Post Job Free
Sign in

Information Security Officer

Location:
College Park, MD
Posted:
August 10, 2020

Contact this candidate

Resume:

Emmanuel Eone

*******@*****.***

202-***-****

Experience Summary: Highly motivated and experienced Information System

Auditor/ Information Assurance Analyst with a proven 8-year track record seeking

a position in a growth-oriented organization. I have been involved with security infrastructure, federal security compliance in accordance with FISMA and NIST 800-53 controls. I have hands on experience with a wide array of technologies as well as interactions with a variety of Federal clients.

EDUCATION / CERTIFICATION / TECHNICAL SKILLS

Education:

BS: Cybersecurity Management and policy in progress,UMUC

BS:Computer Science University of Buea,Southwest 2011

High School diploma 2008

Training & Certifications:

Certified Ethical Hacker (CEH)

Certified Authorization Professional (CAP)

AWS Certified Solutions Architect- Associate

Security Plus

Certified Network Defense Architect (CNDA)

Certificate of Cloud Security Knowledge (CCSK)

Scrum Master

Clearance

Held Public Trust

Active DoD Secret clearance

Relevant Technical Skills:

FISMA compliance

Security controls and operations

System security planning (SSP)

FIPS 199

NIST 800-53

NIST SP 800-37

Nessus Tenable Scanner

Controlled Unclassified information (CUI)

Relevant Experience:

Technical Application/System Analyst Booz Allen Hamilton, Mars 2020 - Current

Perform quality control reviews on all MOU IS Document.

Help ensure compliance by signing/publishing Documents in SharePoint/GRC

Perform quality record on all Annual reviews

Support SharePoint improvement

Perform data validation on SharePoint site content

VA all MOU Template update

Performed Management Weekly Report: (every week, year-round)

Submitted Enterprise Security Change Control Board (ESCCB) Request Process

Provide information security analysis and documentation in accordance with National Institute of Standards and Technology (NIST) Special Publication 800-53 (Rev. 4) base controls and configurations

Actively create and track Plans of Actions and Milestones (POA&Ms) in the Governance, Risk and Compliance (GRC) tool. Work with clients to remediate and close out POA&Ms in a timely manner through evidence gathering

Using JIRA, (Agile Project Management Tool) to manage/compose/edit project life cycle

Provided key Information/Cyber Security Analyst services, as part of the CRISP program initiative, to the US Department of Veterans Affairs (VA).

Maintained role as fellow Information Security Officer (ISSO) dealing with regular review and new Memorandums of Understanding (MOU).

Provide policy analytic and management support to VA security program and Cybersecurity (CS) policies, to ensure requirements align with VA directive 6500 and Federal regulations, including the NIST 800-53 Rev. 4.

Review, assess and correct IT audit security controls to meet audit objectives for the VA

Provide input to policy and procedure changes based on audit recommendations and outcomes for VA

Presented security reviews/updates to clients on a weekly basis

Support leadership to identify capability gaps in vulnerability management services by analyzing Plans of Action and Milestones (POA&Ms) associated with the facility or system.

Direct and guide junior members of a project team and give feedback to team managers and other Stakeholders

IT Specialist Department of Commerce (Ardent eagle solutions), Janvier 2020- Mars 2020

Establishing and overseeing the Controlled Unclassified information (CUI)program in Department of Commerce (DOC) and ensuring the agency has CUI implementing policies and plans;

Implementing a CUI education and training program and ensuring agency personnel, including contractors as applicable, receive appropriate CUI awareness training.

Providing updates on CUI implementation efforts to the CUI Executive Agent and developing and implementing the agency’s self-inspection program.

Establishing processes and criteria for reporting and investigating misuse of CUI.

Ensuring methods of destruction for print, electronic media and any other forms of CUI are established.

Interacting directly and officially with the executive agent on CUI matters including submission of required reports.

Assessing bureau system that contain CUI and ensuring the system that are used to process CUI meet the federal baseline of moderate confidentiality

Incorporate appropriate security and privacy measures into enterprise IT systems that contain CUI.

ASM Cyber Security II, January 2017 – January 2020

Perform quality control reviews on all MOU IS Document.

Help ensure compliance by signing/publishing Documents in SharePoint/GRC

Perform quality record on all Annual reviews

Support SharePoint improvement

Perform data validation on SharePoint site content

VA all MOU Template update

Performed Management Weekly Report: (every week, year-round)

Submitted Enterprise Security Change Control Board (ESCCB) Request Process

Provide information security analysis and documentation in accordance with National Institute of Standards and Technology (NIST) Special Publication 800-53 (Rev. 4) base controls and configurations

Actively create and track Plans of Actions and Milestones (POA&Ms) in the Governance, Risk and Compliance (GRC) tool. Work with clients to remediate and close out POA&Ms in a timely manner through evidence gathering

Using JIRA, (Agile Project Management Tool) to manage/compose/edit project life cycle

Provided key Information/Cyber Security Analyst services, as part of the CRISP program initiative, to the US Department of Veterans Affairs (VA).

