

Provide input to management on appropriate FIPS 199 impact level designations and identify appropriate security controls based on the characterization of the general support system or major applications

Create standard templates for required security assessment and authorization documents, including risk assessments, security plans, security assessment plans and reports, contingency plans, and security authorization packages

Provide guidance and quality assurance to the system owner and ISSO on the development of C&A documentation

Support the risk management process by determining and assigning risk impact ratings for systems by Federal Information Processing Standards (FIPS) 199, which determines the level of effort required for the certification

d accreditation process of a system and determines the security controls for the protection of an information system

Review and ensured Privacy Impact Assessment (PIA) document after a positive PTA is created.

Review Technical Security Controls and provided implementation responses as to if/how Systems are currently meeting the requirements.

Assist in the review of policy, security alerts, guidance, regulations and technical advances in IT Security Management.

Contribute to initiating FISMA metrics such as Annual Testing, POA&M Management, and Program Management.

Security Compliance Analyst August 2015- May 2018

Department of the Treasury (Cameroon)

Performed comprehensive Security Assessments as part of Assessment and Authorization process to determine if controls are being implemented correctly, operating as intended and meeting the desired objectives.

Prepared Assessment and Authorization (A&A) packages, which includes but not limited to SSP, SAP, RTM, RA, SAR and POAM for ATO.

Reviewed the A&A Packages to ensure they remain current and security operations are in compliance with NIST 800-53 standards, FISMA and organization’s policies and procedures.

Assisted in developing and maintaining information security policies, standards and procedures relating to Management, Operational and Technical controls.

Provided assessment reports on the severity of findings/weaknesses and recommend corrective actions for mitigating vulnerabilities and exploits to the information and information system.

Reviewed the PAOM in order to validate the items uploaded in the POAM tracking tools support the closed findings and coordinate promptly with stakeholders to ensure timely remediation of security weaknesses.

Provided expert analysis and advice on systems and programs related to IT security problems and provide recommendations.

Performed vulnerability scans for Database, Network and Web Application for clients using Nessus and gather information necessary to maintain system security.

Conducted Privacy Threshold Analysis (PTA) and recommend Privacy Impact Analysis where necessary.

Provided routine support of IT security programs to ensure that security objectives of Confidentiality, Integrity and Availability are met.

Performed Assessment and Authorization on General Support Systems (GSS) and Major Applications to ensure environments are operating within strong security posture. BSc. in Accounting and Finance- Biaka University Institute of Buea, Cameroon. Certified Authorization Professional (CAP)– (ISC)2 (In Progress)

Contact this candidate