Security Officer Cybersecurity Analyst
Resume:
OBJECTIVE
To secure a full time permanent position with a company that has growth potential
SKILLS & QUALIFICATIONS
Experience in working with National Institute of Standards and Technology (NIST) RMF for Assessment and Authorization (A&A)
Experience with performing Cybersecurity risk assessments and mitigation
Experience with planning and executing comprehensive Cybersecurity test events, including identifying applicable security controls, analyzing assessment procedures, and identification and using required tools, such as Retina, Nessus, Assured Compliance Assessment Solution (ACAS), or Security Content Automation Protocol (SCAP)
Expert ability to produce high-quality deliverables that meet or exceed timeline.
Effectively leverage technical communication to diverse audiences.
Experience with McAfee ePolicy Orchestrator
Experience with vulnerability scanning solutions (Tenable also called Nessus, BeyondTrust, Splunk, Solarwinds and Belarc)
CERTIFICATIONS
CASP+ CE Certification - Enterprise security, risk management and incident response, research and analysis, integration of computing, communications and business disciplines as well as technical integration of enterprise components.
Security+ Certification – Implement secure network communications and enforcing organizational security policies; Manage security incidents and monitor the security infrastructure.
A+ Certification - Proficient in installing, servicing and repairing personal computers and software
Network+ Certification - Managing, maintaining, troubleshooting, installing and configuring basic network infrastructure.
EDUCATION
University of Buea, Cameroon. BA (HON) 1999-2003
RELEVANT PROFESSIONAL EXPERIENCE
SENIOR SYSTEM SECURITY OFFICER (ISSO) 02/22- Present
TEKSYNAP Alexandria, VA
PRINCIPAL CYBER ANALYST, INFORMATION ASSURANCE/INFORMATION SYSTEM SECURITY OFFICER (ISSO)/CYBERSECURITY CONTROL ASSESSOR (SCA) 08/20- Present
AKAJI INFORMATION TECHNOLOGY SOLUTIONS Bowie, MD.
Forty hours work week
Supervisor: Joseph Ebotarrey Cell: 571-***-****, Office: 301-***-****
Review and Assess Computer Network Defense (CND) security controls for DOJ’s RMF packages and made recommendations on approval to the HQ Information System Security Manager
Supports government ISSM in ensuring RMF A&A packages and security controls are prepared, tracked and maintained in workflow systems (eMASS).
Experience with selecting security controls using Confidential 800-53 Rev 5 as guidance base on system security categorization.
Effectively engaged in the assessment processing & preparing for assessment, conducting assessment, communicate assessment results, and maintain the assessment.
Manages the Risk Management Framework (RMF) authorization process by assisting in the mission and business success for 63 DOJ sites with the Authority to Operate (ATO), and Authority to Connect (ATC) decision making.
Collaborates with sites on proper security controls and information securities IAW NIST 800-53, NIST 800-53A, FIPS 199, FIPS 200, and CNSSI 1253 utilizing Standard Operating Procedures (SOP) System Security Plan (SSP), and information security policies. Work on Unclassified and Classified platforms.
Composes Security Assessment Report (SARs), Security Control Traceability Matrix (SCTMs), and POA&Ms for site’s risk assessment during the certification and accreditation (C&A) process.
Possesses experience with various security tools such as eMASS, ACAS, and Solarwinds.
Experience with creating and running ACAS scan reports. Also analyzes and coordinate system remediation activities with system owners.
Successfully and aggressively completed an onsite assessment of a site’s implemented physical security controls without supervision; provided inputs on the accuracy of security designs and architectures.
Support and/or conduct remote assessments to inspect and verify IS reports and plans at industrial and Government locations as approved by the Government, and provide a written report for review and approval by the DOJ;
Conduct comprehensive reviews of security authorization documents to ensure the appropriate NIST security guidelines are used during the assessments and the selections of security controls are relevant to the confidentiality, integrity, and availability of the systems.
Manage hiring and placement for 13 Cybersecurity personnel.
Leads 6 team members through multiple RMF processes, accreditations and assessments that led to 17+ final approved authorizations.
Provides training to team members on risk assessments, security principles, methods and techniques.
Liaison recommendations to several site ISSMs/ISSOs on all sources of risks from individual information system technologies to provide assistance with site’s improved security posture.
