Security Analyst Officer
Resume:
MARIAN SESAY
**** ******* *** *******, ** **** ***********@*****.*** Cell: 240-***-****
CYBER SECURITY ANALYST
A security professional with profound experience in cyber and network security analysis/response. Experienced in information assurance, risk management, vulnerability analysis, authorization & accreditation, and POA&M management. I have worked in various capacities as a team member with mission-critical and time-sensitive projects. Highly skilled in the use of frameworks such as NIST, RMF, FISMA, HIPAA, OMB App. III A-130 and Fed-RAMP, and well versed in implementing security solutions both on-premises infrastructure and on the cloud. Adapt to changes quickly and a fast learner. Possesses a unique ability to evaluate, recommend and implement technology solutions to simplify day-to-day operations and to improve overall performance using extensive knowledge and skill set.
KAISER PERMANETE LARGO, MD SEP. 2020 – AUG. 2022
Information System Security OFFICER (ISSO)
Conduct Self-Assessments on the assigned IT systems to include but not limited to, assessing security controls for compliance and addition artifacts to each of these controls, identifying vulnerabilities/findings thereby developing and tracking remediation activities in the Plan of Action and Milestones (POA&M)
Create and update FIPS 199 for the categorization of the assigned systems when there are major changes in the systems.
Develop, update, and maintain the System Security Plan (SSP) to include Security control baselines, Security control inheritance, SSP implementation statements, Technical
Descriptions, System Description narratives, Network diagram and Hardware/Software
Inventory listings.
Provide cybersecurity input into the design and development of applications and systems, assess the security posture of the application/system by identifying applicable NIST SP
800-37 RMF requirements and advising system owners of the process and assist in managing the risk.
Create and update Privacy Impact Assessment for the assigned systems.
Review and analyze the Tenable Nessus scans vulnerabilities.
Develop, update, and maintain a Configuration Management (CM) Plans
Perform Risk Management Framework (RMF) activities to achieve Authority to Operate
(ATO) for my system.
Develop and maintain system security plans, business impact analysis (BIA), Privacy threshold analysis (PTA), incident response plans and other Information Assurance (IA) documents.
Scope/Tailor NIST SP-800 53 Rev.4 and 5 controls with financial significance high and moderate information systems to identify and select key controls within support of A-130 audits.
Ensure compliance to guidance, standards, and regulations such as NIST Special
Publications, FIPS, HIPAA and other federal regulations and policies.
CAPITAL LLC, LARGO, MD DEC 2020– SEP. 2021
CSOC Detection Analyst
●Provided log analysis of enterprise-wide network activity to determine the timeframe and identify the root cause of potentially malicious activity from threat actors.
●Identify and analyze security violations of policy and standard and envelop plan of actions and milestones (POA&M) for documenting, prioritizing, remediating, and monitoring corrective action. Review information system documentations for compliance, this includes System Security Plan, Contingency Plan, Risk Assessment Report, etc.
Develop, review and update Information Security System Policies, System Security Plans (SSP), and Security control baselines in accordance with NIST, FISMA, OMB App. III A-130, NIST SP 800-18 and industry best security practices.
Interface with system owners and administrators to present the vulnerability from the technical assessment, identified from the review of security control document findings from the interview, and recommend remediation.
Develop policy and procedural controls relating to Management, Operational and Technical Controls for the Organization.
Advise Service Units and System Owners on the security of their IT infrastructure based on the guidelines of the Organization’s IT Security Directives and NIST Special Publication 800-53 Revision 4 Standards.
Perform the role of Security Control Assessor of General Support Systems (GSS), Major Applications and Systems to ensure that such environments are operating within a strong security posture.
Create ATO package documents; SSP, SAR and POAM based on the security assessments performed on systems.
Review and update some of the system categorization using FIPS 199.
Develop Contingency plans, Disaster Recovery Plans and Incident Response plan for Information Systems using NIST SP 800 – 34.
Perform continuous monitoring after authorization (ATO) to ensure continuous compliance with the security requirements.
Ensure timely completion and testing of all POA&M actions to meet agency deadlines.
Communicate effectively through written and verbal means to co-workers and senior leadership.
Perform Security Assessments to determine if controls were implemented correctly, operating as normal and meeting desired objectives.
Perform the role of Security Control Assessor by reviewing the artifacts and implementations statements provided by the ISSO on a system to determine if the security controls are yielding the desired result.
Develop systems that assist the organization to secure the CIA by categorizing and selection of controls using NIST SP 800 60, 800 53 and FIPS 199 and 200.
MEDSTAR, WASHINGTON, DC. APR 2019 – DEC. 2020
IT Security Specialist
●Developed and maintained an Incident Response process that integrates with processes managed by Business Conduct, Privacy, Physical Security, and Public Affairs groups.
●Identified and investigated Indicators of Compromise (IOCs).
●Translated cyber threat intelligence into actionable monitoring strategies through effective threat modeling.
●Responsible for re-architecting vulnerability management platforms, moved to hybrid Agent and Network based scanned.
●Worked with a network team on designed, configuration and implemented of network access control systems, with respect to security.
●Responded to security incidents escalated by MSSPs and other teams.
●Contributed to the formulation and maintenance of an enterprise-wide disaster recovery and business continuity plan.
●Provided input on the development of Service Level Agreements, Recovery Point Objectives, and Recovery Time Objectives
●Implemented IPS, DLP and UTM features on the firewall for added security purposes.
●Discovered networks anomalies and malicious traffic using advanced analytics and hunting techniques.
●Cybersecurity Monitoring with focus on HIPAA, PCI etc.
●Securing network systems against potential attacks.
●Manages and executes multi-level responses and addresses reported or detected incidents.
●Utilized MITRE ATT&CK in performing post-incident analysis to determine various phases of adversary behavior.
●Identify adversary tactics, techniques, and procedures (TTPs) and help develop actionable detections for mitigation.
●Developed automation tools to assist in remediation of security incidents.
●Maintained and developed playbooks for SOAR platforms.
●Assisted in training of new hires and mentoring of new analysts.
●Built metric reports and presented them to senior management to aid in strategic decision making.
●Coordination of tabletop exercises to improve response procedures.
●Utilized various threat hunting methodologies to proactively identify IoCs in production environments.
●Performed initial malware analysis to aid in investigations and response.
●Creation of baselines for advanced hunting of threats
●Detonate malware in a controlled environment to assist with threat research and intelligence gathering.
●Performed various functions as part of the Cyber Incident Response team to promptly respond to security incidents.
EDUCATION
UNIVERSITY OF SIERRA LEONE, WEST AFRICA
Bachelor’s degree in business management
COLORADO TECHNICAL UNIVERSITY, COLORADO
●Bachelor of Science in Computer Science /Information Technology in Process
●Certified Ethical Hacker in Process
●CISSP in Process
INDUSTRY CERTIFICATION
●CompTIA Security Plus CE
EXPERTISE
Advanced Threat Protection Incident Response Endpoint Protection Threat Modeling MITRE ATT&CK Framework Cyber Kill Chain APT Data Loss Prevention Network Security Monitoring Penetration Testing Malware Analysis Vulnerability Management
Security Apps: Nessus, DbProtect, Microfocus WebInspect, RiskVision (GRC Agiliance) and XACTA /CSAM tools, Twistlock, AWSProductivity: Microsoft Word, Project, Excel, PowerPoint
OS: Microsoft Windows 7, 8, 10, Server 2008, 2012, Linux
Contact this candidate