Security Specialist Support Analyst

DICKSON ACHEAMPONG

DUMFRIES, VIRGINIA

Tel: 571-***-****

Email: ******************@*****.***

Summary highlight

Diligent Cyber Security Specialist, proficient in digital security research, planning and maintenance of organization’s security posture. Adept at training and educating internal users on relevant cyber security procedures and preventative measures. Specialized in working to prevent cyber-attacks by continuously monitoring automated software to identify leads and red flag. Ensuring and maintaining compliance in all regulatory standards and procedures, Whiles constantly updating policies and procedures to ward off possible compromises, Penalties and litigations. Experience working in a team environment identifying vulnerabilities and ensuring that remediation is met within acceptable guidelines. Highly adaptable and resourceful, and rapidly learns new skills and processes, quickly adjusts to changes in schedule, environment, and organizational objectives. Self-motivated and goal-oriented, thrives in both independent and quickly adapt to team dynamics, builds alliances and engages in cross-functional activities. Demonstrates professionalism, tenacity, thoroughness, and dedication, with solid work ethic and friendly demeanor in executing professional responsibilities.

Core Skills

Detailed knowledge of security tools, technologies and best practices with more emphasis on NIST 800-53A, COBIT, PCI-DSS, HIPAA, HITRUST, and ISO 27001.

Performed comprehensive assessments and write reviews of management, operational and technical security controls for audited applications and information systems

Ability to multi-task, work independently and as part of a team

Strong analytical and quantitative skills

Effective interpersonal and verbal/written communication skills

Information System Auditing Process.

Governance and Management of IT.

Information System Acquisition, Development, and Implementation.

Information Systems Operation and Business Resilience.

Protection of Information Assets and Continuous Monitoring.

Security Compliance, Risk and Management.

Experience

Aramark. Philadelphia, PA

IT Risk management Analyst May. 2018 -- Present

Remediates identified vulnerabilities in PCI systems based on the PCI DSS framework.

Monitor and update POA&M to close remediated vulnerabilities to increase FISMA passing score.

Review security logs to ensure compliance with policies and procedures and identify potential gaps.

Liaise with SMEs to remediate potential vulnerabilities in a timely manner.

Create remediation strategies for weaknesses based on priorities as contained in vulnerability reports

Perform risk assessments of various technologies within the client's environment

Provide data minimization guidance regarding current laws, rules and regulations related to IT controls

Coordinate internal and external regulatory IT and Security audits; meet with subject matter experts to facilitate reviews

Verify the security of third-party vendors and collaborate with them to meet security requirements

Continuously updating the company’s incident response and disaster recovery plans by managing the negative effects of an attack or breach, from minimizing the impact to altering security controls for future prevention.

…. .Assist with annual HIPAA audits and third-party audit relationships across multiple jurisdictions

Monitor compliance with Information Security Policies related to payments program with an emphasis on HIPAA

Riverside Health System. Newport News, VA

IT Security Compliance Analyst Dec. 2016 --- May. 2018

Assisted business units with understanding the risks associated with using a particular vendor and recommending solutions to reduce or eliminate risk.

Identified vulnerabilities, recommend corrective measures and ensure the adequacy of existing information security controls

Coordinated with appropriate personnel to run vulnerability scans on a regular basis and ensure timely remediation actions.

Reviewed, analyzed, and researched scan findings and coordinated remediation efforts in a timely fashion.

Performed IT risk assessment and documented the system security keys controls

Logged, tracked and assisted in preparing/completing audit/assessment requests

Logged, tracked and assisted in remediation of findings that resulted from audits/assessments/scans

Monitored various systems/tools and alerts for security issues

Maintained vendor management data, incidents, SLA infractions, Corrective Action Plans (CAP), certifications and other documentation

Monitored company, vendor and supplier Service Level Agreements (SLAs)

Conducted risk assessments to evaluate information security processes and controls

Coordinated with management on issue management, remediation, and support related reporting

General Electric. Ghana, Accra

Technical Support Analyst Feb. 2013 --- Dec. 2016

Coordinated with other IT groups for remediation of complex issues

Diagnosed and troubleshot technical issues, including account setup and network configuration

Talked clients through a series of actions, either via phone, email, or chat, until they’ve solved a technical issue

Properly escalate unresolved issues to appropriate internal teams (e.g. software developers)

Provided prompt and accurate feedback to customers

Installed software and resolved technical issues

Resolved customer complaints and concerns with strong verbal and negotiation skills

Resolved Remedy tickets daily.

Education & Certification

CISA, Security+, BSc

Technical skills

Security Technologies: Nessus, Anti-Virus Tools, Web Inspect,

Software/Artifacts: MS Office (Word, Excel, PowerPoint, Access, Outlook), MS Project, CSAM, FIPS 199, SORN, E-Authentication, PTA, PIA, RA, SSP, CP, ST&E, SAR, POA&M, ATO, 800-53A, ISA, CSAM.

Contact this candidate