Post Job Free
Sign in

Security Information

Location:
Penn Quarter, DC, 20004
Posted:
January 02, 2021

Contact this candidate

Resume:

yomi komolafe

(US CITIZEN and Clearable)

Upper Marlboro, Maryland 20774 202-***-****

PROFILE

A Computer security professional with over 6 years of progressive experience in Information Technology industry with demonstrated skill in identifying business risks, compliance issues, access control management and designing proactive solutions. Background designing and implementing layered network security approach. Experience with every stage of cyber security management from preventive measures to disaster mitigation and recovery.

I am an Information Security Specialist with more than 6 years of experience in the field. I have extensive technological working knowledge in the capacity of Vendor/ Suppliers Risk Assessment, Vendor Application Security, Access Control Management, IT Security Analyst, IT Risk Specialist and Compliance, and IT auditing experience.

I have vast IT and security knowledge and experience needed to ensure and protect the confidentiality, integrity, and availability of sensitive and confidential information as well as providing recommendation to senior management on how to reduce risk and provide security of information asset. I have hands-on experience with various security tools.

Education and Certification:

BS Psychology - Obafemi Awolowo University, Ile-Ife, Osun State. Nigeria - 1985

MCP – Microsoft Certified Professional - 1999

Training:

Security + Training: Elevate ITOPS training Center Texas - 2013

CAP Course Training: Training Camp: Pennsylvania - 2020

CAP - Certified Authorization Professional (in-progress)

CAPABILITY

Ability to support all phases of a NIST based Risk Management Framework, with emphasis on assessment and continuous monitoring

Experience in supporting Assessment and Authorization (A&A) process for information systems and maintaining associated documentation, such as SDPs, SSPs, SSRs, SARs, CAPs, POAMs, etc.

Knowledgeable in security standards and directives, to include NIST, FIPS, HIPPAA, PCI, FedRamp, DOD and FISMA

Excellent communication and interpersonal skills and ability to work effectively with less supervision.

Ability to work independently, manage and contribute in a matrix organization, resolve issues proactively and meet aggressive timelines.

Experienced in Requirement Analysis, JAD sessions, business and systems reviews and working sessions to understand requirements and system design.

Strong Analytical and Problem Solving skills, Multi-Tasking abilities, with proven experience in utilizing people and process knowledge to assist enterprises in making critical decision.

Excellent Team player to work in conjunction with testers (QA), developers and other team members in validation and testing of complex project scenarios and in the maintenance of Quality Standards of projects.

Excellent conceptual and working knowledge of System Development Life Cycle (SDLC).

PROFESSIONAL EXPERIENCE:

Solvdata Systems Solution LLC, Columbia, MD 09/2016 - Present

IT Security Compliance Analyst

Supporting Assessment and Authorization (A&A) of information systems in contributing to the development of security documentation necessary for relevant phases of the NIST 800-37 r2 base Risk Management Framework.

Utilizing Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.

Apply knowledge of Cybersecurity in supporting detailed assessment of information systems using NIST 800-53a rev 4 based security assessment plans (SAP), security assessment report (SAR), and tracking issues in a Plan of Action & Millstone (POAMs) through to remediation stage.

Performing security research, analysis and design for all client computing systems and the network infrastructure.

Conducting comprehensive assessment of the management, operational, technical and privacy security controls employed within or inherited by an Information System to determine the overall effectiveness of the control.

Providing assessment of the severity of weakness or deficiencies discovered in the Information System and its environment of operation and recommend corrective actions to address identified vulnerabilities.

Conducting security control assessments on applications, operating systems, databases, web servers etc.

Advising the Agency on any assessment and authorization issues.

Reviewing security policy documents and make recommendations on documentation compliant.

Reviewing and updated the SSP

Preparing final Security Assessment Report (SAR) containing the results and findings from the assessment.

Monitoring events, responded to incidents and reported findings.

Developing, implemented, and documented formal security programs and policies.

Reviewing the Plan of Action and Milestone (POA&M) with identified weaknesses, timelines, milestones and point of contacts for each IS based on findings and recommendations from the SAR

Systems Global Solution LLC, Houston, TX 02/2014 - 09/2016

IT Security Analyst

Conducted incident prevention, detection/analysis, containment, eradication and aid recovery across IT systems until the company was acquired in 2013.

Experience with Malware Protection software and IDS/IPS tools (they have cisco AMP and Cisco FireSIGHT in their environment)- The person should be comfortable with security investigation using these tools and remediation

Identified vulnerabilities, recommend corrective measures and ensure the adequacy of existing information security controls.

Prepared final Security Assessment Report (SAR) containing the results and findings from the assessment.

Prepared detail practices and procedures on technical processes and Analyzed security incidents and presented a quarterly report to the CIO

Supporting Assessment and Authorization (A&A) of information systems in contributing to the development of security documentation necessary for relevant phases of the NIST 800-37 r2 base Risk Management Framework.

Experience in working with security guides, procedures, policies, methodologies, frameworks and standards such as ISO/IEC 27001, NIST 800 series, FISMA, DISA IA Policy

Apply knowledge of Cybersecurity in supporting detailed assessment of information systems using NIST 800-53a rev 4 based security assessment plans (SAP), security assessment report (SAR), and tracking issues in a Plan of Action & Millstone (POAMs) through to remediation stage.

Conducted comprehensive assessment of the management, operational, technical and privacy security controls employed within or inherited by an Information System to determine the overall effectiveness of the control.

Yomdale Inc, Upper Marlboro, MD 04/2000 - Present

Real Estate Consulting

Providing Strategy

Sales and Marketing

Strategy and Innovation

Client Satisfaction

Reference

Will be provided upon request



Contact this candidate