Security Specialist Cybersecurity Analyst

NNAMDI JONAH

Rockville, MD ***** 301-***-**** adt5bt@r.postjobfree.com

EDUCATION

Bachelor of Science: Computer Engineering

Houdegbe North American University

Master of Science: Information Technology

Southern New Hampshire University - Hooksett, NH

Certification: CompTia Security+

PROFESSIONAL SUMMARY

Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience in developing and testing security framework for cloud-based software. Versed in robust network defense strategies, following industry best practices for cybersecurity and attends annual training to stay up-to-date on protocols. with CompTIA Security+ Certification. Over 7 years of experience in Systems Security Assessment, business continuity and disaster recovery; developing and testing multiple Information System, Research & Analysis, Network Defense, Monitoring, Intrusion Detection System, Intrusion Prevention.

Possesses excellent interpersonal skills, ability to work with large groups of stakeholders throughout the project life cycle with multicultural awareness and strong oral and written communications skills; and can professionally, clearly and effectively convey issues, reports, and other deliverables to and from stakeholders

SKILLS

• Network Security

• Access Control

• Data Security

• Threat Analysis

• Tableau

• Qualys Cloud Platform

• SQL

• Python

• Threat Detection

• Symantec Endpoint Protection

• Designing security controls

• IDS Integration

• Intrusion Test Oversight

• CIS Compliance

• PCI Compliance

• Microsoft ASP.NET

• Git

WORK HISTORY

Cybersecurity Analyst, 11/2018 to Current

CenturyLink – Indianapolis, IN

• Design and maintains incident response protocols to mitigate damage and liability during security breaches.

• Optimizes and implement information security design, which included providing recommendations to improve network security, security controls, and access management to ensure data integrity for over 300K users which resulted in 18% increase in company's income.

• Extensive knowledge of FISMA Information security risk management, governance and implementing the six steps of the Risk Management Framework (RMF)/Designing and executing security training programs for Information Categorizing, Selecting, Implementing, Assessing, and monitoring Security Control, and Authorizing Information Systems.

• Excellent working knowledge of NIST Special Publication 800-53 Security and Privacy Control for the Federal Information Systems and Organizations, including control family, security control selection and specification process, which include: Access Control, Awareness and Training, Audit and Accountability and other NIST Special Publication Series such as NIST SP 800 series.

• Performs detailed security evaluations and collaborate with caseload of 20 clients to recommend cybersecurity improvements

• Analyze and performs technical and non-technical security risk assessments of computer and network systems via network scans, interviews, documentation review and walk-through of both new and existing federal information systems for FISMA compliance using NIST guidelines and controls.

• Monitors network performance and implemented network performance statistical reports for both real- time and historical measurements.

• Implements company policies, technical procedures and standards for preserving the integrity and security of data, reports and access.

IT Security Analyst, 03/2016 to 10/2018

Bmo Telecoms Inc – Victorville, Ca.

• Created Project plans and assist with monitoring and tracking of Cyber Security solution offerings with focus on external and internal stakeholder congruity and other key metrics.

• Working with DevOps and Software engineers to ensure that solutions are implemented with the NIST 800-53 requirement while also gathering evidence from engineers to support to support a FedRamp ATO assessment and worked closely with security personnel to close out POAMS and ISVMS.

• Served as the point of contact for all information security functions, created comprehensive reports on security data, attended meetings with technology teams and management to review findings, and provided recommendations to enhance network security.

• Reviewed violations of computer security procedures and developed mitigation plans also designing encrypted data and erected firewalls to protect confidential information.

• Monitored computer virus reports to determine when to update virus protection systems. and also Engineered, maintained and repaired security systems and programmable logic controls.

• Monitored use of data files and regulated access to protect secure information, and Performed risk analyses to identify appropriate security countermeasures.

• Prepared and implemented plans to safeguard computer files against modification, destruction or disclosure and conducted security audits to identify vulnerabilities.

• Identified automation opportunities for the incident response process and provided technical project management during implementation, resulting in over $100K in cost savings. IT Compliance Analyst, 02/2015 to 03/2016

Frontier Communications – Baraboo, WI

• Supported the development of the authorization package including Security Assessment Plans (SAP), Security Requirements Traceability Matrix (SRTM), Security Assessment Report (SAR) and Risk Assessment Report (RAR).

• Applied Agile methodology to document “AS IS” business processes to map this to the envisioned “TO BE” business process; delivered solutions for complex problems in a large-scale environment; participated in the process of creating project timelines and monitoring plans using Microsoft Project and PowerPoint dashboards.

• Provided guidance on accessing a high, moderate, and low systems including FedRamp based systems from non-ATO to ATO on an AWS, Azure, and Google cloud system.

• Monitored data export from internal and external systems, identified and reported potential risks, and areas of compliance vulnerability and risk to develop and implement corrective action plans.

• Developed and implemented internal control tests to verify employee compliance with established policies and procedures.

• Strategically created, compiled, and maintained security authorization packages and documentation as required by Federal security authorization guidelines described in NIST SP 800-53, DHS 4300A, DHS 4300B Sensitive Systems Policy for FedRamp systems. ACCOMPLISHMENTS

• Identified over 250 new viruses and malware in under 4 years.

• Successfully secured and monitored over 50 websites and servers with 0 major attacks.

Contact this candidate