Post Job Free
Sign in

Information Security Public School

Location:
Woodbridge, VA
Salary:
85000
Posted:
February 20, 2021

Contact this candidate

Resume:

Phinehas A Anaba

Dumfries

VA *****

Tel: 571-***-****

*********@*****.***

SUMMARY

Cybersecurity Specialist who can utilize of skill sets and qualities to achieve excellence in a chosen technical domain, endeavor to show improved results for the prospective employer and meet new challenges through dedicated perseverance. Seeking a position in a growth-oriented organization with focus on FISMA, System Security Monitoring, Risk Assessments. Oversee the development, implementation, and evaluation of an information system security program policy. Performs A&A process, NIST Compliance, POAM Analyzes, SSP, Department Planning to identify and address Cyber Security compliance and Information Assurance issues.

SKILLS

Develop, review, and evaluate System Security Documentations based on Confidential Special Publications.

Perform comprehensive assessments and write reviews of management, operational, technical security, and privacy controls and its hosted applications.

Compile data to complete Residual Risk Report and transfer the contents into POA&M.

Collect, review, and analyze audit logs for anomalies with System Admis Ability to multi-task, work independently and as part of Confidential team.

Strong analytical and quantitative skills Effective interpersonal and verbal/written communication skills.

Privacy Act of 1974 and E-Government Act of 2001

Privacy Compliance standards, methods, artifacts, and Federal Information Security Management Act of 2002 – (FISMA)

EXPERIENCE

Cyber Security Analyst - 10/2016 -Present

AIRFAX COUFNTY PUBLIC SCHOOL

Develop, review, analyze and Document Requests (artifacts, SOPs, Screenshots, policies, etc.) to Share Point site designated for the Independent Assessors and Auditors

Coordinate with ISSO and review all open POAMs and close POA&M to ensure all the findings or weaknesses are remediated.

Anticipating customer needs and proactively supporting those needs.

Support activities in IT Process Consultant Business Analyst Privacy, Compliance and Provide support to the PM’s and System Owners.

Develop Privacy Assessment, Privacy Impact Assessment (PIA), or any other documentation required to satisfy the agency's Cybersecurity and Privacy compliance requirements.

Conducted IV&V (Independent Assessments) for Agency systems within the purview report to validate the Security Posture of these systems.

Developed, review and update Information Security System Policies, System Security Plans (SSP) and Risk Assessment Report, Security Baseline: SP Rev 5, OMB Confidential -130.

Organized vulnerability scans reporting from Nessus and Web-Inspect with the Enterprise Security Operations Center and System Administrators to develop Plan of Action and Milestones (POA&M) to resolve the findings and compliance.

Established task schedules and deadlines for System Maintenance Workflow.

Track all Initial Privacy Assessments (IPAs) and Privacy Impact Assessments (PIAs) that are being developed and have been approved Provide on-going support of the privacy documentation status sheet to track status.

Provide support for on-going agency system inventory as it pertains to privacy concerns

Provide support to coordinate and facilitate quarterly review meetings to ensure systems risks identified and monitored at this level.

Generate Monthly POAM report providing outstanding vulnerabilities, milestones, and remediation status from CSAM for Executive Management visibility and risk management decisions.

Special Publications and FIPS as a framework for conducting (A&A) activities on federal IT systems.

Experience performing FISMA compliant security control assessments for Federal Government agencies must be within the past three years.

Performing an in-depth security assessment in information systems to maintain FISMA compliance by implementing guidelines and standards identified in the National Institute of Standard and Technology (NIST) 800 series such as 800-30, 800-171, 800-60, 800-53, 800-137, FIPS 199, FIPS 200

Develop Security Privacy Impact Analysis (PIA) by working closely with the Information System Security Officers (ISSOs), the System Owners, the Information Owners

Control Assessor 6/ 2014 - 10/2016

Connecting Point Technology Center

Organized System Personnel and coordinated efforts to conduct annual Contingency Panning Tests for managed systems.

Coordinated weekly ISSO meetings to review open system POA&Ms and establish confidential comprehensive plan for remediation.

Created management reports on the status of all waivers and accepted risks in progress, approved, expired, denied, or archived no less than weekly or as requested

Performing an in-depth security assessment in information systems to maintain FISMA compliance by implementing guidelines and standards identified in the National Institute of Standard and Technology (NIST) 800 series such as 800-30, 800-171, 800-60, 800-53, 800-137, FIPS 199, FIPS 200

Develop Security Privacy Impact Analysis (PIA) by working closely with the Information System Security Officers (ISSOs), the System Owners, the Information Owners

Reviewed and created POAM based on customer provided scans and artifacts.

Developed, reviewed, and updated Information Security System Policies, System Security Plans (SSP) and Risk Assessment Report in accordance with Confidential RMF: OMB Confidential -130 Appendix

Updated IT security policies, procedures, standards, and guidelines according to SP Rev 5

Established schedules and deadlines for assessment activities Hold kick-off and weekly meetings with system owners prior to assessment engagements and weekly activities relating to CSAM.

Prepared and submitted Security Assessment Plan (SAP) to ISSO for approval

Monitored controls post-authorization to ensure continuous compliance with security requirements

Analyzed vulnerability results and recommend patch and remediation management to fix common vulnerability exposures.

Assisted with the development and maintenance of plan of action and milestones (POA&Ms) to document security vulnerabilities and mitigation strategies.

Monitored controls post-authorization to ensure continuous compliance with security requirements

EDUCATION

Master of Arts, English and Humanities. (Marymount University – Arlington, VA)

Bachelor of Arts, English and Linguistics. (University of Ghana- Legon)

CERTIFICATIONS

CompTIA Security+

AWS Certified

Certified Ethical Hacker (CEH)

Professional (CAP) – in progress.

PROFESSIONAL REFERENCE

Reference will be giving upon request.



Contact this candidate