Post Job Free
Sign in

Security Officer Scrum Master

Location:
Virginia
Posted:
December 29, 2022

Contact this candidate

Resume:

Terence Momoh Ndong

240-***-****

******@*****.***

A skilled and highly organized Cyber security Professional with a high ability to adjust quickly to new technologies, environments, procedures and get the job done in a gamut of situations including interfacing with business, and stake holders in a challenging environment.

Top Secret Clearance /SCI

TECHNICAL SKILLS

Conversant in FISMA requirements and NIST special publications

Knowledgeable in vulnerability management and compliance regulations

Knowledgeable Remedy Ticketing Tool

Familiar HBSS ePO 5.3

Familiar eMASS

Knowledge of Splunk Monitoring Tool

Knowledge of Scrum

Hands on Acas scanning

Experienced with DISA STIG/SRG Applicability Guide

Experienced in the NIST RMF process used for managing cyber security risk

Ability to adapt in a fast paced and time sensitive environment

Experienced in vulnerability management and compliance regulations

Ability to communicate well, both orally and through writing

Strong problem solving, and analytical skills needed for effective product delivery

Ability to adapt in a fast paced and time sensitive environment

Adept with Microsoft Office Suite (Word, PowerPoint, Outlook, Excel), Visio, Adobe Acrobat, and Photoshop

PROFESSIONAL EXPERIENCE

DISA HQS FORT MEADE MD (LEIDOS)

Cybersecurity Watch officer March 2022 – Present

Support the Battle Captain and cyber center security Chief with all Cyber Defense and network Assurance issues

Oversee all networks Defense operation.

Maintain awareness of all Pertinent directives, Orders, Alerts, and messages.

Prepare and deliver daily situational awareness and operational update briefing.

DISA HQS FORT MEADE MD (APEX SYSTEMS)

Cybersecurity Watch officer September 2021 – March 2022

Support the Battle Captain and cyber center security Chief with all Cyber Defense and network Assurance issues

Oversee all networks Defense operation.

Maintain awareness of all Pertinent directives, Orders, Alerts, and messages.

Prepare and deliver daily situational awareness and operational update briefing.

DISA HQS FORT MEADE MD (BYLIGHT IT)

Information assurance specialist April 2020 - May 2021

Complete the weekly updates to zone C NIPRE and SIPR ACAS

Analyzed ACAS scan data to document compliance metric

Conduct detailed audit of NIPR and SIPR Asset lists and scan received lists to ensure all devices are associated with the correct scan file

Participate in contingency plan Test Tabletop exercise

Attend weekly, bi-weekly cybersecurity briefing meeting

Performed weekly Security Center plugin updates on ATN standalone Laptops

Review systems and Software for DISA STIGs compliance

MID- ATLANTIC REGION NETWORK ENTERPRISE APG MD

IT Specialist April 2019 – April 2020

Work as part of a team to perform System Certifications, Annual Assessments, and Continuous Monitoring Assessments. (Validate 50 security control per month)

Provide a systematic communication of project status and key milestones to all clients. (Meet with branch management team once every week for update)

Respond to customer requests for product or solution information (received and resolve 5 ticket every week)

Work as part of a team to perform System Certifications, Annual Assessments, and Continuous Monitoring Assessments. (Input to date eMASS weekly)

Reviewed technical, operational and management controls and conducted RMF per the NIST 800-53, NIST 800-37 requirements

Worked as part of a team that assessed systems following the NIST Risk Management Framework (RMF)

Maintaining, reviewing and updating Information Security System documentations, to include but no limited to System Security Plan (SSP), Plan of Action & Milestone (POA&M), Risk

Assessment (RA), policies and procedures, security control baselines in accordance with NIST guideline and security practices.

Develop System Security Plan (SSP) to provide an overview of the system security requirements and the needed security controls.

Develop Security Assessment Report (SAR) detailing the results of the security controls assessment along with Plan of Action& Milestones (POAM).

Conduct IT Controls risk assessment to identify system threats, vulnerabilities and risk, and generate reports. Develop and Conduct Security Test and Evaluation (ST&E) according to NIST SP 800-53A.

ACETHIA LLC, BROOKEVILLE MD

IT Security control Assessor, October 2017 – Jan 2019

Work as part of a team to perform System Certifications, Annual Assessments, and Continuous Monitoring Assessments

Reviewed technical, operational and management controls and conducted RMF per the NIST 800-53, NIST 800-37 requirements

Evaluate security controls on information system platforms that include Windows, Linux, UNIX, Databases and Networks

Supported clients in complying with IT security standards across HIPAA, PCI, GLBA, NIST, and ISO 27001 frameworks

Alpha Hill LLC, Washington DC

Information system security Officer (ISSO) July 2015 – October 2017

Worked as a key team member of the RMF process for assigned systems to ensure that the controls are categorized, selected, implemented, assessed, authorized, and monitored, following NIST/FIPS requirements.

Develop and present both verbally and in writing, highly technical information to non-technical audiences at all levels of the organization.

Ensure IT systems have all security controls in place and functioning properly in accordance to NIST 800-53A publications.

InfosPro Solutions (IPS) 103 Morgan Lane, NJ 08536 September 2013 - October 2015

Junior Security Control Assessor (SCA)

Worked as part of a team that assessed systems following the NIST Risk Management Framework (RMF)

Professional understanding of Unix/Linux (Solaris/Red Hat) and MS Windows Operating Systems

Collaborate with the SOC engineers to request the scanning of systems using tools like Nessus and Web Inspect

Familiarity with NIST Special Publications (e.g., 800-53, 800-37)

Knowledge of federal risk management practices and security controls

implementation processes, to include FISMA and the NIST Risk Management

Framework.

Ability to effectively explain technical and nontechnical concepts to a

variety of audiences.

Methodical approach to gathering security documentation needed to validate security control requirements during an assessment.

Ability to follow and comply with existing processes and procedures, and

propose updates.

Work with minimal supervision, set priorities, and give attention to detail

and quality.

Demonstrates strong organizational and time management skills with the ability to multitask and work as a member of a team as well as individually

EDUCATION AND TRAINING

Certifications/Trainings

Oracle Certified Associate 2015

Certify Ethical hacker (CEH) 2019

CompTIA Security + (2020)

Splunk Core Certified User (2022)

Scrum Master online 2022

AWS Certified solution Architect associate (2022)

Thomas Aquinas Pontifical University, Rome Italy

Degree in Spiritual Theology

GPA: 3.5/4.0

Kimmage Institute of Theology and Culture

Diploma in Theology

GPA 3.5/4.0

Reference

Available Upon Request



Contact this candidate