Information Security Officer
Resume:
Emmanuel Eone
ade8f5@r.postjobfree.com
Experience Summary: Highly motivated and experienced Information System
Auditor/ Information Assurance Analyst with a proven 8-year track record seeking
a position in a growth-oriented organization. I have been involved with security infrastructure, federal security compliance in accordance with FISMA and NIST 800-53 controls. I have hands on experience with a wide array of technologies as well as interactions with a variety of Federal clients.
EDUCATION / CERTIFICATION / TECHNICAL SKILLS
Education:
BS: Cybersecurity Management and policy in progress,UMUC
BS:Computer Science University of Buea,Southwest 2011
High School diploma 2008
Training & Certifications:
Certified Ethical Hacker (CEH)
Certified Authorization Professional (CAP)
AWS Certified Solutions Architect- Associate
Security Plus
Certified Network Defense Architect (CNDA)
Certificate of Cloud Security Knowledge (CCSK)
Scrum Master
Clearance
Held Public Trust
Active DoD Secret clearance
Relevant Technical Skills:
FISMA compliance
Security controls and operations
System security planning (SSP)
FIPS 199
NIST 800-53
NIST SP 800-37
Nessus Tenable Scanner
Controlled Unclassified information (CUI)
Relevant Experience:
Technical Application/System Analyst Booz Allen Hamilton, Mars 2020 - Current
Perform quality control reviews on all MOU IS Document.
Help ensure compliance by signing/publishing Documents in SharePoint/GRC
Perform quality record on all Annual reviews
Support SharePoint improvement
Perform data validation on SharePoint site content
VA all MOU Template update
Performed Management Weekly Report: (every week, year-round)
Submitted Enterprise Security Change Control Board (ESCCB) Request Process
Provide information security analysis and documentation in accordance with National Institute of Standards and Technology (NIST) Special Publication 800-53 (Rev. 4) base controls and configurations
Actively create and track Plans of Actions and Milestones (POA&Ms) in the Governance, Risk and Compliance (GRC) tool. Work with clients to remediate and close out POA&Ms in a timely manner through evidence gathering
Using JIRA, (Agile Project Management Tool) to manage/compose/edit project life cycle
Provided key Information/Cyber Security Analyst services, as part of the CRISP program initiative, to the US Department of Veterans Affairs (VA).
Maintained role as fellow Information Security Officer (ISSO) dealing with regular review and new Memorandums of Understanding (MOU).
Provide policy analytic and management support to VA security program and Cybersecurity (CS) policies, to ensure requirements align with VA directive 6500 and Federal regulations, including the NIST 800-53 Rev. 4.
Review, assess and correct IT audit security controls to meet audit objectives for the VA
Provide input to policy and procedure changes based on audit recommendations and outcomes for VA
Presented security reviews/updates to clients on a weekly basis
Support leadership to identify capability gaps in vulnerability management services by analyzing Plans of Action and Milestones (POA&Ms) associated with the facility or system.
Direct and guide junior members of a project team and give feedback to team managers and other Stakeholders
IT Specialist Department of Commerce (Ardent eagle solutions), Janvier 2020- Mars 2020
Establishing and overseeing the Controlled Unclassified information (CUI)program in Department of Commerce (DOC) and ensuring the agency has CUI implementing policies and plans;
Implementing a CUI education and training program and ensuring agency personnel, including contractors as applicable, receive appropriate CUI awareness training.
Providing updates on CUI implementation efforts to the CUI Executive Agent and developing and implementing the agency’s self-inspection program.
Establishing processes and criteria for reporting and investigating misuse of CUI.
Ensuring methods of destruction for print, electronic media and any other forms of CUI are established.
Interacting directly and officially with the executive agent on CUI matters including submission of required reports.
Assessing bureau system that contain CUI and ensuring the system that are used to process CUI meet the federal baseline of moderate confidentiality
Incorporate appropriate security and privacy measures into enterprise IT systems that contain CUI.
ASM Cyber Security II, January 2017 – January 2020
Perform quality control reviews on all MOU IS Document.
Help ensure compliance by signing/publishing Documents in SharePoint/GRC
Perform quality record on all Annual reviews
Support SharePoint improvement
Perform data validation on SharePoint site content
VA all MOU Template update
Performed Management Weekly Report: (every week, year-round)
Submitted Enterprise Security Change Control Board (ESCCB) Request Process
Provide information security analysis and documentation in accordance with National Institute of Standards and Technology (NIST) Special Publication 800-53 (Rev. 4) base controls and configurations
Actively create and track Plans of Actions and Milestones (POA&Ms) in the Governance, Risk and Compliance (GRC) tool. Work with clients to remediate and close out POA&Ms in a timely manner through evidence gathering
Using JIRA, (Agile Project Management Tool) to manage/compose/edit project life cycle
Provided key Information/Cyber Security Analyst services, as part of the CRISP program initiative, to the US Department of Veterans Affairs (VA).
