Jay Wealth

Phone: 240-***-**** Email: adljra@r.postjobfree.com

LinkedIn: linkedin.com/in/jay-wealth

Sr. Information System Security Engineer – Risk Mitigation Powerful Strategist Operational Excellence Security Compliance Analysis

An accomplished and business savvy professional with robust experience acquired over the years in delivering optimal results & business value in high-growth environments and establishing key relationships with business segments globally. An innovative, persistent, and optimistic professional performing all functions required to support day-to-day data security operations. Maintain a broad suite of information security infrastructure, accountable for security and networking infrastructure component availability and integrity, monitoring compliance with IT security policy. Participate in the planning, design, installation, and maintenance of security systems to support security policies. Work with Information Technology staff and business units to assess risk and address security issues. Ensure information security issues are responded to during the initial stage of the project life cycle. Test solutions are effectively utilizing industry-standard analysis criteria involving the delivery of technical reports and formal papers on test findings. Interact with business units in relation to varying business and technical plans. Resolve issues by responding to IT threats and vulnerabilities. Conduct routine security risk analysis, evaluate business needs against collision, vulnerabilities, and search resulting risks. Ensure to procure sufficient security requirements adhering to system sensitivity. Provide guidance, recommendations, and best practices for encryption operations. Contribute to the development and execution of effective employee security awareness programs. Exceptional communication, presentation & interpersonal skills with proficiency at grasping new concepts quickly and utilizing the same in a productive manner.

~ Led in obtaining ATOs for 3 different systems within 6 months ~

~ Successfully implemented manual log monitoring process held as a gold standard in place of incapable SIEM tool for CFO systems ~

~ Worked with SQL Developer, DBA, O&M, and TFS team to implement manual monitoring of unauthorized changes in prod for all CFO systems ~

~ Played a critical role on Audit Task Order team that provided outstanding work within 18 months that KPMG confessed is the excellent quality of produced by Task Order for a client that is comparable to 5 years work ~

Skill Areas: Strategic & Operations Planning w Information System Security Audit w Assurance Analysis w Risk Mitigation w Security Compliance Analysis w Process Improvement w Strong Interpersonal Skills w Analytical Skills w Team Leadership w Communications w Critical Thinking w Systems Analysis w Problem-Solving w Time Management w Vendor Management w Attention to Detail w Client Relationship Management w Continuous Monitoring w Security Awareness and Training Program Initiation w Innovation w Management Skills

PROFESSIONAL EXPERIENCE

Synergy BIS (C5ISC) (April 2019 – Jan 2021)

Sr. Systems Security Engineer/IT Security Specialist – Financial Audit

Synergy implements innovative solutions that are faster to build, easier to change, and cheaper to maintain. Our goal is to understand each customer's pain points and needs to provide the highest level of service while maintaining an energetic and rewarding environment for our team members.

Review Privilege Access Management for all the C5ISC CFO system – system roles, privileges, segregation of duties

Review Privilege User Management Program (PUMP) and MFA process to determine access is granted to system users who have been vetted for access/privileges and determine the adherence to those privileges.

Review Access Control policies and procedures – account provisioning per DHS/DoD SELC, RMF-SDLC guidelines

Spearhead functions pertaining to reviewing and updating system documentation working with technical writers and AAs/DBs/IA/ALMS for approval

Analyzed and determined remediations for findings in Control Evaluation Matrix (CEMs) for assigned Product Backlog Items (PBIs) in Microsoft Team Foundational Server (TFS)

Collaborated with Scrum Masters, DBAs, Systems/Application Engineers, O&M, Cybersecurity team in finding solutions and gathering artifacts to remediate assessment findings

Attended daily scrum meetings to update the client on assigned tasks and attending weekly team meeting to evaluate performance and to determine progress towards targeted task deadlines

Made appropriate product recommendations to the client to remediate Audit findings.

Collaborating third party vendors for immediate-, mid- and long-term solutions for impending findings on a department and enterprise level

Responsible for the Financial Audit Task Order Team’s Executive Summary Weekly progress report

Uptick Systems (Dec 2017 – Mar 2019)

Senior Information Assurance Analyst

Uptick Systems Inc. is an IT consulting and staffing workforce solutions firm specializing in providing IT professionals for contract, contract-to-hire, and direct placements.

