Abigail boateng
*** ********** **, *** ***, Worcester MA 01605 Cell: 774-***-**** adia5g@r.postjobfree.com
Expert in project management, information assurance, and finance. Possess a comprehensive background in Risk Management Framework (RMF), Financial Analysis, Operational Reports and Policy Implementation derived from conducting domestic and global operations. Carries comprehensive knowledge in ensuring the confidentiality, integrity, and availability of systems, with emphasis on knowledge in Project / Program Management, Strategic Planning, Budget Management, Development, Review of Program Assessment and Authorization (A&A), IT Security Compliance, Risk/Vulnerability Management, Certification and Accreditation (C&A) and Security Test and Evaluation (ST&E). Familiar with all applicable federal mandates, how and where these mandates tie into government agency orders, policies, instructions, standards, handbooks and guides, as well as the impact of the security requirements on the systems. Knowledgeable with working with FISMA compliance, knowing all federal mandates, and creating documentation in accordance with NIST guidance.
Risk Management Framework
FedRAMP
Time management
Program support
Financial
Communication
NIST 800 special publications
FIPS 199/200
Policy and procedure
ACAS/Nessus
Security Assessment and Authorization (SA&A)
Certification and Accreditation (C&A)
Proposal development
HIPPA
RMF for DoD IT
LDAP Oracle virtual box
STIGS
TECHNICAL SKILLS
Microsoft Excel, word, Nessus vulnerability scan, public speaking, software deployment, system evaluation, PowerPoint, Access, UNIX, Linux, MS project, SQL Server.
OPERATING SYSTEM
Windows XP/Vista/7/8, Windows Server 2003/2008/2012, Linux, Unix, Cisco IOS
NETWORK
LAN/WAN, TCP/IP, DNS
PROFESSIONAL EXPERIENCE
Nigbel Group- Houston, TX (2015-PRESENT)
INFORMATION SYSTEM SECURITY OFFICER
Experienced in system classification and categorization using the RMF processes to ensure system CIA. This ensures compliance security control selections and implementation for continuous system protection
Performs IT risk assessment and document the system security control.
Develops a business continuity plan and relationships with outsourced vendors
Ensure all audit Notification of Finding and Recommendation are entered into CSAM as a POAM. Ensure Component system POAMs have appropriate milestones, accurate description of the weaknesses and remediation, task owners, estimated cost to completion and realistic due dates.
Assisted in the development of an Information Security Continuous Monitoring Strategy to help companies in maintaining an ongoing awareness of information security in accordance with Federal, Agency and Organizational policy, to include FISMA, NIST, OMB, and FIPS guidelines.
Helping in remediating fail controls written in the POA&M
Expert in reporting SSP, SAP, SAR, PII, PTA, PIA, IR, MOU, POA&M, as well as the Frameworks.
Implement the security controls and document how the controls are deployed within the information system and environment of operations.
Assess the security controls using appropriate procedures to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.
Categorize the information system and the information processed, stored and transmitted by the system based on an impact analyst.
Control assessment/validation, participated in ST&E Kick-off Meeting and populate the Requirements Traceability Matrix (RTM) per NIST SP 800-53A. Determine the assessment method such as Examine the evidence, Interview Personnel and Test the Screenshot for system configuration.
ALLCARE PLUS PHARMACY- Northborough, MA (2012-2014)
Data entry Analyst
Processed patients and prescriber enrollment and renewal forms for various medications which were distinguished by their individual risk and mitigate requirements.
Metadata includes defining and documenting data to ensure the information is understood. This may include working with project teams or support teams to define, redefine, or continue maintenance of patients’ Personal information
Maintain complex Excel models and develop detailed data analysis reports.
Secures information by completing data base backups
Maintains data entry requirements by following data program techniques and procedures.
Maintaining protocols for protecting PII information
Maintaining and following companies’ guidelines and procedure according to HIPPA
EDUCATION
ASSUMPTION UNIVERSITY (2016-DEC-2020)
Bachelor’s in science (2016-in progress)
Certification
Security Plus
CISM