OBJECTIVE
Experienced Information System Security Officer (ISSO) with over 3 years of experience in Cyber, seeking an opportunity for growth and advancement within the RMF process. Ideal role would involve working with NIST, FIPS and other publication to create policies, verify FISMA compliance as needed to complete all 6 steps of the RMF process, work with my team and complete packages prior to submission for validation.
SEEKING: Full time Remote or Onsite position in Information System Security Officer.
Education:
Bellevue University
Master Degree in CyberSecurity Till Date
Bellevue University Date: 2020
Bachelors Degree in CyberSecurity
Federal Polytechnic
Bachelors Degree in surveying and Geoinformatics, Date: 2012
Gateway Community College, Date: 2017
Associates in Liberal Arts and Sciences
CERTIFICATIONS
CompTIA Advanced Security Practitioner CE
CompTIA Security+ CE
SKILLS/COMPETENCIES
Operating Systems: Microsoft Windows 7/8.1 and 10, Windows Server 2003, Android, Mac Os
Software:Microsoft Office Suite, Technology Service, Adobe
Cyber tools: tools such as Nmap, Wireshark
Policy: NIST SP 800-53 rev4, SP 800-37 rev2, FIPS-199, FIPS-200
Working Experiences:
Metro App Consulting LLC New Haven, CT
Information Assurance Analyst, 06/2018 to 02/2020
Responsible for implementing and enforcing an Information Assurance (IA) program at the Program Manager O-5 level.
Assisted subordinate IAMs to create RMF artifacts and Plans of Actions and Milestones (POA&Ms).
Ensured POA&M mitigations and timelines were adhered to and documented any changes that occurred.
Validated system requirements, security policies and procedures, contingency plans, incident response plans, personnel security, access control mechanisms, and identification and authentication mechanisms.
Ensured the implemented security safeguards were adequate to assure the integrity, availability, and confidentiality of the information being processed, transmitted, or stored consistent with the level of sensitivity of that information.
Ensured system POA&M mitigations and timelines were adhered to and documented all changes that occurred.
Worked with a team of ISSOs to complete several packets to receive an ATO
Worked on documentation, artifacts and policies needed to ensure compliance
Categorized the system using FIPS 199 evaluating systems utilizing high, moderate or low in the areas of the CIA triad (Confidentiality, Integrity, Availability) of information.
Identified applicable security controls and selecting enhancements needed to heighten security
Implemented appropriate security controls based on NIST Special Publication 800-53 rev 4, FIPS 200, NIST 800-60, and FIPS 199.
Conducted meetings to discuss vulnerabilities and potential remediation actions with system and application owners.
Coordinated and supported risk assessments and ensure corrective action on any identified security exposures
Identified vulnerability scans and worked towards remediation within defined time frames
Educated employees and managers on current threat and vulnerabilities
Developed Security Assessment Report (SAR) detailing the results of the assessment along with Plan of Action and Milestones (POA&M)
Develop detailed security design documentation for component and interface specifications to support system design and development.
Tracked accreditation process within the RMF
Accenture Consulting LLC New Haven, CT
Information Security Analyst, 03/2017 to 05/2018
Evaluated, monitored, and report performance against plans to ensure that the guidelines met appropriate procedures and policies.
Participated in meetings with the IT Division team to gather evidence
Review and ensured there was a Privacy Impact Assessment (PIA) document after a positive PTA was created
Assisted in developing and reviewing remediation plans or POA&M for each area of testing using Nessus
Reviewed documents such as ISA/MOU, SAR (Security Assessment Report), SAP (Security Assessment Plan), Scans, SSP (System Security Plan)
Ensured integrity and confidentiality of sensitive data.
Completed the necessary requirements to assist system owners to achieve ATO's.
Assisted in the tracking of unresolved cases to ensure their successful completion of escalation to the appropriate individuals or organizations based on established guidelines and procedures.
Assisted in the process of improving internal procedures and client deliverables.
Follow up with other team members consistently, proactively and professionally, to obtain requirements, resolve issues, coordinate multiple tasks for individual clients, and take all necessary actions to expedite the process to completion.
Researching and addressing information security issues as required to complete RMF packets
Creating and updating RMF documentation i.e. System Security Plans (SSP), contingency plan, control family policies, etc. as needed
Developing Risk Assessment plan and completing risk assessment tab as needed in emass.
Drafting, reviewing and updating the Plans of Action and Milestones (POAM)to address non-compliant items developmitigation strategies moving forward.
Creating and evaluating policies as needed to answer to security control requirements.
Working with other ISSM’s/ISSE’s to provide updated security scans to address controls requiring stig checks
Gateway Community College, New Haven, CT
Help Desk Technician, 02/2016 to 02/2017
Assist students in password reset and unlocking their account
Install new ink toner or cartridges in the college printers
Provided support for iPhone/iPads, setting up VPN, and migrated data.
Navigated through Knowledge Base/Active Directory quickly and efficiently.
Create and assign escalated problem tickets to the appropriate technical group using the Kace ticketing system.
Supported wireless configuration & connectivity.
Receive incoming phone calls to troubleshoot and resolve network/software related issues supporting
Experience with Microsoft Windows 7 and Windows 10, installation, configuring, and support & troubleshooting both in student’s computers and college computers
Remained productive during slow times, able to multitask effectively during busy times, exercise patience and professionalism during stressful situations
Assist in computer imaging and mapping out a printer
Set up workstations and laptops for new employees