Teamed up with Sys Admins to review IdAM and PAM policies and procedures on systems and enterprise levels

Responsible for reviewing information system certification and accreditation documentations and responsible for deliverables package for various systems

Developed and executed test plans to ensure that all objectives are met

Implemented and monitored test scripts to assess functionality, reliability, performance, and quality of the service or product

Drafted, reviewed, and updated System security policies

Reviewed and updated POA&Ms, Milestones, and Artifacts

Recommended, implemented, and monitored preventative and corrective actions to ensure that quality assurance standards are achieved

Handled system documentation, reviews, and updates, which included SSP, CM, CP, RA, E-Authentication, PIA, ST&E etc

Career Elites (IQ Solutions, Inc.) (Mar 2017 – Sep 2017)

Senior Information Security Analyst (ISSO)

Career Elites works tirelessly using every channel possible to recruit and wade through the endless resumes and profiles to find that perfect match for your organization.

Pioneered the efforts across handling the entire gamut of functions pertaining to the testing process to ensure the program runs effectively and that any results can be repeatedly replicated

Led in the assessment of system security controls and continuous monitoring efforts in establishing controls effectiveness for the overall system security for various systems relative to NIH, CDC, FDC regulatory guidelines

Tracked and updated system status POA&Ms, Milestones, and Artifacts

Worked with system personnel – Infrastructure, network, help desk to provide to maintain secure systems posture include system hardening initiatives

Led in the implementation of MFA (2FA) using Microsoft Duo for system access, security, and privacy

Interacted with vendors in determining efficient and effective security system automation tools to enhance efficiency performing system audits and artifacts retention, reviews, and updates

Inscope International (Sep 2016 – Nov 2016)

Information Security Analyst / Information Security Assurance

Provides consulting services which includes enterprise strategy, technology assessment, design & prototyping, planning and professional staffing consultancy services.

Analyzed IT requirements and provide objective advice on the use of IT security requirements

Designed, analyzed, and implemented efficient IT security systems

Upgraded systems to enable software security

Led in tracking and updating system status POA&Ms, Milestones, and Artifacts in CSAM

Engaged in Front-End Documentation Reviews and write-ups - Kick-Off, SAP, SCA setup for assigned systems

Coordinated with system personnel ISSOs to provide ITSOs with accurate system reports regarding Milestones, POA&Ms, AORs and Artifacts

Engaged in Back-End Documentation Reviews and write-ups - completed SCA, VAR, SAR, Out-Brief Slide Deck etc. write-ups

FIA Info Systems (Nov 2013 – Feb 2016)

Systems Security Analyst

Provided informational technology (IT) consulting and professional staffing services for contract, contract-to-hire, and direct placement.

Researched security enhancements and make recommendations to management.

Stayed up-to-date on information technology trends and security standards

Investigated security breaches and other cybersecurity incidents.

Led in coordinating and guiding system owners and security system administrators through the C&A

Identified security controls types for the system using NIST SP 800 60 as a guide

Used NIST SP 800 53 as a guide in the selection of security controls identified for the system and FIPS 200 to define minimum security control baseline for info and information system

Led in the security controls assessment using NIST SP 800 53A as a guide to provide information necessary to determine their overall effectiveness

PRIOR EMPLOYMENT DETAILS

FIA Info Systems Sep 2010 – Sep 2013

IT Security Analyst

PROFESSIONAL DEVELOPMENT & CREDENTIALS

Bachelor of Business Administration (BBA) Corporate Finance Baruch College Zicklin School of Business CUNY

Minors: Political Theory Economics

• Secretary for Finance & Economic Students Club

• Student Body Representative for New Baruch College Campus Bookstore - Contract Award Committee

• Founding Member of Baruch College’s Students Law Club

• Writer - Non-fiction

Training: CISA, CISSP - Candidate

Certifications: CompTIA Sec+, CASP+, ISC^2 CAP, AWS CSA, SCRUM-WEB DEVELOPER

Technical Skills: OS Windows, Linux (RedHat) SIEM SolarWinds Security Nessus, AppScan, Fortify CSAM Security Awareness & Training Visio MS Team Foundational Server (TFS) Project Management Agile, Waterfall Scrum for Web Developer Antivirus McAfee, Symantec, Cylance KnowB4 Microsoft Office Suite Internet

Contact this candidate