Security Analyst Internal Auditor

Michael Nwinyi

New Jersey

973-***-****) ● adt6nc@r.postjobfree.com

INFORMATION SECURITY ANALYST

SKILLS

Corrective Actions

Risk Management Framework

Continuous Monitoring

Policies & Procedures

NIST 800 Series/NIST CSF

Access Control Monitoring

Internal Security Auditing

Cyber Security Assessment

Business Continuity

Information Assurance

Compliance Risk Assessment

IT Audit/POA&M

3rd Party Risk Assessment

Vulnerability Assessments

GRC & Incidence Response

WORK EXPERIENCE

IT Security Analyst. ProSec Solutions, Dallas, Texas 2016 – present

Maintain and update all required Security Authorization documentation System Security Plans, Risk Assessment Reports, Business Impact Analysis, Configuration Management Plan, Contingency Plan, Contingency Plan Test Report, Software/Hardware Inventory, and Incident Response Plan.

Ensure IT systems have all security controls in place and functioning properly in accordance with NIST 800-53A publication.

Perform an annual assessment of all assigned systems.

Work with auditors to identify key controls which must be assessed on a recurring annual basis.

Mitigate and address the security specific vulnerabilities and document via Plan of Action and Milestones (POA&M).

Support the Security Incident Response team in the remediation, documentation, and reporting of all incidents for assigned systems.

Coordinate with the engineers to accurately update the System Design Document for assigned IT systems.

Draft a Security Package and perform any modifications throughout the lifecycle of the IT system.

Maintain correspondence with stakeholders to implement and update systems that are not compliant with NIST Publications.

Coordinate and work closely with the proper Security Control Assessor (SCA) and the Authorizing Official (AO) before and during the security authorization process to ensure all stakeholders are aware of requirements, processes, and expectations.

Review and assess disaster recovery plans, and vendor’s disaster recovery plan details.

Review existing crisis management, business continuity, and disaster recovery plans.

Coordinate disaster recovery/business continuity testing.

Coordinate with internal and external auditors to support audits and certifications, ISO 27001 and PCI and interface.

Internal Auditor. - PZ Cussons Nig Plc, Nigeria. 2007 – 2016

Ensured that strong controls are in place in the company together with the rest of the internal audit team.

Ensured the successful implementation of the Internal Audit Plan and Program in the company.

Reviewed deficiencies, milestones, discoveries, and reviewed evidence provided for remediation.

Performed pre-audits to ensure ongoing adherence with compliance procedures.

Ensured that all established security and internal controls are observed by all staff members.

Reported on audit matters to the head of department and relevant stakeholders.

Served as a liaison between IT management and external auditors on IT Audit.

Assisted in drafting policies and procedures for change management and IT security.

Logistic Manager - PZ Cussons Nigeria Plc. Nigeria 2004 – 2006

Planned and organized safe, efficient storage and distribution of goods.

Supervised warehouse operations which include quarterly stock counts and movement of goods in and out of the warehouse.

Kept stock control systems up to date and made sure inventories are accurate.

Ensured proper documentation, arrangement of SKUs on designated racks for optimal utilization.

Ensured prompt posting of products received and adequate record update.

Organized shipments and processed orders for delivery.

TECHNICAL COMPETENCIES

Software: Proficient in Microsoft Office Suites Programs (Word, Excel, PowerPoint, Outlook, Nessus Tenable, ServiceNow).

EDUCATION, CERTIFICATIONS

Master’s in Business in Administration, Delta State University, Nigeria

HND in Accounting, Federal Polytechnic Idah, Kogi state, Nigeria

Security + (in progress), AWS CCP (in progress)

Contact this candidate