Maintained role as fellow Information Security Officer (ISSO) dealing with regular review and new Memorandums of Understanding (MOU).
Provide policy analytic and management support to VA security program and Cybersecurity (CS) policies, to ensure requirements align with VA directive 6500 and Federal regulations, including the NIST 800-53 Rev. 4.
Review, assess and correct IT audit security controls to meet audit objectives for the VA
Provide input to policy and procedure changes based on audit recommendations and outcomes for VA
Presented security reviews/updates to clients on a weekly basis
Support leadership to identify capability gaps in vulnerability management services by analyzing Plans of Action and Milestones (POA&Ms) associated with the facility or system.
Direct and guide junior members of a project team and give feedback to team managers and other Stakeholders
IMF Information Assurance Analyst (allied universal), Oct 2015 - January 2017
Assist System Owner and ISSO in preparing Authorization Package for
Major/Minor Application systems, making sure that security controls adhere
to a formal and well-established security requirement referencing SP 800-53
rev4.
Collaborate with ISSO to review and analyze security vulnerability scan
results and coordinate remediation response with system security
administrators/engineering teams.
In collaboration with other team members, appropriate RMF launch steps are
taken in the implementation of the Risk Management Framework (RMF)
throughout the complete process cycle, from the system categorization step
through to continuous monitoring.
Develop E-Authentication artifact identifying the appropriate
authentication mechanism based on risk assurance level (single or
multifactor) referencing SP 800-63.
Select and draft security control baseline in accordance with SP 800-53 rev 3/
rev 4 and FIPS 200.
Prepare security authorization & assessment package documentation
including system security plan (SSP), Security Test and Evaluation (ST&E),
Security Assessment Report.
SAR, Contingency Plan (CP) and other artifacts required for the ATO package,
referencing SP 800-18, SP 800-30, and SP 800-34 respectively.
Support the configuration management team that is responsible for the
creation of system configuration baseline and implementing change process
using SP 800-128.
Initiate, update, coordinate and track patching and remediation of security
weaknesses as they are documented in the Plan of Actions and Milestones
(POA&M).
Update, retrieve and upload all necessary authorization related
documentation into Cyber Security Assessment Management (CSAM) using
approved templates and procedures.
US Marine Corps-Warehouse Clerk (3051)/ Cyber Security Technicians (0689), August 2014 – August 2018
Receive, inspect, locate, and store supplies and equipment
Rotate, prepare, ship, and issue supplies and equipment
Material return and disposal of supplies and equipment for ground supply operations.
Maintain personal computer and mainframe locater systems
Conduct inventories, maintain records and monitor shelf life items through CD ROM.
Input data entry transactions identify packaging requirements and ensure items are maintained as required.
Create, Manage, and maintain the Work Management metrics
create security policies, plans, and procedures for the network and other communications systems.
Data network security measures, network intrusion detection, computer forensics, system security incident control, and keeping all networks within standard of Marine Corps
Eco IT Specialist, Sep 2009 – Oct 2011
Uphold integrity of all internal processes (incident management, major incident management, problem management, change management, etc.)
Create, Manage, and maintain the Work Management metrics
Ensure IT compliance for global infrastructure services (e.g. antivirus, license management, incident management, Security, Asset Management)
Tests SharePoint sites to assure they are working at optimum capacity, to correct errors and to make necessary adjustments
Conducted Systems Risk Assessment through Risk Analysis, assessed the
various assets within the systems authorizing boundaries and rigorously
identified all possible vulnerabilities that existed within the system.
Analyzed and advised on the risk and remediation of security issues based on
reports from vulnerability assessment scanners, patch management tools, and
emerging threat information.
WORK HISTORY
Booz Allen Hamilton
Technical Application/System Analyst
03/2020- Current
Dept of Commerce
IT Specialist
01/2020-Mars 2020
ASM Research
Cyber-security Analyst II
01/2017 – 01/2020
International monetary Fund (Allied Universal)
Information Assurance Analyst
10/2015 – 01/2017
US Marine Corps
Supply (3051)/cybersecurity (0689)
08/2014-08/2018
Other
Other jobs
2011-2015
Eco Bank
IT Specialist
09/2009-05/2011
Contact this candidate