Post Job Free
Sign in

Security Manager

Location:
Hanover, MD
Posted:
December 14, 2020

Contact this candidate

Resume:

Rapfhel Adenola

EMAIL: adinqj@r.postjobfree.com Phone: 202-***-****

Active: Public Trust

SUMMARY OF QUALIFICATIONS

I am a highly motivated individual whose honesty and integrity are the building blocks for

trusting business relationships and successful leadership. Highly organized team leader and team player with ability to multi-task and prioritize to complete projects on time and under budget. Deep problem-solving abilities and motivated learner who thrives in both independent and group settings, and able to adapt to changing situations and assignments.

TECHNICAL PROFICIENCIES

• Remedy• RMF• FISMA• POA&M• •vulnerability scanner (Nessus) •Amazon Web Server (AWS) • Splunk, •Amazon Web Services • EC2 • S3 • VPC • CloudFormation • Elastic Load Balancer • Autoscaling • Elastic Beanstalk, • CloudFront • CloudWatch • CloudTrail • SNS • EBS • Lambda • RDS • DynamoDB • Elastic File System (EFS) • Route 53 • IAM (best practices) • Certificate Manager (ACM) • CLI • PTA •PIA •SORN •CSAM •SQL •ORACLE Database•NIST800-53 •FISMA •

EDUCATION

Salisbury University

Degree: Bachelor of Science

CERTIFICATIONS / AFFILIATIONS

SECURITY + CE

AWS Solutions Architect

AWS Certified Security

CISSP in progress

PROFESSIONAL EXPERIENCE

Accenture Federal Services February 2019 – Present

Senior Cyber Security Analyst

Review and recommend approval for Change Request (CR) in BMC Remedy.

Conducted Security Impact Analyses of change requests to the general support system production environment within DOL.

Review of web application scans with the HP WebInspect Enterprise Tool.

Analyze change requests for security risk, monitor and track security-related defects and resolutions, and make recommendations.

Documented and Reviewed security plans (SP), contingency plans (CP), contingency plan tests (CPT), privacy impact assessments (PIA), and risk assessment (RA) documents per NIST 800 guidelines for various government agencies

Plan and/or perform security controls assessments for customer systems in accordance with NIST SP 800-53 and NIST SP 800-53A, using established process, guidance and methods to support the customer’s authority to operate process, or its annual assessment process - activities could include control assessment (Interview & Examination, physical and/or technical vulnerability testing)

Drafts and reviews Privacy Threshold Analyses (PTAs), Privacy Impact Assessments (PIAs), System of Records Notices (SORNs), and Privacy Act Statements to ensure Veteran Affairs information technology systems.

Capture ATO artefacts that support independent assessment activities

Assist with identification and remediation of Plan of Action & Milestones PO&MS management in CSAM.

Support Certification & Accreditation (C&A) efforts and develop document artifacts for Risk Management Framework (RMF) security authorization packages

Lead the development and maintenance of security documentation such as the System Security Plan, Privacy Impact Assessment, Configuration Management Plan, Contingency Plan, Contingency Plan Test Report, POA&M, annual FISMA assessment, and incident reports.

Ensures all POA&M actions were tested and completed in accordance with project deadlines

Analyzed, reviewed, and managed Plan of Action and Milestones

Maintains FISMA compliance and Authority to Operate (ATO) for systems per the NIST SP 800-37 Risk Management Framework (RMF).

Specialized experience in privacy and security process analysis, specifically including compliance documentation drafting and analysis, preferred, including: Privacy Impact Assessments (PIA), Privacy Threshold Assessments (PTA), System of Records Notices (SORNs)

Perform other administrative and support functions as needed.

Cyber Security Control Assessor: December 2017 – January 2019

TISTA Science and Technology Corporation

Analyze privacy and protection of personal information data policies and practices of Department of Veterans Affairs.

Analyze the organization’s Privacy Program Maturity Model framework and findings; process redesign, performance measurement and management, strategy, risk management, and privacy and security operations of Department of Veterans Affairs.

Drafts and reviews Privacy Threshold Analyses (PTAs), Privacy Impact Assessments (PIAs), System of Records Notices (SORNs), and Privacy Act Statements to ensure Veteran Affairs information technology systems.

