JOE ESMOND YEBOAH

*** ********* **, ** ***** 978-***-**** adnuqb@r.postjobfree.com

Professional Summary

A strongly motivated IT professional who strives to learn and grow professionally in information technology. I am a team player, motivator, and lifelong learner, with major responsibilities in risk management, POAM, SPAR, ST&E, documentation, installation, and monitoring of enterprise environment. Skills

• Knowledge with IT frameworks, NIST.

• Hands on Cyber security risk standards and

controls.

• Monitor compliance and conduct annual

assessments

• Experience in Network Management Tools like

SNMP, Wire shark, and Solarwinds

• Configuring Layer-2 technologies like VLANs,

Trunking, Port Security, VLAN Access Maps,

Switch links aggregation using Ether Channel

and Inter-VLAN Routing

• Enterprise WiFi management

Work History

Information Security Officer 01/2018 - Present

Fidelity House Service Inc., Lawrence

• Conduct the IT risk assessment and documented Key controls.

• Conduct meetings with the Division team to gather evidence.

• Develop test plans; testing procedures and documented test results and exceptions.

• Supervise and monitor the FISMA testing of GCC (mostly key controls).

• Conduct walk throughs, formulated test plans, document gaps, test results, and exceptions; and develop remedi- ation plans for each area of testing.

• Perform IT operating effectiveness test in the areas of security and operations.

• Create from scratch and document change management Process, and email authentication.

• Develop the audit plan and performed the General Computer Controls testing of Information Security, Business Continuity Planning.

• Identify gaps, develop remediation plans, and train and advise IT managers on the FISMA compliance activities and controls.

• Help guide System Owners and ISSOs through the Certification and Accreditation (C&A) process, ensuring that management; operational and technical controls for securing either sensitive Security Systems or IT Systems are in place and are followed according to federal guidelines (NIST 800-53).

• Ensure that appropriate steps are taken to implement information security requirements for IT systems through- out their life cycle, from the requirements definition phase through disposal.

• Additional responsibilities include assurance of vulnerability mitigation, training on C&A tools, supporting Sys- tem Test and Evaluation (ST&E) efforts and other support to the IT Security Office.

• Develop and update Security plan, Plan of Action and Milestone (POA&M).

• Monitor controls post authorization to ensure continuous compliance with the security requirements.

• Prepared and reviewed documentation to include SSP, SAP, SAR, and POAM Packages Information Security System Officer 05/2015 - 02/2018 Maimonides Medical Center, NY.

• Ensure systems are operated, maintained, and disposed of in accordance with organization security policies and procedures

• Prepare for and participate in periodic organization compliance assessments

• Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.

• Assists in maintaining and operating the Institution’s vulnerability management systems.

• Assessment and Authorization (A&A) activities (documentation preparation, system configuration/validation, certification testing, etc.)

• Evaluate existing information risk controls and consult with technology or process owner in developing of new controls, as needed.

• Review and update remediation on (POAMs), in organization Cyber Security Assessment and Management

(CSAM) system. Work with system administrators to resolve POAMs, gathering artifacts and creating mitigation memos, residual risk memos and corrective action plans to assist in the closure of the POA&M

• Collaborate with system administrators to remediate (POA&Ms) findings. Ensure vulnerabilities and risks are efficiently mitigated in accordance with the organization continuous monitoring Plan.

• Monitor controls post authorization to ensure continuous compliance with the security requirements.

• Prepare and update the Security Assessment Report (SAR)

• Analyze and perform technical and non-technical security risk assessments of computer and network systems via network scans, interviews, documentation review and walk-through of both new and existing federal information systems for FISMA compliance using NIST guidelines and controls Network Engineer 03/2011 – 05/2015

Mass General Brigham

• Supported the Snr. Network Engineer in providing general end-user support in a Cisco router and switch environment

• Resolved tickets as a first-level response team member

• Escalated requests as needed and provide updates to end-users

• Installed, supported and maintained company hardware and software infrastructure according to best practices.

• After hours/weekend support as required.

• Assist in installation of AP’s

Computer Software Specialist /Instructor 01/2009 - 02/2011 NIIT, LTD

• Troubleshoot hardware and software as necessary

• Maintaining and upgrading computer software and hardware

• Developing and delivering programs of learning activities

• Provided excellent customer service

Education

• Associate of Science: Applied Science in Information Technology ITT-Technical Institute

• Certificate of Training

Network Professional Training Center

• Certificate Of Training: Computer Hardware and Software First Choice Computer School

Certifications

• CompTIA Security+ ce Certification COMP001021889206

• CAP-in View

• Certificate in Networking (NPTC)

• Associate Degree – information System

• 200-125 CCNA-Cisco ID: CSC13579048

• 300-410 CCNP Enterprise Cisco ID: CSC13579048

• 350-401 CCNP Specialist Cisco ID: CSC13579048

• Certificate in Computer Software; Graphic Design Concentration

• Certificate, Computer Hardware Integration

Contact this candidate