Assess and develop SSPs, Plan of Actions and Milestones (POAM) remediation and mitigation plans, SOPs, SARs, artifacts, RARs, RAQs for sites and ensure Continuous Monitoring (CM) processes are in place throughout the System Development Life Cycle (SDLC).
Provides RMF (steps 1-4) assistance and assessment training of 18+ controls to team members.
Key member in the development or modification of the computer environment for IA security plans.
Provides a weekly internal Cyber/IA and RMF package and ATO/ATC status reports.
CYBERSECURITY ANALYST 12/17- 06/18
DEPENDABLE GLOBAL SOLUTIONS Arlington, VA
Supervisor: Moses Manget Cell: 240-***-****
Review and analyze SAR, SSP and POA&M for authorization recommendation to AO to ensure that risks and corrective actions are acceptable to mission, system and information assets, and national security
Train two personnel through RMF processes and assessments leading to an accreditation approval.
Manages the Risk Management Framework (RMF) authorization process by assisting in the mission and business success for 63+ DOJ sites during the Authority to Operate (ATO) decision making.
Key member on the accelerated RMF process of multiple RMF sites simultaneously, accreditations and assessments.
Perform vulnerability and compliance assessments
Collaborate with DOJ sites on proper security controls and information securities IAW NIST 800-53, NIST
Provide Incident Response for various security alerts and proceed according to company SOPs
Document policies, procedures and standards based upon guidance from Information Security Management
Liaison recommendations to several site ISSMs/ISSOs on all sources of risk, including aggregated risk from individual information system technologies to ensure sites are functional and secure.
Ensured the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
Performed periodic and on-demand system audits and vulnerability assessments to determine compliance.
Plan, conduct and assist with HBSS software deployments and agent/client upgrades.
Experience with installing, configuring and deploying HBSS agents/modules to servers and end user machines (Such as McAfee agent, Rogue System Detection, HIPS, Asset Baseline Monitor, Policy Auditor, DCM/DLP and Virus Scan).
Maintaining STIG compliance of Windows based systems.
Integrating and testing new and custom signatures on servers and workstation across the enterprise.
SYSTEM ADMINISTRATOR 04/15- 05/16
INSIGHT GLOBAL Herndon, VA
Performing under Assignment for Hewlett Packard on behalf of Insight Global
Familiar with creating new servers with STIG operating systems.
Experienced with maintaining existing infrastructure through patches, updates, and troubleshooting.
Experienced with network vulnerability scanning utilizing Retina.
Familiar with security technologies including Intrusion Detection & Prevention Systems (IDS/IPS),
Firewalls & Log Analysis, Network Behavior Analysis tools,
Network Packet Analyzers and Security Systems Manager.
Knowledge and experience in patching Windows Operating Systems
Knowledge of networking technologies and protocols, including Ethernet, TCP and IP and IP routing.
Experienced in maintaining proper build environments to support testing, development, troubleshooting and production.
Monitored the network health and welfare using What’s Up Gold. Conduct first level fault isolation by using the designated server to determine if the problem is upstream of AOC networks or third party.
Versed with Remedy Trouble Ticketing Software like JIRA.
Installed network printers.
Provide expert level knowledge of applications, tools, and designs, plans and documents.
Recommended solutions to improve the efficiency of the enterprise in performing daily operations.
Worked with the Problem Management Group as a tier 3 escalation for troubleshooting
Network, systems, and applications.
SECURITY ANALYST /SITE SUPERVISOR 2/14- 4/15
Performing under Assignment for BAE Systems, Inc. on behalf of Allied Universal Arlington, VA
Responsible for making badges using the HID and PACOM system
Maintained photo ID access card inventory levels.
Maintained & supported ID systems (with System Administrator’s support)
Programed the systems for photo ID access cards (e.g., clearance codes/access authorizations)
Customer Support for photo ID access cards & access Control issues
Maintained cardholder records files and access control/alarm monitoring system database.
Focal point for all access control and photo ID access card issues.
Established and maintain system door group and clearance code programming.
Enforced regulations regarding the safeguards of proprietary and classified information
Lead and trained team of approximately twenty employees
Responsible for utilizing hardware systems and specialized procedures to control and monitor movements into, out of, or within a protected area of BAE Systems
Maintained the security database and ensure proper operation of the access control system
Contact this candidate