Work with Department of Veterans Affairs Program offices and Directors on new and ongoing project to ensure compliance with the Privacy Act of 1974, the E-Government Act of 2002.

Plan and/or perform security controls assessments for customer systems in accordance with NIST SP 800-53 and NIST SP 800-53A, using established process, guidance and methods to support the customer’s authority to operate process, or its annual assessment process - activities could include control assessment (Interview & Examination, physical and/or technical vulnerability testing)

Plan and/or perform assessments of facilities and Divisions in accordance with NIST 800-79 requirements for authorization of Personal Identity compliance

Assist with identification and remediation of Plan of Action & Milestones (PO&MS;)

Identify existing and/or potential organizational security weaknesses as a result of the assessments, including personnel controls, training, incident and emergency response, logical security controls, physical security controls, operational security and integrity of software applications and data for customer engagements

Demonstrate knowledge of the Privacy Act of 1974 and the E-Government Act of 2002.

Perform other administrative and support functions as needed.

Privacy Security Analyst

Department of Veterans Affairs August 2014 – December2017

Provide strategic, technical, and functional consulting to federal clients.

Creation of Department of Veteran Affairs (VA) Privacy Impact Assessment (PIA) and privacy threshold Analysis (PTA) template procedure.

Drafts and reviews Privacy Threshold Analyses (PTAs), Privacy Impact Assessments (PIAs), System of Records Notices (SORNs), and Privacy Act Statements to ensure Veteran Affairs information technology systems.

Perform Assessment and Authorization activities for Department of Veterans Affairs in accordance with FISMA, OMB, and NIST guidelines.

Collaborate with Clients to integrate privacy and security compliance processes into system development life cycles.

Evaluate complex systems and architectural documentation for privacy impacts and develop required system privacy compliance documentation, including PIAs and SORNs.

Provide guidance to clients on the processing and management of FOIA requests.

Develop client inventories and evaluate system data flows for risks to the client and evaluate system security controls and privacy controls in accordance with NIST 800-53 Appendix J.

Conduct research and draft position papers on emerging privacy issues and trends as applied to various Cyber security disciplines and technologies and develop privacy compliance assessments for systems and programs that collect, maintain, or disseminate PII.

Conduct Review comprehensive privacy compliance assessments for systems and programs that collect, maintain, or disseminate PII. Working with GRC (Governance, Risk and Compliance) tools.

Information Security Analyst

Cintex Technology System. February 2011 – August 2014

Document, track and escalate cyber security incidents.

Effectively and professionally secure the handling and collection of digital evidence

Utilize skills with Splunk, FireEye, IronPort, RSA, Imperva, and Sourcefire to resolve notable events.

Perform real-time notable event tasks to support Incident Response Teams (e.g., forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation).

Monitored SIEMs for threats.

Preformed analysis on alarms to confirm if a threat occurred.

Escalated threat events and provided advice on how to handle them.

Provided reports of events and logs to clients.

Design, troubleshoot, and maintain LAN/WAN network environments.

Implement new solutions and improve resilience of the current environment.

Maximize network performance by proactive/reactive monitoring, troubleshooting network issues and outages, scheduling upgrades and collaborating with management team on network optimization.

Report network operational status by gathering, prioritizing information and managing projects.

Escalation Point for all network infrastructure and internet related issues (through resolution)

All server builds, images, backups, and disaster recovery.

Patching of all desktops, servers, routers, managed switches, and firewalls.

Gather information on latest cyber-attacks, to help better defend US Senate network.

Threat intelligence monitoring and reporting.

Ensure compliance with FISMA security guidelines

Manage endpoint security using Symantec Endpoint Protection Manager and VIPRE

Encrypt data using Check Point Full Disk Encryption

Manage systems in Active Directory and WSUS

Track service desk tickets in HP Service Manager

Performed traffic analysis, and the ability to identity common attack traffic patterns.

Identify potential threats with use of various SIEM tools.

Configuring network storage and operating/maintaining Juniper switches

Maximized network performance by monitoring performance; troubleshooting network problems and outages; scheduling upgrades; architecting network optimization.



Contact this candidate