Post Job Free

Resume

Sign in

Security Officer Cyber

Location:
Georgetown South, VA, 20110
Posted:
May 31, 2023

Contact this candidate

Resume:

Rachael Akintomide

Bowie, MD *****

Cell: 301-***-****

adxfvi@r.postjobfree.com

US Citizen

Professional Summary

IT professional with 4 years of experience, possessing working knowledge of Information Assurance, Risk Management Framework, Certification & Accreditation, FedRAMP, FISMA/NIST, Incident Response and Computer Security Disciplines. Excellent at planning, implementing and monitoring security measures for protecting computer networks and information.

Qualifications

Develop System Assessment & Accreditation (A&A/C&A) documentation in compliance with organizational standards.

Experience with FISMA Audit & Metrics and NIST SP 800 series

Perform comprehensive assessments and write reviews of management, operational and technical security controls for audited applications and information systems.

Develop and conduct ST&E (Security Test and Evaluation) according to NIST SP 800-53A and NIST SP 800-53Rev.4.

Working knowledge of FISMA, RMF, CMMC, and FedRAMP Frameworks.

Excellent knowledge of vulnerability and monitoring tools – WebInspect, BurpSuite, Nessus, DBProtect, Acunetix, Splunk

Working knowledge of Python programming, R programming, and SQL programming

Education & Certification

UNIVERSITY OF MARYLAND, College Park, MD Spring 2020

Bachelor of Science, Information Science specializing in Cybersecurity

CompTIA Security + CE Active

CompTIA CySA + CE Active

Amazon Web Services Solutions Architect In Progress

Experience

GDIT 4/2021 - Current

Cyber Security Consultant

Key responsibilities

Providing enterprise-level advisory for clients on how to achieve cloud security requirements as part of migrations, greenfield builds, and/or existing environments.

Performing maturity gap assessments against client cloud and container environments,

Developing documentation including policies, procedures and plans including orchestrating discovery, interviews and structured data collection meetings.

Developing policies, procedures, and plans to help clients meet their FedRAMP, FISMA/RMF and CMMC compliance goals.

Prepared Security Assessment Reports (SAR) in which all the weaknesses are reported.

Supporting management of client satisfaction at all phases of the client relationship.

Managed Security Control Assessment schedules for the client's systems to ensure system remain compliant with Confidential and Continuous Monitoring requirements.

Delivery team support, including identifying process improvements and training.

Developing methodologies, templates, whitepapers, work instructions, guidelines, forms, tools, blogs

Creating industry consistency and intellectual property for stackArmor products and services

Client work, including:

oDirectly working on client engagements, supporting delivery QA and subject matter expertise.

oDeveloping and delivering whitepapers and custom webinars/presentations.

oSupporting the management of client satisfaction at all phases of the client relationship.

oContinuous professional development in maintaining industry-specific certifications, building and maintaining a strong depth of knowledge in the practice area.

Planned Systems International

Information System Security Officer 1/2018 – 12/2020

Key responsibilities

Ensured proper system categorization using NIST 800-60 and FIPS 199; implement appropriate security controls for information systems based on NIST 800-53 rev 4 and FIPS 200.

Assisted in conducting security assessment interviews to determine the Security posture of the System.

Developed a Security Assessment Report (SAR) in the completion of the Security Test and Evaluation (ST&E) questionnaire using NIST SP 800-53A required to maintain Company Authorization to Operate (ATO), the Risk Assessment, System Security Plans, and System Categorization.

Conducted assessment on Management, operational and technical Security Controls.

Created, updated, and closed POA&M s in CSAM.

Assisted in review, maintaining, and ensuring all assessment and authorization (A&A) documentation included in the system security package.

Performed information security risk assessments and assist with the internal auditing of information security processes. Assessed threats, risks, and vulnerabilities from emerging security issues and identified mitigation requirements.

Work with system owners to develop, test, and train on contingency plans and incident response plans.

Tests, assess, and document security control effectiveness. Collect evidence, interview personnel, and examine records to evaluate effectiveness of controls.

Review and update remediation on plan of action and milestones (POA&Ms). Work with system administrators to resolve POA&Ms, gathering artifacts and creating mitigation memos, residual risk memos and corrective action plans to assist in the closure of the POA&M. Understand the software development life-cycle (design, develop, implementation, testing).

Analyze problems to determine technical solutions.



Contact this candidate