Post Job Free
Sign in

Cyber Security Risk Management

Location:
Independence, MO
Salary:
$0000
Posted:
August 21, 2023

Contact this candidate

Resume:

Houston, TX *****806-***-**** • **********@*****.*** •

linkedin.com/in/jonah-ashu-675a31228/

Jonah Ojong Ashu.

Vulnerability Manager & GRC specialist

Summary

● Solutions oriented and self-motivated Cyber Security professional /AWS Solutions Architect with 6+ years of experience in managing and configuring networks, infrastructure management, storage area networks, and implementing best practice to ensure compliance with NIST, HIPAA, SOC, PCI-DSS.

● I have provided Invaluable hands-on expertise with firewalls, network security, and database administration to several customers, handled day-to-day cyber security operation, coordination, in M/W Construction, cyber security advice for network Hardening to stay incompliance with different government regulatory policy framework mention above.(NIST,HIPPA, SOC,PCI-DSS). Received

$1,700,000million cyber security insurance policy by using the Minerva risk management platform to protect M/W Construction against ransom ware attack.

● Properly and efficiently management of $2.200,000million annual revenue targeted for overseeing cyber security projects and operational cost in Wal-Mart.

● Provide operational support for security operations such as endpoint protection, email security with encryption, vulnerability scanning, firewall configuration, DLP, IDS/IPS, VPN, encryption and cryptography, routers, network access control,proxy servers. Area of Expertise

● Senior Cyber Security Engineer & Vulnerability management

● Compliance such as HITRUST, HIPAA NIST and SOC. HTTP

● Phishing and social engineering Preventive measures

● Application security professional

● Cloud security professional

● Security analyst

● Cryptography professional

● IT Project Management

● Vulnerability Threats Management

● Risk Mitigation & Analysis

● Cyber Security Engineering

● Malware analyzer

● Security architecture engineer

● Leadership & Training

● Vendor Management

● IAM professional

● Risk and compliance.

● Cyber security and the law.

● Incident Response.

● Risk management and remediation.

● Penetration testing

● Network application engineer

● OSCP defensive security

Tools used include intrusion detection and prevention systems, Systems and application logs, SIEM, Antivirus software, file integrity checking software, Anti-spam software, firewalls, Network Analyzer Availability monitoring vulnerability scanners.

Software Skills

Microsoft sentinel.

Houston, TX 77045 • 806-***-**** • **********@*****.*** • linkedin.com/in/jonah-ashu-675a31228/

Web proxy; force point zscale EDR (Carbon Black, Crowd strike,NGFW and intrusion detection and prevention solution,palo Alto cisco FTD Vulnerability management solution (Qualyst Tenable),Scripting language python and power Shell, SIEM

Technical Skills

● Penetration testing and Application Scanning,

● Guard Duty, Cloud Front, Dynamo DB, Cloud Watch, Docker Containers, EMR, Lambda, CI/CD, AWS Shield, S3 Glacier, Kubernetes, API, Amazon Macie, AWS Glue, GIT, Terraform, Jenkins, Cloud passage, SNS, SQS, VPC Peering, Transit Gateway, Athena, Quick Sight, Data-Pipeline,

● Amazon Redshift, OWASP, Route 53 Data sync, Step Function, OpenVPN, DNS, Log Analysis, Cloud Trail, Config, Python, Cloud Formation, Barracuda, Ansible, Dome9, Data-Dog Education

● Bachelor of Science: Biochemistry 09/2005

University of Yaoundé 1

Certifications

● CISA - (Certified) HARVARD UNIVERSITY ONLINE

● Cyber security risk management (Certified) HARVARD

● AWS Security Specialty – (Certified)

● CompTIA Linux+ - (Certified)

● AWS Certified Solutions Architect Professional (In-view) Work Experience

Wal-Mart – Houston, TX (Remote) - 07/2016 - Present Cyber Security and vulnerability manager

● Developed designs using extensive experience and knowledge of cloud service providers such as Amazon Web Services (AWS).

● Provided advanced support, troubleshooting, architectural design, and management of the overall health of infrastructure solutions.

● Security Management Working knowledge of DoD HBSS, ACAS, STIGs, and IA Vulnerability Management

(IAVM).

● Implemented automation, leveraging DevOps best practices for CI/CD, IAC, and Containerization.

● Maintained all leveraged services within a managed service environment.

● Worked in a fast-paced environment both independently and in a team.

● Migrated applications to the cloud, automation through various tools both AWS native and third-party.

● Designed, deployed and maintained enterprise class security, network and systems management applications within an AWS environment.

● Led the implementation of IAM architecture, processes, and governance; and also worked with various engineering teams to quickly enable SSO for POCs or production applications, enforcing SAML2.0 and OIDC and Federation, Privileged Account Management.

