VICTORIA OFFONG
Sec+, ITILv*
Phone: 832-***-****.
adxuyv@r.postjobfree.com
PROFESSIONAL SUMMARY
Information systems security analyst Specializing in IT Security Management, and IT Governance and Compliance. Experience using NIST 800 Special Publication for information systems compliance and security review leading to achievement Authorization to Operate for organizations. Experience using automated cybersecurity threat management tools such as Nessus, Qualys, Nexpose to monitor and detect cyber security threats and vulnerabilities.
AREAS OF EXPERTISE
Security Regulations, Standards and Compliance
Info Security Operations
Collaboration & Leadership Skills
Intrusion Detection/Prevention Systems
Infrastructure Vulnerability Assessment
Conflict Resolution and Management
Cyber Risk Policy Development
Frameworks – NIST, ISO 27000, CIS, ITIL
Data and Application Security Management
HIPAA Compliance
Nexpose/Nessus Vulnerability Management
Risk Management Framework
DevOps Process & Security Best Practices
SDLC methodologies
PROFESSIONAL EXPERIENCE
3T Solutions Consulting June 2017 – Present
Security & Compliance Analyst
Keep abreast of new regulatory concerns and creating compliance control solutions by staying informed and proactive.
Conducts audit-readiness and remediation analyses as well as compliance evaluations of controls for the systems under consideration.
collaborates with technical teams, providing guidance on relevant control requirements and possible responses to them.
Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence
Supports the gathering of proof and the documentation of audits, both internal and external
Drives remediation actions with stakeholders, such as creating plans for remediation, monitoring, and reporting progress on remediation
Performs continuous monitoring activities and track control health metrics
Creates and oversee corporate GRC projects
Analyze security procedure violations and developed plans to prevent recurrence
Assist with maintaining compliance for organization communication systems including laptops and other mobile devices
Participate in System Patch and Change Management to ensure organizational assets have the latest updates to reduce vulnerabilities
Performed host security assessment and implemented appropriate security controls to mitigate the cybersecurity risk to the organization
Contributed to the development of information security policies, standards, and procedures
Serve as internal analyst to business development, and infrastructure teams, advising internal business units with current information about best practices, changes to the threat landscape and security related issues
Experience supporting customer HIPAA Compliance Assessment Program by connecting and working with external and internal teams to achieve certification
Review vulnerability scan results and transferred results on the Plan of Action & Milestones (POA&M) to be remediated
Work closely with the Risk Management teams to ensure identified risks and all pertinent information is captured for risk analysis and are incorporated in the appropriate risk register
Ensure that security plans, controls, processes, standards, policies, and procedures are aligned with organizational cybersecurity and compliance policies.
Harris Health System, Houston, Texas
Licensed Vocational Nurse – Cardiac Telemetry Unit August 2012 – June 2017
Provided direct patient care and collaborated with interdisciplinary teams to ensure quality care
Managed and maintained accurate medical records and ensured patient confidentiality
Trained and mentored new nurses on healthcare regulations, policies, and procedures, including HIPAA and other privacy laws
Partnered with team of registered Nurses to achieve overall safety and well-being of patients
Ensured that unit was “audit ready” by scheduled departmental in-service sessions and quality improvement programs to Reinforce on OSHA and HIPAA Compliances
Reinforced Quality Control procedures and infections Control
Set up new patient cardiac monitor equipment correctly, verify with nurse patient’s name, date of birth, medical record number and box number. Monitor patient’s heart rhythm pattern on special care unit of hospital, using Telemetry equipment. Observe cardiac monitor screen and listen for alarms to identify abnormal variations in heart rhythm
Reviewed patient’s strips, measured the length and height of patient’s heart rhythm pattern on graphic tape readout, using callipers to determine normal heart rhythm pattern, current pattern, and prior variances
Interpreted patient’s rhythm
Accurately Documented results/findings electronically in EPIC Systems, according to established procedures
Compiled patient chart. Electronically transferred patient from one floor/unit to the other.
EDUCATION
Licensed Vocational Nursing – College of The Mainland
Maritime Transport & Business Studies – Maritime Academy
CERTIFCATION
Security Plus
Certified Scrum Master – Scrum Alliance
ITIL v4
Qualys Certified Specialist – Vulnerability Management