PROFILE

An accomplished and self-motivated IT Security Analyst with 5+ years’ experience in NIST Cybersecurity Framework, Risk Assessment, Risk Management Framework, Security Control Assessment, Compliance. Experienced performing the entire Assessment and Authorization (A&A) process using the six steps of the Risk Management Framework (RMF). Extensive experience in IT auditing with an emphasis on commercial companies and federal government departments using Application Controls PCI DSS, ISO 27001. Effective/Great communicator with excellent documentation and report writing skills, ability to multi-task, problem-solving, team player, and work independently, make strategic decisions in fast paced environment. Skills to attain organizational goals and objectives whiles enhancing my knowledge for professional growth.

STANDARD/FRAMEWORK

NIST Compliances, SP 800-53, SP 800-53A, SP 800-171, SP 800-171A, SP 800-37, SP 800-39, SP 800-30, ISO 27001, ISO 27002, FIPS 199, HIPAA, SOC, Cloud computing (FedRAMP), Risk Management Framework (RMF), PowerPoint, Visio, Word, SharePoint, Excel, Outlook.

CERTIFICATIONS

CompTIA Security +

Certified Information Systems Auditor (CISA)

Certified Information Systems Security Professional (CISSP) In-progress

EDUCATION

Western Hills School of Nursing Ghana, West Africa 2012 Associate Nursing Informatics

University of Maryland Global Campus In-Progress BA Cybersecurity

PROFESSIONAL TRAININGS

-Health Insurance Portability and Accountability Act (HIPAA) training

-PCI DSS Compliance training

-Vendor Risk Management training

PROFESSIONAL EXPERIENCE

HKG CONSULTING DUMFRIES, VA August 2020 - Present

Security Assessor

Schedule and conduct working sessions/interviews with stakeholders to gather and analyze Security Controls implementation and the Information System Security posture

Develop Security Assessment Reports (SAR)

Track and update Plans of Action and Milestones (POAM) regarding the mitigation and remediation status

Support the Security Assessment and Authorization (SA&A), FISMA compliance, NIST requirements and continuous monitoring for Security Controls

Track authorization expirations for different system including General Support Systems (GSS) and Major Applications (MA)

Participate in kick-off meeting and client interviews to complete the Risk Assessment, Security Control Assessment, and Plan for Remediation Actions and Security Continuous Monitoring Plan

Update existing authorization packages throughout the life cycle of the Major Applications and General Support Systems

Conduct kick off meetings to collect systems information (information type, boundary, inventory, etc.) and categorize systems based on NIST SP 800-60

Conduct security control assessments to assess the adequacy of management, operational privacy, and technical control security implemented. Security Assessment Reports (SAR) are developed detailing the results of the assessment along with Plan of Action and Milestones (POA&M)

Create and update the following: Security Assessment and Authorization (SA&A) artifacts, Security Test and Evaluations (ST&Es), Risk Assessments (RAs), Privacy Threshold Analysis (PTA), Privacy Impact Analysis (PIA), E-Authentication, Contingency Plan, Plan of Action and Milestones (POAMs)

Prepare Security Assessment and Authorization (SA&A) packages to ascertain that management, operational and technical Security controls adhere to NIST SP 800-53 standards.

CVS Health, Houston May 2017-May 2020

Pharmacy technician

Assists the pharmacist in preparing and dispensing prescription orders.

Performs all pharmacy duties, to include but not limited to, accuracy refill previous orders, dispense medications and maintain pharmacy orders.

Possesses thorough understanding of medications.

Ability to read and understanding prescriber orders for compounded medications.

Labels and refills prescription bottles with prescribed medications.

Checks pharmaceutical stock to determine inventory levels; anticipate needed medications and supplies; places and expedites orders; removes outdated drugs; puts away drugs throughout the day in an orderly manner to assure area is organized.

Maintains production standards and level

Technical Proficiencies

GRC Tools: RSA Archer, eMASS, CSAM Operating Systems: Windows XP/Vista/7/8/8.1/10

Vulnerability Scanning Tools: Nessus, WebInspect, McAfee Virus Scan Enterprise Applications: Microsoft Office Suite

Contact this candidate