Information Technology & Management professional with 10+ years of experience. In depth working knowledge of the Federal Information Security Modernization Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), Security Operation Center (SOC), Risk Management Framework (RMF), NIST Special Publication series ( 800-53 rev4, 800-37 rev2), Identity and Access Management, Privacy Risk Assessment; Business Impact Assessment (BIA), Business Continuity and Disaster Recovery (BC/DR), Contingency Plan and Contingency Plan Testing (CP/CPT), Network Monitoring, Operation System Hardening, Application Security, Cloud Security, PCI-DSS, HIPAA. Possess strong analytical and communication skills. Highly adaptable to any work environment with a proven record of accomplishment. Able to deliver results under pressure by bringing fresh thinking to a project and specialist in Cybersecurity Analysis and Defense, Planning and Monitoring with 10+ Years of Experience.
Profile Summary
Well-organized, Self-starter, Quick learner, Self-Motivated, Team player with analytical, technical and communication skills.
Knowledgeable of standard security and regulatory frameworks including ISO 27001/31000 and NIST 800.
Manage SOX compliance program, controls and remediation efforts.
Skilled & technically proficient with multiple firewall solutions, network security, and information security practices.
Applies current information assurance technologies to architecture, design, development, evaluation and integration of systems and networks infrastructure.
Experience with Security Information and Event Management Tools such as Splunk.
Perform manual searches from the gathered logs via Splunk
Performed security system administration tasks such as network/system troubleshooting, patching operating systems and applications at NOC stations.
Knowledge of Cisco Switches and Router Configurations.
Review Security logs by checking for activity that may normally not be seen against certain systems.
Monitored and researched Cyber Threats with a direct & indirect impact to the organization internally NIST 800-71 and PCI DSS.
Work with Legal and Compliance teams and perform electronic discovery and computer forensics to support investigations.
Experience with developing policies and procedures based on the respective NIST publication and the FIPs 199 and Fibs 200.
Conducted vulnerability assessments mitigating risk through patch management.
Coordinated and facilitated Contingency Plans and Exercises for general support systems.
Developed and conducted the evaluation of Business Continuity Planning and Disaster Recovery (DR) operations during annual incident response training.
Supported security tests and evaluations (ST&Es).
Skilled & technically proficient with multiple firewall solutions, network security, and information security practices.
Technical Skills
Highly Knowledgeable
Hands-On Tools
Soft Skills
Incident Response
Risk Management
TCP/IP
Blue Team
Vulnerability Assessments
Methodology
Network Security
Secure Network Administration Principles
Mitigation and Countermeasures
Disaster Recovery Planning
Encryption
PKI
Security Assessment and Testing
NIST Standards and Best Practices
Service Now
Splunk
Metasploit
WireShark
SolarWinds
SNORT
Nessus
Netstat, Nslookup
Kali Linux
Nmap
AlienVault
SIEM
Sysinternals
Cisco
SDLC
PfSense
Communication – written and verbal
Team Player
Leadership
Documentation
Planning
Time Management
Professional Experience
April 2019-Present
Washington Software, Washington, DC
Senior Cyber Security Analyst
Conducted risk assessments and collaborated with Management and technical team to provide recommendations regarding any changes that were being implemented on assigned systems. Also, performed and analyzed vulnerability scan reports and worked with stakeholders to establish plans for sustainable resolutions and assisted I.T staff with understanding and resolving system vulnerabilities.
Completed tasks such as researching and identifying security vulnerabilities on the networks and systems, monitored controls post authorization to ensure continuous compliance with the security requirements by evaluating vulnerabilities through Nessus scan results and work with the IT staff for mitigation actions.
Reviewed the PAOM in order to validate the items uploaded in the POAM tracking tools support the closed findings and coordinate promptly with stakeholders to ensure timely remediation of security weaknesses, conducted system security evaluations and assessments, documented and reported security findings using NIST 800 guidance per the continuous monitoring requirements.
Researched emerging threats and vulnerabilities to aid in the identification of network incidents, provided scanning of range operating systems and test beds using SCAP compliance tool and Nessus vulnerability scanner for independent security analysis.
