Information Security Officer

Ahmadu Bagigah

*** ****** ******, ***# **, Bronx NY, 10452 917-***-**** ******.*******@*****.***

Education

City University of New York, Hunter College New York, NY Bachelor of Arts in Economics

Certification: CompTIA Security+

Candidate ID: COMP001021293460

May 2016

Work Experience

Columbia University Security Risk Analyst New York, NY (Contract)

Jan 2019 – Present

Conducted the IT risk assessment and documented key controls for our client and also submitting the ATO package which is the last 5th step in the RMF process.

Conducted meetings with our client’s IT division team to gather evidence; Developed test plans; testing procedures and also documented test results and exceptions.

Supported the remediation actions to correct assessment findings and developed supporting plan of action and milestone reports or corrective action plan which is the final step in the RMF process.

Supported IT security audits, reviews data calls by clients and also Conducted walkthroughs, formulated test plans, test results, and developed remediation plans for each area of testing.

Conducted meetings with system owner, system administrators, privacy officers and the application POCs to

understand the requirements of the application. RMF 4th step where implantation statements are verified by the assessor by either Interviewing, examining or testing.

Performed Authorization and Accreditation (A&A) of new major application or legacy System by categorizing, selecting controls and making sure the implementation statement is up to date which is the first 3 steps of the RMF.

Summarized the results from the control test and the Nessus vulnerability scan results into SAR and created POA&M for noted weaknesses and findings from failed controls.

Conduct HIPAA Security Assessment Reviews and Security Risk Assessments

Updated HIPAA documentation to ensure it complies with HIPAA security regulatory requirements policies, procedures, standards, and guidelines.

Carrying out HIPAA security measures to protect the confidentiality, integrity and availability of system’s and data.

Brown Brothers Harriman Information Security Analyst Jersey City, NJ Nov 2017 – Jan 2019

Applied appropriate security control for federal information system using NIST 800-37, NIST 800-53 rev 4, FIPS 199 which satisfies the RMF process.

Attending and participating in regular A&A status meetings to facilitate progress and address potential issues of RMF system efforts. This is RMF step allow you to update the clients as to how the RMF step operates and the artifacts you will need from them when the assessment commences.

Conducted Security Assessments, Security Audits, Security Awareness Presentations by utilizing the NIST 800-53A. The 4th step of the RMF allow you to have a conversation with the client as to how the controls needs to be satisfied.

Identifies, reviews, assesses and documents risk management and control issues in assigned business processes

Prepare effective assessment conclusions and findings, and present to senior management and business clients

Follow up on open assessment findings and their resolution.

Helped ISSO to update their document and also advise them as to how they need to operate and make their

documents be in line with the RMF steps.

Collaborated with the Security Authorization Managers (SAM) or the Information System Security Officer (ISSO) in achieving RMF Objectives like the completion of the ATO package (SAR, SSP and POAM

NetServices, LLC Information Security Analyst Clinton, MD Jul 2016 – Nov 2017

Applied appropriate security control for federal information system using NIST 800-37, NIST 800-53 rev 4,

FIPS 199

Reviewing System Security Plans (SSP) with NIST 800-53 (rev 4 ) along with NIST 800 -18

Performed Risk Assessment (RA); Performed Security Classification/Categorization of new major application following the FIPS-199 and the NIST 800-60.

Implement HIPAA security controls address information security issues based on system categorization in order to ensure Confidentiality, Integrity and Availability.

Monitored and revised HIPAA privacy program in accordance with changes in laws and company policy.

Performed HIPAA Privacy Threshold Analysis (PTA) and Privacy Impact Assessment (PIA)

Updating Boundary Scope Memorandum (BSM), Configuration Management Plan (CMP), Information,

Security Contingency Planning, (ISCP), Business Impact Analysis (BIA).

Assisted in generating Security System Plan (SSP) using FISMA and HIPAA guide lines.

Collaborated with the Security Authorization Managers (SAM) in achieving Security Objectives

Jul 2017 – Present

Edlab, Junior IT Security Analyst New York, NY

Jun 2015 – Jul 2016

Perform FERPA compliance reviews in accordance with accepted security standards

Assisted in Information Security assessments and report control issues on IT assets and processes not in

line with FERPA, University’s and State standards

Conducted security disaster recovery testing and provided recommendation on area of improvement

based on business need

Continuous monitoring activities and facilitation of Security Control Assessment

Assisted in Determining risk levels prior to documentation in the Security Assessment Report (SAR).

City University of New York, Hunter College Help Desk Specialist New York, NY Nov 2014 – Jun 2015

Diagnosed and troubleshoot students’ issues with respect to operating systems and network connectivity.

Helped students troubleshoot computer, printer and scanning issues.

Installing and configuring software operating systems and applications.

Reporting security incidents and executing corrective security procedures.

Compiled reports to track students, computer lab personnel performance and adherence to established

services-level targets (tickets).

Nov 2012 - Present

Leadership

The Joseph A. Forgione Development School for Youth Trainee New York, NY

Oct 2011- Present

Participate in leadership and career training and attended worked shops at various professional firms

Involved in weekly leadership seminars with experts in the non-profit sector and the areas of education, psychology and politics.

activities

Create a Smile Advisor New York, NY

Apr 2012 - Present

Participate in a non-profit foundation raising funds to support major global problems

Serve as an advisor of the foundation and contribute key ideas toward the development of current and future goals and projects for the foundation.

South Bronx United Volunteer/Alumni New York, NY

Sept 2014 - Present

Assist with coaching high schools students in understanding and developing skills in soccer.

skills

Information Security Continuous Monitoring, Nessus, Vulnerability Assessment, Security Control Assessment, Information Security, Certification & Authorization, NIST Standards and guidelines, FISMA, Compliance, CompTia Security Plus, Hipaa, PCI DSS

Contact this candidate