Information Security Officer

Abigail boateng

*** ********** **, *** ***, Worcester MA 01605 Cell: 774-***-**** adia5g@r.postjobfree.com

Expert in project management, information assurance, and finance. Possess a comprehensive background in Risk Management Framework (RMF), Financial Analysis, Operational Reports and Policy Implementation derived from conducting domestic and global operations. Carries comprehensive knowledge in ensuring the confidentiality, integrity, and availability of systems, with emphasis on knowledge in Project / Program Management, Strategic Planning, Budget Management, Development, Review of Program Assessment and Authorization (A&A), IT Security Compliance, Risk/Vulnerability Management, Certification and Accreditation (C&A) and Security Test and Evaluation (ST&E). Familiar with all applicable federal mandates, how and where these mandates tie into government agency orders, policies, instructions, standards, handbooks and guides, as well as the impact of the security requirements on the systems. Knowledgeable with working with FISMA compliance, knowing all federal mandates, and creating documentation in accordance with NIST guidance.

Risk Management Framework

FedRAMP

Time management

Program support

Financial

Communication

NIST 800 special publications

FIPS 199/200

Policy and procedure

ACAS/Nessus

Security Assessment and Authorization (SA&A)

Certification and Accreditation (C&A)

Proposal development

HIPPA

RMF for DoD IT

LDAP Oracle virtual box

STIGS

TECHNICAL SKILLS

Microsoft Excel, word, Nessus vulnerability scan, public speaking, software deployment, system evaluation, PowerPoint, Access, UNIX, Linux, MS project, SQL Server.

OPERATING SYSTEM

Windows XP/Vista/7/8, Windows Server 2003/2008/2012, Linux, Unix, Cisco IOS

NETWORK

LAN/WAN, TCP/IP, DNS

PROFESSIONAL EXPERIENCE

Nigbel Group- Houston, TX (2015-PRESENT)

INFORMATION SYSTEM SECURITY OFFICER

Experienced in system classification and categorization using the RMF processes to ensure system CIA. This ensures compliance security control selections and implementation for continuous system protection

Performs IT risk assessment and document the system security control.

Develops a business continuity plan and relationships with outsourced vendors

Ensure all audit Notification of Finding and Recommendation are entered into CSAM as a POAM. Ensure Component system POAMs have appropriate milestones, accurate description of the weaknesses and remediation, task owners, estimated cost to completion and realistic due dates.

Assisted in the development of an Information Security Continuous Monitoring Strategy to help companies in maintaining an ongoing awareness of information security in accordance with Federal, Agency and Organizational policy, to include FISMA, NIST, OMB, and FIPS guidelines.

Helping in remediating fail controls written in the POA&M

Expert in reporting SSP, SAP, SAR, PII, PTA, PIA, IR, MOU, POA&M, as well as the Frameworks.

Implement the security controls and document how the controls are deployed within the information system and environment of operations.

Assess the security controls using appropriate procedures to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.

Categorize the information system and the information processed, stored and transmitted by the system based on an impact analyst.

Control assessment/validation, participated in ST&E Kick-off Meeting and populate the Requirements Traceability Matrix (RTM) per NIST SP 800-53A. Determine the assessment method such as Examine the evidence, Interview Personnel and Test the Screenshot for system configuration.

ALLCARE PLUS PHARMACY- Northborough, MA (2012-2014)

Data entry Analyst

Processed patients and prescriber enrollment and renewal forms for various medications which were distinguished by their individual risk and mitigate requirements.

Metadata includes defining and documenting data to ensure the information is understood. This may include working with project teams or support teams to define, redefine, or continue maintenance of patients’ Personal information

Maintain complex Excel models and develop detailed data analysis reports.

Secures information by completing data base backups

Maintains data entry requirements by following data program techniques and procedures.

Maintaining protocols for protecting PII information

Maintaining and following companies’ guidelines and procedure according to HIPPA

EDUCATION

ASSUMPTION UNIVERSITY (2016-DEC-2020)

Bachelor’s in science (2016-in progress)

Certification

Security Plus

CISM

Contact this candidate