● Experienced with Static and Dynamic Application Security Testing (SAST/SCA/DAST) tools for automation of security system testing in Agile - Example vendors: SonarQube, Snyk, Synopsys, Veracode, Checkmarx.

● Built AWS CloudFormation using the Infrastructure as Code (IaC) approach. The environment was built following NIST 800-53 security guidelines, in compliance with the DoD SRG IL5 risk impact level.

● Assisted clients in the selection and tailoring of approaches, methods, and tools to support cloud adoption for secure migration of existing workloads to a cloud vendor. This may cover services such as tenant setup and service configuration focused on cloud cyber risk mitigation, IAM (e.g., PIM/PAM, MFA, Houston, TX 77045 • 806-***-**** • **********@*****.*** • linkedin.com/in/jonah-ashu-675a31228/

SSO, Conditional Access), data protection (e.g., DLP, encryption, PKI), network security (e.g., firewalls, WAF), etc.

● Participated in architectural discussions with customers when building new and migrating existing applications on a multi cloud platform including both Azure and AWS cloud platform.

● Monitored resources and applications using AWS Cloud Watch including creating alarms to monitor metrics for services like EBS, EC2, ELB, RDS, S3

● Architected dev-test environment, utilizing Virtual Networks, VPN, Express Route/Direct Connect, V net/subnets, Network Security Groups, Load balancers.

● Encrypted Amazon RDS as an added layer of security.

● Recommended and managed transmission protection requirements for all environments (systems, applications, containers, etc.) such as VPC peering best practices, SSL certificate management, key pairs.

● Created and executed a strategy to build mindshare and broad use of AWS within a wide range of customers and partners.

● Supported the Cybersecurity Risk Management Lifecycle (RMF) mission by developing new methods to ingest compliance data and facilitate continuous monitoring.

● Designed for client opportunities in one or more AWS Competencies or general cloud managed services.

● Created a lift and shift process model clearly defining the individual steps of the lift and shift process.

● Designed and implemented monitoring and protection capabilities to help identify and protect against DoS attacks, MITM, EC2 instance compromise, secret compromise, etc.

● Managed SIEM tool and created Splunk knowledge objects (Apps, Dashboards, Saved Searches, Scheduled Searches, Alerts).

● Focused on containerization and immutable infrastructure.

● Experienced with "on-premises to cloud" migrations and IT transformations with the aid of AWS solutions, promoting the use of industry best practices, security frameworks, automation and standardization.

M&W Construction (Part time) – Houston, TX

Cyber security engineer

● Created and managed launch configurations for enterprise scale infrastructure.

● Leveraged Cloud security fundamentals to combat Cyber threats as they relate to the Cloud

● Implemented solutions for complex deployments in the Cloud leveraging AWS.

● Automated snapshot backup, stopping and starting EC2 servers using Ansible playbook I wrote.

● Manually built over 300 VPCs, creating both private and public subnets, security groups, network access lists and configuring internet gateways to drive traffic to VPC.

● Reviewed/Monitored entire environment and execute initiatives to reduce failures, defects, and improve overall performance.

● Provided incident management support on escalated trouble tickets when necessary.

● Deployed hundreds of Amazon Workspaces and App Stream 2.0 for end users.

● Conducted education/training sessions for AWS cloud services and offering guidance in infrastructure movement techniques including bulk application transfers within AWS cloud platform.

● Experienced using written Production-ready automation code to implement solutions with Puppet, Ansible, Cloud Formation, Terraform

● Designed production, staging, QA and development Cloud Infrastructures.

● Created solutions using PaaS with cloud platforms such as Azure.

● Managed AWS-provided portal account access credentials and privileges.

● Reviewed and evaluated current access routes, sites, vendor integration points, and security platform v integrations; recommended improvements and develop corrective strategies to improve security prior to implementation.

Houston, TX 77045 • 806-***-**** • **********@*****.*** • linkedin.com/in/jonah-ashu-675a31228/

● Rotated IAM access keys regularly and standardize on a selected number of days for password expiration to ensure that data cannot be accessed with a potential lost or stolen key.

● processes that enable the enterprise to develop and implement secure solutions and capabilities that are clearly aligned with the business, technology, and threat drivers.

● Inculcated Strong understanding of information processing principles and practices.

● Worked leveraging technical knowledge for networking, storage systems and computing platforms including Amazon AWS, .NET, Windows, and CI/CD pipelines.

● Ensured all IAM users have multi-factor authentication activated for their individual accounts and limited the number of IAM users with administrative privileges.

● Rotated IAM access keys regularly and standardize on a selected number of days for password expiration to ensure that data cannot be accessed with a potential lost or stolen key.

● Turned on Redshift audit logging in order to support auditing and post-incident forensic investigations for a given database.

● Encrypted data stored in EBS as an added layer of security



Contact this candidate