Security Desktop Support

RICHARD O. ANYANWU

New Carrollton MD *****. 240-***-****; **********@*****.***

A dynamic and detail oriented Security Assessment and Authorization professional with strong problem solving and project management skills knowledgeable in Risk Management Framework (RMF), Systems Development Life Cycle (SDLC), Security Life Cycle and Vulnerability Management, using FISMA and applicable NIST standard.

PROFESSIONAL SKILL

Preparation of Security Assessment and Authorization (A&A) package

Risk Assessment and Risk Management (RMF Process)

Quality Assurance and Operations Management

Managing People, Team Collaboration, Coordination and Relationship building

Good knowledge of FISMA and NIST Special publication

Project Management and support – MS project

Vulnerability Assessment

Systems Development Life Cycle

PROFESSIONAL EXPERIENCE

Deloitte (Washington DC) – IT Security Analyst

June 2016 – Present.

Provide input to management on the appropriate FIPS 199 impact level designations: using NIST 800 60 volume 2 as guide to Categorize the information types based on the Confidentiality, Integrity and Availability (CIA) of the information that the system processes and or stores.

Identify appropriate security controls baseline on Security Categorization of the Information Systems

Conduct comprehensive assessments of the security controls employed within or inherited by an Information System to determine the overall effectiveness of the controls.

Provide IA Support and Risk Management Framework and Continuous Monitoring processes.

Develop and maintain artifacts supporting the Risk Profile SP, CP, CM,IR and POAM.

Review and Perform Security Impact Analysis (SIA) for all change requests in the environment

Responsible for preparing all Assessment and Authorization (A&A) documentation, working very closely with the Information System Security Officer (ISSO), Information System Owner (SO) and the other members of the Information Assurance team.

Create, update and revise System Security Plans, FISMA and FISCAM audits, Contingency Plans, Incident Reports and Plan of Action & Milestone

Document results of security assessment in a Security Assessment Report

Ensure security assessment are completed for each of the information systems that the Authority to Operate (ATO) has expired or about to expire.

Develop System Security Plans (SSP) to provide an overview of system security requirements and describe the controls in place or planned by information system owners to meet those requirements.

Develop Security Assessment Report (SAR) detailing the results of the assessment along with Plan of Action and Milestones (POAM).

Prepare recommendation reports that are made available to system owners to remediate identified vulnerabilities during the risk assessment process.

Ensure identified weakness from vulnerabilities scans are remediated in accordance with the company’s defined time frames.

Cyber Coders (Ashburn, VA) – IT Security Analyst

October 2014 – June 2016.

Risk Management Framework (RMF) assessments and Continuous Monitoring: Perform RMF assessment on several different environments at the Dept. of Agriculture using both scanning tools and manual assessment. Assessments include initiating meetings with various System Owners and Information System Security Officers (ISSO), providing guidance of evidence needed for security controls, and documenting findings of assessment.

POAM Remediation: Performed evaluation of policies, procedures, security scan results, and system settings to address controls that were deemed insufficient during Certification and Accreditation (C&A), RMF, and continuous monitoring.

Expertise in National Institute of Standards and Technology Special Publication (NIST SP) documentation: Performed assessments, POAM remediation and document creation using NIST SP 800-53 Rev.2 and NIST SP 800-53 Rev.3.

Developed solution to security weaknesses: Developed solutions to security weaknesses while working on POAM remediation and Corrective Action Plan (CAP) for the US Dept. of Agriculture. Assist ISSOs create solutions to weaknesses based on system functionality and pre-existing architecture.

Performed on-site security testing using vulnerability scanning tools such as Nessus.

Catholic Charities – Desktop Support Officer

June 2011 – October 2014

Set up and ensured the functionality of the corporate network.

IT data computation and any other IT related issues.

Regularly performed hardware and software maintenance

Assisted staff with PC and desktop application issues.

Based on this experience and passion for IT, I developed interest to

become an IT Security Specialist.

EDUCATION

University of Maryland, University College

Master of Science in Cyber Security (August 2017)

Nnamdi Azikiwe University Awka

Bachelor of Science in Economics (June 2002)

Certification:

CompTIA Security+

Professional training:

FISMA compliance training – 03/2015 – 09/2015.

Information systems security training 03/2016 – 09/201

REFERENCES.

References will be provided on request.

Contact this candidate