Post Job Free
Sign in

Information Security Management

Location:
Bowie, MD
Posted:
December 09, 2020

Contact this candidate

Resume:

AMOS OLATEJU

Bowie, Maryland ***** 240-***-**** adii8s@r.postjobfree.com

Information Security Analyst

Professional Profile

Insightful and results-driven Information System Security Professional with notable success directing a broad range of corporate IT initiatives. Participated in planning analysis, service management, implementation of solutions and software testing in support of business objectives. A cybersecurity professional seeking to work in a professional environment where my years of analytical and problem-solving experience can be fully utilized.

Education & Certification

B.Sc. Computer Networks & Cybersecurity UMGC In-progress

B.Sc. Accounting

Certified Information Security Manager (CISM) Certified

Certified Information Security Auditor (CISA) certified

CompTIA Security +

ITIL – Foundation Certified

Scrum Master Certified

(ISC)2 Certified Authorization professional (CAP) – Training

Skills

Broad knowledge of Information Security Risk Assessments, Implementation of Controls, Security Infrastructures and the entire Risk Management Framework.

Efficient POA&M Management using assessment tools such as CSAM, TAF (Trusted Agent FISMA), etc.

Vast knowledge of all aspects of Security Authorization and Continuous Monitoring process using National Institute of Standard Publications 800-30, 800-37 Rev 1, 800-60, 800-53A, 800-53 Rev- 3 & 4, FIPS 199 FIPS 200, OMB A-130 App. III.

Good knowledge of Federal Information Processing Standards (FIPS) 199 System Categorization, System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Risk Assessment (Impact Analysis), Continuous Monitoring and the Plan of Action & Milestone (POAM), Incident Response Plan, PTA, etc.

Knowledge of IT security architecture and design (Firewalls, Intrusion Detection Systems (IDS), Intrusion prevention system (IPS), Anti-virus, Virtual Private Networking, and Security Monitoring Tools).

Proficient in the use of Vulnerability Scanning tools such as Tenable Nessus, Retina Web Security Scanner, Retina Network Security Scanner, DBProtect, and analyzes security reports for security vulnerabilities.

Knowledge of incident response and handling methodologies.

Proficient in the use of Document Management Systems such as Enterprise Content Management Software (ECMS, SharePoint and Trusted Agent FISMA (TAF)).

Knowledge of compliance standards such as PCI DSS, FISMA, SOX.

Proficient in IT Service Management.

Proficient in working with Protocols such as TCP/IP, HTTP and LAN/WAN.

Outstanding knowledge of hardware like Switches, Servers and Routers.

Active Directory and Exchange User Management expert.

Broad knowledge of Microsoft Windows (Windows server 2003-2008, XP, Vista and Windows 8) and UNIX platforms.

Microsoft Office expert (MS Word, MS Excel, Outlook and PowerPoint) with excellent communication and writing skills.

Excellent team player with Project Management skills.

Possess time management skill and the ability to work within stipulated time frame.

Work Experience

Synergy Technologies Consulting

02/2019 – Till Date IT Security Analyst

Assist in the development and maintenance of the overall system security document, the Security Plan, which contains all necessary security procedures, implementation statements, operating plans, and guidance.

Participate in security assessment interviews to determine the Security posture of the System in the completion of the Security Test and Evaluation (ST&E) questionnaire using NIST SP 800-53A required to maintain Company Authorization To Operate (ATO), the Risk Assessment, System Security Plans, and System Categorization.

Create, update and review security documents, for example, security incident reports, equipment/ software inventories, operating instructions, vulnerability reports, and contingency plans.

Ensure effective POA&Ms management which includes: POA&M creation, remediation and closure.

Create, review and update security policies and procedures.

Responsible for ensuring that management; operational and technical controls for securing are in place and complied with.

Investigates and analyzes relevant incident response activities.

Create and maintain appropriate documentation and reports related to security operations which include security scan overview metrics, procedures, and processes. Perform vulnerability scan analyses, risk analyses and security assessments.

Worked with support and security coordination team to ensure compliance with security processes and controls.

Work closely with ITSO to navigate the Security Authorization process and produce all appropriate accreditation documentation.

Develop and maintain ATO quarterly briefing slides for Executive Management.

Wise Comprehensive Solution, LLC 07/2014 – 02/2019

Information Security Specialist

Performed Federal Information Security Management Act (FISMA) audit reviews using NIST 800-37 rev 1.

Updated IT security policies, procedures, standards, and guidelines according to private and federal requirements.

Performed risk assessments, developed and review System Security Plans (SSP), Plans of Action and Milestones (POA&M), Security Control Assessments, Configuration Management Plan (CMP), Contingency Plans (CP), Incident Response Plans (IRP), and other tasks and specific security documentation in accordance with NIST SP 800-37 rev 1, 800-18, 800-53 rev 4 and 800-34.

Performed vulnerability and baseline scans on the client network using Retina Network Security Scanner (RNSS) and Nessus in accordance with the organization Continuous Monitoring Plan and NIST 800-137.

Analyzed security reports for security vulnerabilities.

Worked with IT Operations and Network Engineers to mitigate system vulnerabilities discovered in network devices (routers, switches, VPN Concentrator), servers, and workstations.

Familiar with NIST Publications SP 800-18, SP 800-30, SP 800-37 rev 1, SP 800-53 rev 4, SP 800-53A, SP 800-60 and Federal Information Processing Standards (FIPS) - FIPS 199 and FIPS 200.

Working knowledge of duties required to implement information security controls and lead information security initiatives.

Ability to translate business requirements into control objectives

Midland Financial Services 11/2012 – 07/2014

IT Security Analyst

Conducted security assessment interviews to determine the Security posture of the System and to develop a Security Assessment Report (SAR) in the completion of the Security Test and Evaluation (ST&E) questionnaire using NIST SP 800-53A required to maintain Company Authorization To Operate (ATO), the Risk Assessment, System Security Plans, and System Categorization.

Performed information security risk assessments and assist with the internal auditing of information security processes. Assessed threats, risks, and vulnerabilities from emerging security issues and also identified mitigation requirements.

Performed security scan on system using vulnerability scanning tools using Tenable Nessus. Analyzed security reports for security vulnerabilities in accordance with the organization Continuous Monitoring Plan and NIST 800-137.

Provided recommendations in finding meeting with selection and implementation of controls that apply security protections to systems, processes, and information resources using the NIST family of security controls.

Worked with support and security coordination team to ensure compliance with security processes and controls.

Responsible for developing Security Authorization documents and also ensures System Security Plan, Security Assessment Plan, Plan of Action and Milestones (POA&M), Contingency Planning and artifacts are maintained and updated in accordance with NIST guidelines.

Validated remediated vulnerabilities.

Nigerian Airspace Management Agency 03/2008 – 06/2012

IT Support

Ensured all systems are operated, maintained, and information is disposed in accordance with internal NAMA security policies.

Conducted users training to ensure systems security and increase user awareness.

Conducted weekly review of security logs and vulnerability scans on Operating Systems, Databases, and Applications.

Identified, respond to, and report security violations and incidents as encountered to ensure that senior management is kept apprised of all pertinent security system issues.

Assisted with the development and updating of NAMA security policies

Conducted Risk Assessment on all NAMA system changes

Assisted in monitoring and enforcement of security controls.

Participated in the CCB change, configuration, and release management process to ensure an appropriate security level is in the system lifecycles.

Ensured security logs and audit trails are reviewed in accordance with established schedules and procedure.



Contact this candidate