Security Analyst Cyber
Resume:
My Resume_v*
Beri Tar Kpumbu
Status: US Citizen
Clearance: Active Public Trust. Pending Secret Clearnce.
Military: US Army Reserve
advp9a@r.postjobfree.com
Certifications/Licenses/Degrees
1.Security Plus+ (May 2018)
2.CISSP (January 2019)
3.Bachelor’s Degree (June 2019)
SUMMARY:
Currently, I am a Senior Cyber Security Analyst/ISSO (8 years’ experience) at the Census Bureau HQ performing security tasks using the Risk Management Framework (RMF) as a guide and such tasks include performing Risk assessment and Risk Management, implementing security controls to ensure and guarantee the CIA of the organization security assets, using various tracking tools like Web Inspect and CSAM to track, tackle and mitigate vulnerabilities and other findings, develop and reinforce security strategies and technologies like Firewalls, IDS/IPS, Web security gateways and Security encryption software such as IBM Security Guardium Data Encryption (aimed at streamlining data protection and management as well as activity monitoring, data discovery, vulnerability scanning and compliance reporting), to ensure the CIA of the organizations assets, and perform continues monitoring on the organization’s systems and perform quarterly and yearly review to ensure the CIA of the company’s assets and data. Expertise in developing security artifacts to support the organization’s program to include System Security Plans (SSP), Security Assessment Reports (SAR), Risk Assessment Reports (RAR), Security Control Traceability Matrix (SCTM), Plan of Action and Milestones (POA&M), System Design and Installation Procedures, System User Guides, Privileged User Guides, Security Test Procedures and other documents as needed. Attends meetings and communicates status with stakeholders regarding vulnerabilities discovered, trends, and mitigations. Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle. Performing Risk Management Framework (RMF) Assessments using the various security artifacts for guidance at each step of the RMF process, obtaining ATO and Continuous monitoring; Security Control Assessment (SCA); Evaluation and guidance on Security controls section and implementation; developing and update the FIPS 199 System Categorization, SSP, SAR and POA&M; supervising and training clients and team members on new and updated processes and tasks; participating actively in Risk Assessment; and Security Information and Event Management (using Splunk tool). Used and maintained technology to evaluate overall risk, utilizing output from IDS, firewall logs, SIEM tools, and vulnerability scans. Experienced in developing policies and procedures that provide guidance in accordance with federal and NIST information security and privacy requirements. Run daily scrums, release planning, sprint planning, retrospectives, reviews and client demos. Quick learner with an ability to understand new concepts, technologies and product functionality.
Possess problem-solving skills, ability to follow industry standards and procedures. Quickly master new concepts and applications. Possess strong communication and interpersonal skills.
Work Experience
Senior Cyber Security Analyst/ Junior ISSO
U. S. Census Bureau HQ - Suitland, MD
October 2018 to Present
Duties
Using comprehensive understanding, analysis and risk mitigating techniques to implement the primary objectives of information security within the organization from a risk management perspective by having controls in place to support the organization’s mission and making all the decisions based on risk tolerance of organization, cost and benefit.
Reviewing the risk management lifecycle which includes all risk-related actions such as Assessment, Analysis, Mitigation, and Ongoing Risk Monitoring. Performing Risks evaluation to correctly Implement controls, and Risk assessment to identify and evaluate our assets, and identify threats and their corresponding vulnerabilities.
Develop and document Security Awareness Training for new hires before onboarding. Also, conducting annual reviews and updates of the Security Awareness Training course for new and updated threats and preventive actions/strategies. Performing monthly phishing campaigns to test staff on identifying internal threats and follow up actions to implement according to company’s policies and procedures.
Ensuring asset security such as company information/data by monitoring and implementing the correct applicable controls that enforces several levels of Confidentiality, Availability, and Integrity (CIA) and applicable security measures such as firewall and network, routers and
Using Open Web Application Security Project (OWASP) to view, track, tackle and mitigate web security vulnerabilities affecting the organization mission critical application. Web Inspect is the organization’s web application scanning tool used to track these findings and validate mitigation of these findings.
Develop defense-in-depth strategies that consolidate network-enforced security devices & technologies such as Switches and routers, Firewalls, Load balancers, Proxies, Web security gateways, VPNs and VPN concentrators, IDS/IPS, Protocol analyzers and Unified threat management.
Strong conceptual and practical understanding of IT Infrastructure designs, technologies, products, and services. This should include knowledge of networking fundamentals, protocols, firewall functionality, databases and other technologies.