Implemented deep drive analyses on alerts received from Splunk and took actions on remediation process, used log data from SIEM tools (Splunk and AlienVault) to conduct analysis of cyber incidents, analyzed log data from SIEM tools such as Splunk, and WireShark to identify threats and vulnerabilities on the network to prevent cyber security incidents.
Created a detailed Incident Report (IR) and contribute to lessons learned and mitigations for future attacks of a similar nature.
Documented policies and procedures in support of Risk Management Framework (RMF) process.
Worked with security compliance policies, programs, processes, and metrics.
Monitored and analyzed Intrusion Detection Systems (IDS) to identify security issues for remediation.
Monitored the general support system for vulnerabilities and threats including patch management, weak password settings, and weak configuration settings.
Reviewed provided or requested Artifacts and Plan of Action & Milestones (POAMs) to determine if controls are implemented correctly, reviewed the PAOM in order to validate the items uploaded in the POAM tracking tools support the closed findings and coordinate promptly with stakeholders to ensure timely remediation of security weaknesses.
Conducted system security evaluations and assessments, documented and reported security findings using NIST 800 guidance per the continuous monitoring requirements.
Researched emerging threats and vulnerabilities to aid in the identification of network incidents, provided scanning of range operating systems and test beds using SCAP compliance tool and Nessus vulnerability scanner for independent security analysis, monitored controls post authorization to ensure continuous compliance with the security requirements by evaluating vulnerabilities through Nessus scan results and work with the IT staff for mitigation actions and used Nessus to run scans on operating systems.
Participated in the creation of enterprise security documents (policies, procedures, standards, guidelines, and playbooks) under the direction of the Chief Information Security Officer.
Conducted risk assessments and collaborated with Management and technical team to provide recommendations regarding any changes that were being implemented on assigned systems.
May 2017-April 2019
Capital One Financial, Arlington, VA
Junior Cyber Security Analyst
Analyzed log data from SIEM tools such as Splunk, and Wireshark to identify threats and vulnerabilities on the network to prevent cyber security incidents. Also, implemented deep drive analyses on alerts received from Splunk and took actions on remediation process
Monitored and analyzed Intrusion Detection Systems (IDS) to identify security issues for remediation.
Monitored the general support system for vulnerabilities and threats including patch management, weak password settings, and weak configuration settings.
Managed Security Assessment and Authorization (SA&A) process to support continuous monitoring activities in accordance with NIST and FISMA requirements and guidelines.
Reviewed and analyzing log files to report any unusual or suspect activities.
Worked with system data including but not limited to security event logs, system logs, proxy and firewall logs.
Monitored systems, detecting, analyzing, and resolving all incidents/events reported by various SIEM tools.
Performed security control assessment of all assigned systems, developed test plans and assessment reports in support of information security policy.
Streamlined the phishing analysis to an almost analyst-free experience.
Applied understanding the function and content of information security policies, standards, procedures, and practices as well as threats, risks and vulnerabilities at a functional level.
Responsible for following Response Playbooks/Incident Response Plans (IR Plans) used by SOC team, wrote threat reports and manage recommendations with affected stakeholders.
Used NIST Risk Management Framework as a basis for SOC team Cyber Security guidelines such as Continuous Monitoring, worked with cross-functional teams to ensure compliance with SOC Team Cyber Security Risk Management procedures throughout the system.
SOC Team worked with NIST Compliance, Security Management and Operations, Vulnerability Assessment, Risk Management Framework, Incident Response, Monitoring, Threat Detection and Mitigation.
Created a formal Cyber Weekly Report for reporting to Senior Management/Executives.
Conducted e-mail analysis on suspicious e-mails.
Actively conducted open-source research to find new threats and IOCs.
Served as the system tool owner for our security applications (Splunk, Carbon Black, etc)
Performed Threat Intelligence using Cyber Kill Chain and Diamond Model in Cyber Security.
Provided Cyber Security support for complex computer network exploitation and defense techniques.
Performed comprehensive Cyber Security monitoring, identifying vulnerabilities, and documenting all events.
February 2014-May 2017
Marriott International, Baltimore, MD
Cyber Security Analyst
Experience investigating, capturing, and analyzing events related to cyber incidents
Documented and logged technical incident detail for future reference.
