Michael O Balogun

ade111@r.postjobfree.com

240-***-****

Labor Category

Security Analyst

Summary of Experience

Mr. Balogun is an Information Security Analyst with vast experience in managing and protecting enterprise information systems, network systems and operational processes through information assurance controls, compliance verifications, Risk Assessment, Vulnerability Assessment in accordance with NIST, FISMA, OMB App. III A-130, and industry best security practices. Mr. Balogun possess vast experience in the area of IT stretches back 15 years, with jobs in IT Support, Database programming, and Cyber Security.

Specialties/Expertise

Information System Security

Vulnerability Assessment

Penetration Testing

Information Assurance

Privacy

Project Management and Support

Business System Analysis

CSAM

eMASS

Security Life Cycle

System Risk Assessment

System Development Life Cycle

Active Clearance(s) (List All)

Public Trust:

Education

Bachelor of Science, Business Administration University of Maryland Global Campus,2009.

Master of Science, Management, University of Maryland Global Campus, 2016.

Certifications and Training

EC-Council- Certified Ethical Hacker,

Comp TIA Security+

Certified Authorization Professional (CAP) Passed

Employment History & Detailed Work Experience – Last 10 Years

Favor Technical Consulting, LLC (FTC), Vienna, December 2019 – March, 2020

Cyber Security Analyst, Veterans Administration (VA) Veterans Health Administration (VHA), Enterprise Reporting and Analytical Support, (2019 – Present)

Provides enforcement of security and compliance related tasks against VA’s accreditation boundaries of systems, to include performance reporting and analysis of trends across VA’s information security compliance program.

Provides technical and operational security control subject matter expert services on compliance requirements reflective of the Risk Management Framework (RMF)

Ability to data mine eMASS

Familiarity with Veterans Affairs naming conventions

Assists System Owners and Security Teams to provide direction on compliance standards to meet VA’s RMF/ National Institute of Standards and Technology requirements

Provides timelines, monitor completion of tasks by System Owners and escalate non-compliance activities to VA.

Experience with Government Authority to Operate (ATO) process per NIST guideline

Experience with Government Security Requirements as outlined in NIST guideline

VA eMASS experience & knowledge.

Experience with Risk Management Framework processes

Strong analytical skills

Presentation ability (Microsoft PP, Excel) Desired Skills:

Experience with Enterprise Mission Assurance Support Service (eMASS)

Past experience working with the Department of Veterans Affairs (VA), Office of Information & Technology (OI&T).

A S M Research (Accenture Federal Service Company) May,2019-December 2019.

Cyber Security Analyst II CRISP RSS- Bridge. Department of Veteran’s Affairs.

Responsible for executing the reviews of RMF security controls to ensure FISMA and NIST compliance.

• Analyze and update the SSP, RAR, PIA, ST&E and POA&M’s, SOP and VA handbook 6500.

• Support leadership to identify capability gaps in vulnerability management by analyzing POA&M’s associated with Veterans affairs.

• Maintain knowledge of current RMF security trends to effectively communicate to client.

• Document NIST 800-53 security control compliance findings within SAR, VAR and ATO brief decks to include identified vulnerabilities and the corresponding recommended risk mitigations.

• Conduct security controls assessment to ensure controls are implemented to comply with NIST standards.

• Research policies, procedures, standards and guidance and recommend needed changes under specific conditions for the protection of information and information systems.

• Conduct IT control risk assessment that includes reviewing organizational policies, standards and procedures and provide advice on their adequacy, accuracy and compliance with FISMA standards.

Alpha Hill/ 4 Square I T CONSULTING, WASHINGTON DC April 2016 – MAY 2019

Information Security Analyst

Develop, review and update Information Security System Policies, System Security Plans (SSP), and Security baselines in accordance with NIST, FISMA, OMB App. III A-130, NIST SP 800-18 and industry best security practices.

Use of Penetration testing and Vulnerability tools such as Nessus, Metasploit, and Nexpose to explore and reveal vulnerabilities in Information system.