Knowledge and participation on incident management process hand-on experience in ticketing tools like Remedy, ServiceNow etc, Completely own remediation tracking/mgmt. till closure of the findings, Exception management for Vulns and Policy exception for any process deviations
Ensuring secure transmission and storage of very sensitive data using an All-In-One solution for data security tool called IBM Security Guardium Data encryption, aimed at streamlining data protection and management as well as activity monitoring, data discovery, vulnerability scanning and compliance reporting.
Implementing proper and effective network measures and controls as networks are always prone to network attacks such as Denial of Service attack, Distributed Denial of Service attack, Password Guessing Attacks, Address Resolution Protocol (ARP) Spoofing Attacks, SYN attack, Sniffing Attack, Man-In-The-Middle (MITM) attack, IP Address Spoofing Attack, DNS (Domain Name System) Spoofing Attacks, Phishing and Pharming Spoofing attacks and Backdoor Attacks.
Ensuring company’s systems and servers have a clear picture in identifying and granting access to authorized users and permitting them to perform legitimate actions while restricting unauthorize users. This identity and access management can be implemented physically (usernames and passwords, Access Cards, Biometrics and Fingerprint Scanners), Authentication (Presenting ID to confirm your person), Authorization (Checking appointment/staff list), and Multifactor Authentication (combination of Password, Access Card and Biometrics).
Developing and implementing an enterprise-level security assessment by carrying out Access Control Tests (like Penetration Testing, Vulnerability testing, Security Audits and Software testing) and Security assessments.
Solely conducts regular security and privacy policy and plan reviews, reports on findings, recommends policy and plan updates. Also, develop agency security policies for review and approval by senior management. And develops comprehensive FISMA-compliant ATO packages for all internal, hosted, and cloud-based information systems.
Develops and executes System Assessment Plans (SAP) and Control Assessment Templates (CAT), which are in turn reported using agency standard Security Assessment Reporting (SAR) documents. Evaluates system compliance with established NIST 800-53 security controls commensurate with its FIPS 199 security categorization level.
Managed ATO/Re-ATO package documentation such as SSP, FIPS 199, BIA, CP/DRP, PTA/PIA, DIRA, IRP, RAR, SAR and more. Conduct full on-site and off-site Assessment activities to obtaining an Initial ATO or Re-ATO. Develop security documents related to the environment and its systems such as SSP, FIPS 199, BIA, CP/DRP, PTA/PIA, DIRA, IRP, RAR, SAR and annual review and updates. Participate in Incident Response and Disaster Recovery Table-top Exercises and updating the process annually.
Participates in Risk Assessment Panels and produces Risk Assessment Reports (RAR) in support of new and existing SA&A authorizations and certifications.
Verifies effectiveness of controls inherited from FedRAMP vendors providing cloud services, including GSA using NIST standardized assessment protocols, and Export-Import Bank policies and procedures.
Run daily scrums, release planning, sprint planning, retrospectives, reviews and client demos.
Capable of working independently or as part of a QA/Project team as required by the project. Able to effectively and cooperatively interface with all levels of management and staff. Experienced in developing policies and procedures that provide guidance in accordance with federal and NIST information security and privacy requirements
Experienced in conducting technical assessment and expertise evaluations for controls tailoring process.
Quick learner with an ability to understand new concepts, technologies and product functionality. Possess problem-solving skills, ability to follow industry standards and procedures. Quickly master new concepts and applications. Possess strong communication and interpersonal skills.
Managing an Operations Center (SOC) framework in place consisting of the proper policies, standards, procedures and guidelines for the core and support services of an organization which are continually under review to ensure they remain up to date and relevant and the organization is showing due care and diligence.
Performing security operations by implementing proper storage and disposal techniques, practicing system hardening, configuration management and change management.
Designing and delivering organization software to meet client’s needs such as machine code run directly by the CPU, and source code. This involves going through all phases of the Software Development Life Cycle (SDLC) and bringing together of various teams with different professionals including programmers to work closely with engineers to develop organization software.
Responsible for going through the POA&M process to properly, Updating the POA&M tracking tool, CSAM and effectively remediate the vulnerabilities present and finally closing the POA&M. Also, verifying and validating that each POA&M content is updated and is being assigned to the right SME or POC to have them work on remediating the vulnerabilities for that POA&M.
Running scans on POA&Ms using Nessus tool to validate all identified findings have been remediated and uploading the validation scan result into the POA&M tracking Tool (CSAM) with any additional artifacts for POA&M for closure.
