VICTORIA OFFONG

Sec+, ITILv*

Phone: 832-***-****.

adxuyv@r.postjobfree.com

PROFESSIONAL SUMMARY

Information systems security analyst Specializing in IT Security Management, and IT Governance and Compliance. Experience using NIST 800 Special Publication for information systems compliance and security review leading to achievement Authorization to Operate for organizations. Experience using automated cybersecurity threat management tools such as Nessus, Qualys, Nexpose to monitor and detect cyber security threats and vulnerabilities.

AREAS OF EXPERTISE

Security Regulations, Standards and Compliance

Info Security Operations

Collaboration & Leadership Skills

Intrusion Detection/Prevention Systems

Infrastructure Vulnerability Assessment

Conflict Resolution and Management

Cyber Risk Policy Development

Frameworks – NIST, ISO 27000, CIS, ITIL

Data and Application Security Management

HIPAA Compliance

Nexpose/Nessus Vulnerability Management

Risk Management Framework

DevOps Process & Security Best Practices

SDLC methodologies

PROFESSIONAL EXPERIENCE

3T Solutions Consulting June 2017 – Present

Security & Compliance Analyst

Keep abreast of new regulatory concerns and creating compliance control solutions by staying informed and proactive.

Conducts audit-readiness and remediation analyses as well as compliance evaluations of controls for the systems under consideration.

collaborates with technical teams, providing guidance on relevant control requirements and possible responses to them.

Identify control deficiencies and maintain records of deficiency details including management response documentation and exposure check evidence

Supports the gathering of proof and the documentation of audits, both internal and external

Drives remediation actions with stakeholders, such as creating plans for remediation, monitoring, and reporting progress on remediation

Performs continuous monitoring activities and track control health metrics

Creates and oversee corporate GRC projects

Analyze security procedure violations and developed plans to prevent recurrence

Assist with maintaining compliance for organization communication systems including laptops and other mobile devices

Participate in System Patch and Change Management to ensure organizational assets have the latest updates to reduce vulnerabilities

Performed host security assessment and implemented appropriate security controls to mitigate the cybersecurity risk to the organization

Contributed to the development of information security policies, standards, and procedures

Serve as internal analyst to business development, and infrastructure teams, advising internal business units with current information about best practices, changes to the threat landscape and security related issues

Experience supporting customer HIPAA Compliance Assessment Program by connecting and working with external and internal teams to achieve certification

Review vulnerability scan results and transferred results on the Plan of Action & Milestones (POA&M) to be remediated

Work closely with the Risk Management teams to ensure identified risks and all pertinent information is captured for risk analysis and are incorporated in the appropriate risk register

Ensure that security plans, controls, processes, standards, policies, and procedures are aligned with organizational cybersecurity and compliance policies.

Harris Health System, Houston, Texas

Licensed Vocational Nurse – Cardiac Telemetry Unit August 2012 – June 2017

Provided direct patient care and collaborated with interdisciplinary teams to ensure quality care

Managed and maintained accurate medical records and ensured patient confidentiality

Trained and mentored new nurses on healthcare regulations, policies, and procedures, including HIPAA and other privacy laws

Partnered with team of registered Nurses to achieve overall safety and well-being of patients

Ensured that unit was “audit ready” by scheduled departmental in-service sessions and quality improvement programs to Reinforce on OSHA and HIPAA Compliances

Reinforced Quality Control procedures and infections Control

Set up new patient cardiac monitor equipment correctly, verify with nurse patient’s name, date of birth, medical record number and box number. Monitor patient’s heart rhythm pattern on special care unit of hospital, using Telemetry equipment. Observe cardiac monitor screen and listen for alarms to identify abnormal variations in heart rhythm

Reviewed patient’s strips, measured the length and height of patient’s heart rhythm pattern on graphic tape readout, using callipers to determine normal heart rhythm pattern, current pattern, and prior variances

Interpreted patient’s rhythm

Accurately Documented results/findings electronically in EPIC Systems, according to established procedures

Compiled patient chart. Electronically transferred patient from one floor/unit to the other.

EDUCATION

Licensed Vocational Nursing – College of The Mainland

Maritime Transport & Business Studies – Maritime Academy

CERTIFCATION

Security Plus

Certified Scrum Master – Scrum Alliance

ITIL v4

Qualys Certified Specialist – Vulnerability Management

Contact this candidate