Resume

Sign in

Information Security Officer

Location:
Albany, GA
Posted:
December 27, 2020

Contact this candidate

Resume:

SAMUEL EBAKO-DIBO BOKOSSAH

202-***-**** adizhc@r.postjobfree.com

Security Clearance: DoD Secret

OBJECTIVE

A motivated professional who has worked in a variety of industries including United States Army, healthcare. Skilled in maneuvering property, supervising others, delegation of tasks, and critical thinking. Technical proficiency in various weapons systems, implementation of security procedures on information systems CompTIA security+ certified, (ISC) Certified Authorization Professional (CAP), Ec-council Certified Ethical Hacker (CEH) and Navy Qualified Validator (NQV).

●Strong collaborative skills.

●Excellent problem-solving skills.

●Plan of Action & Milestones (POAM).

●Proficient in RMF Implementation processes.

●In-depth knowledge of NIST and related Special Publications.

●Continuous Monitoring (CM) and developing a Security Assessment Reporting (SAR).

●Proficient in Security Categorization (SC) in accordance with organizations architectural structure and mission.

●Conduct engineering vulnerability assessment of systems utilizing DoD approved IA tools (ACAS) and DISA STIGS

●Experience with Risk Management Framework (RMF) process, National Institute of Standards and Technology (NIST) Special Publications (SP) 800-37, NIST SP 800-53, and Committee on National Security Systems Instruction (CNSSI) 1253

●Strong analytical skills, quantitative skills, and excellent verbal/written communication skills (English and French).

EXPERIENCE

Information System Security Officer January 2019 – Present

Cask GS, Albany, GA

●Categorize information systems in accordance with NIST SP 800-53 and FIPS-199 guidelines

●Develop documentation and artifacts for information systems for Approval in RMF

●Conduct engineering vulnerability assessment of systems utilizing DoD approved IA tools (ACAS) and DISA STIGS

●Responsible for implementing and maintaining security for an Information System (IS)

●Develop and maintain RMF Assessment and Authorization (A&A) packages per the Risk Management Framework process outlined in NIST SP 800-37

●Ensure the Information System is operated, used, maintained, and disposed of per Command security policies and practices.

●Ensure users and system support personnel have the required security clearances, authorizations approved by a designated person of authority to perform work on the IS, and need-to-know

●Assist in writing/updating security-related artifacts, policies and procedures for implementation into the maintenance of the system, and inclusion into the system’s A&A package

●Conduct testing on all devices and deliver a completed A&A package for system reaccreditation to the Government ISSM for an authorization decision by the Authorizing Official

Information Security/ Privacy Analyst May 2018 – October 2018

Phacil Inc, Lorton, VA

●Identify vulnerabilities through scanning and assessment tools.

●Provide information security support through vulnerability identification and testing and perform assessment and mitigation of vulnerabilities.

●Manage and administer automated and manual vulnerability scan tools and ensure that appropriate reports are delivered on-time.

●Use and administer various scanning and assessment tools to identify system vulnerabilities and test security controls in enterprise and lab computing environment.

●Conduct remediation steps and countermeasures to reduce risk of exposure and strengthen defense in depth.

Cyber Security Specialist March 2018 – May 2018

Zachary Piper, McClean, VA

●Supporting IAVAs and POAMs

●Creating/adjusting ACAS repositories

●Interpreting/troubleshooting ACAS scan results

●ACAS Troubleshooting skills while supporting our vulnerability management team

Information Security Analyst Remote December 2016 – February 2018

Cyloc Solutions Lanham, MD

●Conduct IT controls risk assessments that include reviewing organizational policies, standards and procedures; interview appropriate personnel; and provide recommendations on adequacy, accuracy and compliance with regulatory standards using NIST SP 800-53A.

●Monitored and tracked remediation progress in RMF.

●Participated in the FIPS 199 process in which security categorization takes place, and selected the technical, operational and managerial controls using NIST SP 800-60 guidelines.

●Conducted assurance of vulnerability mitigation, training on C&A tools, supporting System Test and Evaluation (ST&E) efforts, and supporting the IT Security Office.

●Ensured system's security controls, policies and procedures complied with regulations, laws, and best industry practice.

Information Assurance Specialist August 2013 - February 2018

United States Army, Fort Benning, GA

●Maintenance of networks, hardware and software.

●Provide customer and network administration services.

●Construct edit and test computer programs.

●Participated in weekly meeting to discuss the status of the assessment process.

●Designated systems and categorized its C.I.A using FIPS 199 and NIST SP 800-60.

●Developed test plans, testing procedures and evidence needed to validate the controls using NIST SP 800-53.

●Documented assessment findings in a security assessment report and produced a plan of action and milestones for all controls having weaknesses or deficiencies.

●Reviewed and updated existing documents, policies and procedures, and previous assessments reports.

●Monitored controls post-authorization to ensure continuous compliance with security requirement.

Presbyterian Health Services, Cameroon January 2008 – May 2010

Network System Administrator

●Performed data backups and disaster recovery operations.

●Diagnosed hardware and software problems and replaced defective components.

●Analyzed equipment performance records to determine the need for repair or replacement.

●Maintained logs related to network functions, as well as maintenance and repaired records.

●Performed routine network startup and shutdown procedures and maintained control records.

●Designed, configured, and tested computer hardware, networking software and operating system software.

●Planned, coordinated, and implemented network security measures to protect data, software, and hardware.

●Recommended changes to improve systems and network configurations and determined related hardware or software requirements.

●Monitored network performance to determine whether adjustments needed to be made and where changes would need to be made in the future.

●Maintained and administered computer networks and related computing environments, including computer hardware, systems software, applications software, and all configurations.

EDUCATION & MEMBERSHPS

Master of Science, Cybersecurity Technology, University of Maryland University College, Adelphi, MD, December 2019

Associates of Arts, General Studies, Montgomery College, Rockville, MD 2013 Bachelor of Science, Biochemistry, University of Buea, Cameroon, 2008

Phi Theta Kappa Honor Society (PTK), Active Member, 2013

CERTIFICATIONS

●CompTIA Security+

●(ISC) Certified Authorization Professional (CAP)

●Certified Ethical Hacker (CEH)

●Navy Qualified Validator (NQV)

REFERENCES

CPT Vincent Kwarteng

Cell: 240-***-****

Mr. Francis Chenui

Cell: 443-***-****

E-mail:adizhc@r.postjobfree.com

Email: adizhc@r.postjobfree.com

1SG Cedrick Lunford

Cell: 253-***-****

E-mail: adizhc@r.postjobfree.com

Mr. Charles Baisie

Cell: 706-***-****

E-mail: adizhc@r.postjobfree.com

Mr. Colins Mensah

Cell: 334-***-****

E-mail: adizhc@r.postjobfree.com

Mr. Ebenezer Epie

Cell: 703-***-****

E-mail: adizhc@r.postjobfree.com



Contact this candidate