Ejobi Toke
.***** Virginia
Telephone: 641-***-****
E-Mail: adda5w@r.postjobfree.com
A detailed oriented Army Reserve with MOS 17C (cyber operation) and over 8years experience in cyber security, managing information in federal systems using special publication as NIST and FIPS. Security Control Assessment (SCA), Risk Management Framework (RMF) and the remediation of failed security controls using POAM with compliance to FISMA. Experience with wireshark, and CIS . Experience in risk management, risk assesment .
PROFESSIONAL EXPERIENCE
Cyber Security Analyst-ASM Research
Fairfax Virginia VA May 2019 – Present
JOB DUTIES
•Experience on security controls families
•Experience with VA 6500 standards
•Experience with NIST 800-53 rev 4 selecting of controls
•Experience with editing and creating draft SOPs
•Experience on RMF
•Utilizes the Cyber Security Assessments and Management (eMASS) to record, manage, assess and remediate failed security controls.
•Applied appropriate information security control for federal information system based on NIST 800-53, FIPS 199, FIPS 200
•Experience on opening and closure of POAMS base on appropriate standards
•Experience on documenting and uploaded evidence to support implementation details
•Basic Experience on eMASS
•Experience in completing CCI on different control families with their respective SOPs
•Experience on security categorization
•Experience on selecting security control
•Experience with HBSS security tool
•Experience with ACAS
•Traveling experience with team to VA facility site to collect evidence
Cyber Security Consultant-WEST BEND Insurance, Wisconsin WI
December 2017 – April 2019
Perform Assessment and Continuous monitoring and authorization
Extensive knowledge in categorizing information system using FIPPS 199 and NIST 800-60 as a guide
Maintain follow-up reviews on system security plan, contingency plan, business impact analysis, Plan of Action and Milestone
Conducted risk management and risk assessment
Specializes in the entire FISMA, RMF, and SA, A&A/C&A and system control, assessment processes to ensure CIA triad is complying using FIPS 199/ NIST SP 800-60, NIST SP 800-53 and NIST 500-53A Rev 4
Implementing RMF through the SDLC process in addressing the risk posture
Utilizes the Cyber Security Assessments and Management (CSAM) to record, manage, assess and remediate failed security controls.
Experience in security control testing
Interpret firewalls logs from IDS/IPS
Perform gap analysis by reviewing/assessment of my system
Managed vulnerabilities with the aid of Nessus, Splunk, for vulnerability scanners to detect potential risk on a single or multiple asset across the enterprise network
Applied appropriate information security control for federal information system based on NIST 800-53, FIPS 199, FIPS 200
Analyzing vulnerability scanning using Disa Stig as a testing guide
Monitoring and Analyzing data with Splunk
Visualization and Created dashboard in Splunk
Experience with Splunk components and Log Forwarding
Experience with patch testing and patch management
Experience with Tenable SC
Experience running vulnerability scans and compliance scans on Tenable SC
Experience on protocol analyzer (Wireshark)
Cyber Security Analyst- Atius Tech
Beltsville MD October 2012- November 2017
JOB DUTIES
•Initial Risk Assessment, reviewed SAR, SSP & POA&M
•Tracked NIST compliant vulnerability assessment, Plan of Action and Milestone (POA&M) and gives safeguard recommendation
•Conduct continuous monitoring and ensure system is up to date and operating within desired time period
•Managed vulnerabilities with the aid of NESSUS, Web Inspect as vulnerability scanning tools to detect potential risk on single or multiple asset across the enterprise.
•Knowledgeable on TCP/UDP
•Packet capture or traffic sniffer and analyzing traffic using wireshark
Analyzing firewall logs
•Monitored Report on Palo Alto Firewall
•Experience with malware prevention
•Experience in various cyber attacks
•Perform Assessment and Continuous monitoring and authorization
•Extensive knowledge in categorizing information system using FIPPS 199 and NIST 800-60 as a guide
•Maintain follow-up reviews on system security plan, contingency plan, business impact analysis, Plan of Action and Milestone
•Conducted risk management and risk assesment
•Specializes in the entire FISMA, RMF, and SA, A&A/C&A and system control, assessment processes to ensure CIA triad is in compliance using FIPS 199/ NIST SP 800-60, NIST SP 800-53 and NIST 500-53A Rev 4
•Experience in Running Vulnerability and compliance scans using NESSUS
•Experience with Tenable security SC
•Experience certification and accreditation of servers
•Experience with weekly vulnerability report
•Experience with server decomissioning
Business Analyst-Camtel Douala
Douala Cameroon March 2012-August 2013
Experience writing business contigency plans
Experience in Risk Management
Experience with tabletop exercise
Experienced in weekly report
TECHNICAL SKILLS
•Knowledge on OSI/TCP model
•Understanding of VPN
•Understanding of transport protocols TCP/UDP
•Knowledge on FEDRAMP concept
•Knowledge on HIPAA Act
•Understanding of PCI/DSS
EDUCATION
•Indian Hills Community College Iowa
•Masters in International Relation CERIS Belgium (2012)
•Bachelor of Law and Minor in computer Science, University of Yaoundé SOA Cameroon (2007)
CERTIFICATIONS
•Security + CE Active
•CAP ACTIVE
•CISSP in progress
SECURITY CLEARANCE
SECRET CLEARANCE ACTIVE