CYBER SECURITY ANALYST ASSESSOR

PROFESSIONAL SUMMARY

Insightful result driven Cyber Security Analyst with more than 4 years of experience. Ability to perform Intrusion Detection, Vulnerability Assessment, Security Event Response, and Risk Management. Self-motivated and goal-oriented, with demonstrated ability to handle complex responsibilities in a demanding environment. Extremely organized and able to work within multiple teams to provide solutions and planning and goal-setting acumen to achieve objectives. Effective communicator who easily builds consensus among diverse groups such as Programmers, Developers, Engineers, and other form of all organizational levels and organizational backgrounds.

CORE STRENGTHS

NIST 800 Series FIPS Microsoft Office Suite (Word, Visio, Excel, Power Point, Access, Outlook) TCP/IP VPN Hyperion Wireshark IDS/IPS PCI/ DSS SCADA/ICS Policy Planning Amazon Web Services (AWS) Nessus Vulnerability Scanning Nmap Splunk FireEye QRadar Policy Planning FedRAMP Nexpose exp.

PROFESSIONAL OVERVIEW

Cyber Security Assessor

DTT Consulting November 2017 – January2020

Validate management, operational, and technical security controls as part of the continuous monitoring assessment plan for all major systems

Effectively communicate to stakeholders’ detailed information around schedule, scope, required documentation, security objectives, risks/vulnerabilities, and remediation actions

Review test results and provide independent Q&A and validation of results. Manage risks by providing formal and information risk assessments and facilitate plans of action and milestones (POA&M) management.

Conduct ad hoc validation on an as-needed basis to assist with closing open POA&Ms’ or vulnerability remediation.

Collaborate with agency officials and stakeholders to facilitate meetings to address event driven triggers around system risks.

Understand FedRAMP requirements/regulations, cloud technology stacks, and translate 3PAO results into agency RMF methodology.

Review system security controls (managerial, operational, and technical) to determine applicability against federal requirements (e.g., NIST SP 800-53)

Document POA&Ms’ s for corrective action following assessment activities and in response to identified vulnerabilities Apply knowledge of Information Assurance Vulnerability Alerts (IAVAs)

Ensure integrity of IT systems by identifying and mitigating potential avenues of exploitation, including system level attacks and user level attacks

Coordinate planning, scheduling, and testing of projects in the Assessment and Authorization (A&A) process

Conduct hand on security testing, analyzes results, documents risks, and recommends countermeasures

Advise and assist with the Lifecycle Assessment and Authorization (A&A) process and development of Systems Security Plan (SSP)

Develop risk assessments, recommend mitigating countermeasures, and write short, succinct risk assessment and certification reports for submission to the Chief Information Officer

Apply working knowledge of Intelligence Community Information Assurance policies and regulations and how they relate to the A&A process

Assist with the management of security aspects of the information system and perform day-to-day security operations of the system

Maintain operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed

Provide security certification test and evaluation of assets, vulnerability management and response, security assessments, and customer support

SOC Analyst I

DTT Consulting December 2016 – October 2017

Monitor and analyst network traffic, Intrusion detection system (IDS), security events and logs.

Work with security operation center engineers to operate IDS/IPS such as SNORT to analyze and detect worms, vulnerabilities exploits attempts.

Monitored events responded to incidents and reported findings.

Utilized Security Information and Event Management (SIEM), Intrusion Detection and Prevention (IDS/IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.

Apply incident handling processes-including preparation, identification, containment, eradication, and recovery to protect enterprise environments; Facilitate impact analysis, issue resolution and remediation, case management/reporting, root cause analysis, and other incident management functions as needed.

Block malicious domains, hashes and IPs following company’s Standard Operation Procedures.

Use Splunk to search and analyze email logs to confirm malicious emails were not delivered or are quarantined and malicious attachment dropped.

Investigate process and resolve security emails alerts from SIEM tools like Iron port, FireEye, Mcaffee DLP and Source Fire

Use ServicesNow to open tickets for third party supports in resolving SOC issues.

Coordinate with the CIRT team to investigate and resolve security incidents.

Respond to computer incident by collecting, analyzing, preserving digital evidence and ensuring that incidents are recorded and tracked in accordance with organizational SOC requirements.

Stay current with vulnerabilities, attacks, and countermeasures using Nexpose exp.

Develop follow-up action plan to resolve reportable issues and communicate with other IT teams to address security threats and incidents accordingly.

Prioritize and differentiate between potential intrusion attempts or false alarms.

Assists with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.

Monitor events respond to incidents and report findings and escalate critical ticket if need be.

Utilize IDS/IPS to monitor malicious activities on the network like Snort to detect and respond to security incidents, analyze firewalls logs, IDS/IPS logs to uncover malicious activities going on over the network. Initiate and recommend corrective action to the CIRT team.

Information Security and Risk Analyst (Medicaid department)

Hexis Cyber Solution November 2016 – December 2016

Applied industry standard risk management techniques to ongoing projects in application security

Promoted security engagement through knowledge transfer and awareness

Delivered risk reducing strategies to project teams via end-to-end security solution design

Perform risk assessments on Third Parties and ongoing projects, solutions and implementations

Examine emerging technologies and scrutinize possible implementation risks and rewards

Manage policy exceptions and track to ensure remediation

Evaluate data protection controls for sufficiency, ensuring data safety outside the company.

Review Third Party vendor security solutions for compliance with Bank policies and guidelines

Track remediation efforts and follow up to ensure key deadlines are met

Implement assessment process and metrics for identifying and reporting on third parties

Evaluate security posture of third-party vendors and partners to ensure proper data hygiene

Review and approve requests from procurement to initiate new vendor relationships based on data security

Coordinate with vendor managers and assessors on security solution implementation

Ensured Electronic Protected Health Information (ePHI) remains protected via HITRUST implementation

Conducted Vendor / Risk management assessments based on industry standards (HIPAA, HiTech, HITRUST)

Policy Management including process mapping within Archer enterprise Governance Risk Compliance system

Created and presented Security Awareness road show to promote Information Security knowledge sharing

EDUCATIONAL AND PROFESSIONAL DEVELOPMENT

Bachelor of Science in Bioinformatics University of Maryland Global Campus (UMGC)

Master of Science in Cyber Security University of Maryland Global Campus(in progress)

CAP, Security+ (in progress)

Reference:

Delphine Takoh : 202-***-**** ( ISSO and Linux software engineer)

Gilbert Taah : 202-***-**** ( ISSO)

Contact this candidate