Developed and implemented a complete restructure of security groups to more effectively manage domain permissions to resources.
Assessed business process to identify potential risks.
Experience researching emerging cyber threats to understand and present hacker methods and tactics, system vulnerabilities, and indicators of compromise
Conducted above-core software reviews to ensure applications requested by users comply with requirements, guidelines, and standards before installed on systems.
Promoted awareness of information security issues among system owners and executive leadership to ensure they understand and adhere to systems security policies and procedures.
Defined, established and managed security risk metrics and track effectiveness.
Performed periodic reviews of process controls and technical controls to ensure continuous adherence to SOX compliance.
Supported day to day data security operations.
Monitoring security patch levels of the servers, workstations and network environments, and anti-virus systems.
Performed proactive network monitoring and threat analysis.
Recommended and addressed the acceptability of the software products for continuous monitoring project.
Monitored and analyzed Intrusion Detection Systems (IDS) to identify security issues for remediation.
Assisted in planning, development and security of a system that aims to establish a security infrastructure.
Developed and maintained security Implementation policies, procedures and data standards.
Executed security data management plans for the design and implementation of data collection, scheduling and review clarification and reporting systems.
SOC Team member responsible for communicating technical security remediation plan to teams within the organization.
Followed SOC team procedures for Risk Management including vulnerability scanning, traffic monitoring, penetration testing and incident response.
SOC Analyst responsible for monitoring network traffic, end-point security, vulnerability scanning, penetration testing and firewall security.
Used various Cyber Security tools including pfSense Firewall Manager, Wireshark Nmap, Nessus, Splunk and Snort.
Worked as part of the SOC teams providing Security Assessment and Testing as well as Security Awareness Training.
As SOC Analyst, analyzed test results and implemented mitigations for Cyber Security incidents in accordance with Incident Response Plan.
Identified areas for improvement and control gaps, and evaluated the impact of various Cyber Security measures.
Implemented compliance-based Cyber Security audits following NIST 800 guidelines and SOC procedures.
Took part in 24/7 shift rotations in Security Operations Center (SOC), documented all events and incidents, and transferred end of shift notes.
February 2011-January 2014
Walmart, Boston, MA
Network Security Analyst
Created a detailed Incident Report (IR) and contribute to lessons learned and mitigations for future attacks of a similar nature.
Documented policies and procedures in support of Risk Management Framework (RMF) process.
Worked with security compliance policies, programs, processes, and metrics.
Used log data from SIEM tools (Splunk and AlienVault) to conduct analysis of cyber incidents.
Audited data location and permissions; verified end user, service and administrator access to resources.
Provided, tracked, and documented threat attribution to incident response and intelligence reporting activities.
Communicated and engaged with senior management (CISO, CIO, and Directors) and system owners to assure information sharing and timely incident response and risk reporting.
Assisted in the evaluation, testing and recommendation of hardware, software, and network configurations based on customer needs.
Evaluated systems covering for Risk Management Framework (RMF).
Implemented processes to capture both current and historical audit findings to identify systemic failures and patterns for corrective action.
Performed periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external web integrity scans to determine compliance.
Responsible for leading and delivering accurate and expedient handling of end-user support requests.
Education
Masters of Science in Cybersecurity and Technology
University of Maryland University College, MD
Bachelor’s degree of Finance and Accounting
University of Parakou- Benin
Associates Degree in Applied Science of Cybersecurity
Certifications: Information Security and Assurance Certificate.
Frederick Community College, Frederick, MD
Certifications
Certified Ethical Hacker (CEH) - In Progress
CompTIA Security+ (Sec+)
Splunk 7.1 Certification
FISMA & Risk Management Framework Training (Virtual Course)
CompTIA IT Fundamentals Training (Virtual Course)
(ISC)2 CAP – Certified Authorization Professional candidate, Dec 2020
Microsoft Azure Fundamentals AZ-900. In Progress
Microsoft Azure Security AZ-500. In Progress
Amazon Web Services (AWS) Fundamentals. In Progress
Amazon Web Services (AWS) Security. In Progress