Post Job Free
Sign in

Security Analyst Services Associate

Location:
McKinney, TX
Posted:
May 29, 2023

Contact this candidate

Resume:

John Ade Karonwi

Dallas *****

903-***-****

***********@*****.***

PROFESSIONAL PROFILE

A dynamic detailed oriented information and Security Assessment professional, with

over 6 years’ experience, knowledgeable in Risk Management Framework (RMF), and

Vulnerability Management, using FISMA and applicable NIST standards.

Proving talent for aligning business strategy and objectives with established information

security assessment and Authorization to assess, respond and monitor risks.

SKILLS/ABILITIES

● Have effective written and verbal communication skills.

● Highly technical network background, with extensive knowledge of security tools

and remediation methods.

● Have excellent inter-personal relationship skills.

● A proven project and team lead with aptitude for good customer service and

leadership.

● Ability to multi-task, work independently and as a part of a team.

● Ability to perform privacy, technical, Operational and Management Security

Control Assessment review.

● Ability to conduct Security Tests and Evaluations, (ST&E) guided by NIST SP

800-53A.

● Ability to create and update Security Assessment and Authorization (SA&A)

documentation in line with company, industry, and national standards.

● Ability to generate residual risk reports in order to update PAO&M.

● Demonstrates ability to work under stress/pressures to meet deliverables.

● Critical thinking skills with strong attention to details and follow up.

TECHNICAL SKILLS

Network & System Security, Authentication and Access Control, MS Office Suite

(Word, Power Point, Excel, Access) Vulnerability Assessment, System Monitoring & Regulatory Compliance.

PROFESSIONAL EXPERIENCE – Alternative Inc.

2017 to Present - IT SECURITY ANALYST

● Analyze and update System Security Plan (SSP), Risk Assessment (RA), Privacy

Impact Assessment (PIA), System Security Test and Evaluation (ST&E) and the

Plan of Action and Milestones (POA&M).

● Protect systems and information infrastructure, including firewalls and data

encryption programs.

● Upgrade systems to enable security software.

● Install and upgrade antivirus software.

● Test and evaluate new technology.

● Perform penetration testing.

● Analyze IT requirements and provide objective advice on the use of IT security

requirements.

● Gather feedback from end-users to continue improving systems.

Greystone Psychiatric Hospital-New Jersey- DOH- October 2015-December

2017- IT COMPLIANCE ANALYST

● Conduct kick-off meetings to collect systems information (information type,

boundary, inventory, etc.) and categorized system based on NIST 800-60

● Conduct security control assessments to assess the adequacy of management,

operational privacy, and technical security controls implemented. Security

assessment Reports (SAR) were developed detailing the results of assessment.

along with Plan of Action and Milestones (POA&M).

● Developed System Security Plans to provide an overview of the federal

information system security requirements and describe the controls in place or to

meet those requirements.

● Creates and update the following Security Assessment and Authorization

(SA&A) artifacts; FIPS 199, Security Test and Evaluation (ST&E), Risk

Assessment (RA), Privacy Threshold Analysis (PTA), Privacy Impact Analysis

(PIA), E-Authentication, Contingency Plan, Plan of Action, and Milestone

(POA&M).

● Performs Vulnerability Assessment, making sure risks are assessed and proper action

taken to mitigate them.

● Conducts IT control risk assessment, including reviewing organizational policies,

standards and procedures and providing advice on their adequacy, accuracy,

and compliance with industry standards.

● Developed risk Assessment Reports. These Reports identify threats and

vulnerabilities, in addition, it also evaluates the likelihood that vulnerabilities scan.

be exploited, assess the impact associated with these threats and vulnerabilities,

and identified the overall risk level.

EDUCATION (2005-2012)

● Master of Art & Technology

● Bachelor Of Technology, Applied Geology.

● Human Services Associate of Science

● Diploma Cyber security and Networking (online) - in progress.

CERTIFICATIONS

● Certified Authorization Professional (CAP) - in progress

● Actively working on Certified Information Security Auditor (CISA).

REFERENCES

References will be made available upon request.



Contact this candidate