Prioritizing the POA&Ms according to the Impact level of the vulnerabilities present in them so that they can be re-mediated in time according to FISMA requirement. Meeting timelines and making sure the provided evidence for assessment is validate and uploaded onto the SharePoint site for assessment.
Assisting with continuous monitoring using NIST SP 800-137 as a guide to make sure the assigned system is secure and can effectively perform normal operations without compromising it CIA requirements or compliance.
Working with and reviewing tasks done by Jr. Analyst to gather and update security artifacts such as SSP, SAP, SAR & PIA for the ATO package required for each systm assigned to them.
Working with Vendors and other SMEs to test new patch and software in lab, create ticket to go through different approval levels for evaluation and compatibility and scheduling of implementation date. Also, identify the Risk levels and outages that comes with the change and present to client and other stakeholders for review and approval.
Sr. INFORMATION SECURITY ANALYST
WASHINGTON TECH SOLUTIONS - Upper Marlboro, MD
April 2013 to September 2018
Duties:
Using NIST SP 800-37 Risk Management Framework (RMF) assessments, obtaining ATO and Continuous Monitoring (NIST SP 800-137): Performed RMF assessment on several different environments at the Census Bureau using both scanning tools and manual assessment. Assessment included initiating meetings and interviews with various System Owners and Information System Security Officers (ISSO), providing guidance of evidence needed for security controls, and documenting findings of assessment in the SAR.
Knowledge of Several Computer Environments: Performed evaluation and guidance on security control implementation on multiple environments include Windows servers like Windows 7 and Windows XP, Windows 12, Windows 16 & Linux Servers like RHEL7, RHEL8.
Security Documentation: Develop and perform updates to System Security Plans (SSP) using NIST SP 800-18 as a guide, System Assessment Plan (SAP), Risk Assessments, Incident Response Plans (Using NIST SP800-61 Rev. 2, System Assessment Report (SAR) and draft Plans of Action and Milestones (POAMs). Expertise in National Institute of Standards and Technology Special Publication (NIST SP) documentation: Performed assessments, POAM Remediation, and document creation using FIPS 199, FIPS 200, NIST SP 800-60, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-18, NIST SP 800-30, NIST SP 800-137, NIST SP 800-34, NIST SP 800-37 and NIST SP 800-115.
Training of clients and coworkers: Created training decks to train clients and coworkers on processes at the client site. Additionally, run training sessions, using the created deck, on how to process like POA&Ms, function requirements, and NIST control mappings.
POA&M Remediation: Performed evaluation of policies, procedures, security scan results, and system settings in order to address controls that were deemed insufficient during Security Assessment and Authorization (A&A), RMF and continuous monitoring.
Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
Prepare security documentation such as the System Security Plan (SSP), Security Control Traceability Matrices (SCTM), Plans of Milestones & Actions (POA&Ms) under NIST.
Developed Solution to Security weaknesses: Developed solutions to security weaknesses
documented in POAM using tools like Excel Spreadsheets, Cyber security Asset & Management (CSAM) and Trusted Agency FISMA (TAF) and Corrective Action Plan (CAP). Assisted ISSOs create solutions to weaknesses based on system functionality and pre-existing architecture.
Perform Scanning: Run port Scanning using tools like Nmap to obtain the list of open/active ports and services; and Vulnerability Scanning using tools like Nessus to identify weaknesses in the software.
Review Security Audit Logs: using SIEM tools like Splunk to verify that the Access Control
mechanisms are working effectively, and collecting and analyzing large volumes of events from the audit log files
Lead and conduct interviews with the system owners, system administrators and other stalk holders during the SCA process and documentation after that.
Monitoring the network systems and infrastructure using network devices like Active Directory (AD) for authentication and authorization of users and computers; and IDS/IPS (e.g Snort) to detect worms, vulnerability exploit attempts, port scans, and other suspicious behaviors.
Using GRC Tools like ServiceNow, which aims at synchronizing information and activity across governance, risk management and compliance in order to operate more efficiently, enable effective information sharing, more effectively report activities and avoid wasteful overlaps.
Using MS Visio to design network structures and templates for use by the organization to facilitate its attainment of its mission and goals.
Education
Bachelor of Science in Information Technology
Strayer University - June 2015 to June 2019
Bachelor of Science in Economics & Management
University of Yaounde II Soa - Yaounde, CM - September 2007 to December 2009
Contact this candidate