Maintained role as fellow Information Security Officer (ISSO) dealing with regular review and new Memorandums of Understanding (MOU).

Provide policy analytic and management support to VA security program and Cybersecurity (CS) policies, to ensure requirements align with VA directive 6500 and Federal regulations, including the NIST 800-53 Rev. 4.

Review, assess and correct IT audit security controls to meet audit objectives for the VA

Provide input to policy and procedure changes based on audit recommendations and outcomes for VA

Presented security reviews/updates to clients on a weekly basis

Support leadership to identify capability gaps in vulnerability management services by analyzing Plans of Action and Milestones (POA&Ms) associated with the facility or system.

Direct and guide junior members of a project team and give feedback to team managers and other Stakeholders

IMF Information Assurance Analyst (allied universal), Oct 2015 - January 2017

Assist System Owner and ISSO in preparing Authorization Package for

Major/Minor Application systems, making sure that security controls adhere

to a formal and well-established security requirement referencing SP 800-53

rev4.

Collaborate with ISSO to review and analyze security vulnerability scan

results and coordinate remediation response with system security

administrators/engineering teams.

In collaboration with other team members, appropriate RMF launch steps are

taken in the implementation of the Risk Management Framework (RMF)

throughout the complete process cycle, from the system categorization step

through to continuous monitoring.

Develop E-Authentication artifact identifying the appropriate

authentication mechanism based on risk assurance level (single or

multifactor) referencing SP 800-63.

Select and draft security control baseline in accordance with SP 800-53 rev 3/

rev 4 and FIPS 200.

Prepare security authorization & assessment package documentation

including system security plan (SSP), Security Test and Evaluation (ST&E),

Security Assessment Report.

SAR, Contingency Plan (CP) and other artifacts required for the ATO package,

referencing SP 800-18, SP 800-30, and SP 800-34 respectively.

Support the configuration management team that is responsible for the

creation of system configuration baseline and implementing change process

using SP 800-128.

Initiate, update, coordinate and track patching and remediation of security

weaknesses as they are documented in the Plan of Actions and Milestones

(POA&M).

Update, retrieve and upload all necessary authorization related

documentation into Cyber Security Assessment Management (CSAM) using

approved templates and procedures.

US Marine Corps-Warehouse Clerk (3051)/ Cyber Security Technicians (0689), August 2014 – August 2018

Receive, inspect, locate, and store supplies and equipment

Rotate, prepare, ship, and issue supplies and equipment

Material return and disposal of supplies and equipment for ground supply operations.

Maintain personal computer and mainframe locater systems

Conduct inventories, maintain records and monitor shelf life items through CD ROM.

Input data entry transactions identify packaging requirements and ensure items are maintained as required.

Create, Manage, and maintain the Work Management metrics

create security policies, plans, and procedures for the network and other communications systems.

Data network security measures, network intrusion detection, computer forensics, system security incident control, and keeping all networks within standard of Marine Corps

Eco IT Specialist, Sep 2009 – Oct 2011

Uphold integrity of all internal processes (incident management, major incident management, problem management, change management, etc.)

Create, Manage, and maintain the Work Management metrics

Ensure IT compliance for global infrastructure services (e.g. antivirus, license management, incident management, Security, Asset Management)

Tests SharePoint sites to assure they are working at optimum capacity, to correct errors and to make necessary adjustments

Conducted Systems Risk Assessment through Risk Analysis, assessed the

various assets within the systems authorizing boundaries and rigorously

identified all possible vulnerabilities that existed within the system.

Analyzed and advised on the risk and remediation of security issues based on

reports from vulnerability assessment scanners, patch management tools, and

emerging threat information.

WORK HISTORY

Booz Allen Hamilton

Technical Application/System Analyst

03/2020- Current

Dept of Commerce

IT Specialist

01/2020-Mars 2020

ASM Research

Cyber-security Analyst II

01/2017 – 01/2020

International monetary Fund (Allied Universal)

Information Assurance Analyst

10/2015 – 01/2017

US Marine Corps

Supply (3051)/cybersecurity (0689)

08/2014-08/2018

Other

Other jobs

2011-2015

Eco Bank

IT Specialist

09/2009-05/2011



Contact this candidate