Apply appropriate information security control for Federal Information System based on NIST 800-37 rev1, SP 800-53 rev4, FIPS 199, FIPS 200 and OMB A-130 Appendix III.

Conduct systems and network vulnerability scans in order to identify and remediate potential risks.

Performed Federal Information Security Management Act (FISMA) audit reviews using NIST 800-37 rev 1.

Updated IT security policies, procedures, standards, and guidelines according to department and federal requirements.

Developed and Implemented information security governance processes including policies, procedures, requirements, risk management and RBD SOP.

Remarkable Technology Group July,2012-March2016

Senior Cyber Security Analyst

Coordinate and manage team activities during assessment engagements.

Establish schedules and deadlines for assessment activities.

Monitor controls post authorization to ensure continuous compliance with the security requirements.

Update the controls changes from NIST-800 53 rev 3 to NIST-800 53 rev 4 and control assessment changes from NIST-800 53A to NIST 53A rev4

Review Regional Offices’ artifacts and implementation statements in Risk Vision

Updates & closes regional offices Findings/POA&M

Facilitate FISMA Continuous Monitoring Test Cases NIST 800-53 Rev 4 Update.

Conduct Security Risk Assessment on all new applications, IT Systems or changes to existing IT systems to verify if they satisfy established security baseline before adoption into Corporate Regional offices.

Conduct Security Risk Assessment on new Vendors and annual Vendor Risk Assessment.

Assist management in authorizing the IT Systems for operation on the basis of whether the residual risk is at an acceptable level or whether additional compensating controls should be implemented.

Ensure compliance with Baseline security configurations, IT controls and policy standards.

UNATEK INC- Upper Marlboro, MAY 2010- June 2012

I T Support

Perform Software/Hardware installation, Maintenance, repair, Update and testing.

Installed and configured Microsoft Office Suites on multiple machines.

Configured and implemented network interfaces for a Windows Network.

Troubleshoot and resolve TCP/IP connectivity problems.

Created new procedures to improve company’s productivity in the management of information systems

Utilized tools to track, record, and transfer request orders and incident tickets

Added and removed desktop/laptop memory and SATA hard drives to improve performance.

Performed network administration functions, set up network user accounts/permissions, reset passwords, and administer group policies.

Removed hard drives, motherboards, power supply unit, NIC cards, RAM, video cards and sound cards

Installed, configure, re-image and maintain desktop systems, copy and scan documents.

Performed regular hardware and software checks for performance.

Created file back-ups to prevent loss of data

Used Microsoft Administrative tools to manage and monitor systems performance.

Recall Total Management, Cheverly, m d. March 2007- April 2010

Oracle Database Administrator

Expertise in the creation of databases, table spaces, tables, indexes and other database objects.

Installed and managed Oracle Enterprise Manager.

Install and configure relevant network components to ensure database access as well as database consistency and integrity

Troubleshoot and resolve various Oracle connectivity problems.

Provide network troubleshooting and administrative support for the development staff.

Installation and management of Oracle database using database control

Create and manage documentation on the configuration and support of the Oracle databases

Perform bulk load into the database using SQL Loader

Perform standard and fine grain database auditing.

Documented database structure, changes, problems, issues for future reference

Administer database user accounts. Create, modify and deactivate user accounts; assign and monitor user access rights

Created Testing and Development databases following OFA compliance rules.

I T Support Analyst-Professional Records Storage Inc. Landover MD August 2001- March 2007.

· PC hardware installation, configuration, maintenance & upgrades.

· Operating System installation, maintenance & upgrades

· Router, Firewall, Cable Modem, WiFi installation and configuration

· Application Software installations and maintenance.

· Antivirus, Spyware, and Spam protection

· PC support including system tuning and optimization.

·Network, Remote Access, and Peripherals setup and support.

General desktop PC and server support

Telesec Temporary Staffing Agency, Greenbelt Maryland May 1992-March 1995.

Temporary Staff

Sunnydale meat processing PLANT, CHEVERLY, Maryland March 1990-1992.

Temporary Staff

References: Available upon request.

Contact this candidate