Regulatory Compliance Third Party
Resume:
Michael Adepoju
Security/Compliance Engineer
adyca7@r.postjobfree.com
Summary:
Bringing excellent communication, project management and interpersonal skills acquired security knowledge into practice and facing challenges, data loss prevention roles, framework, metrics, reports, and Hippa in the healthcare operation.
Looking to give efficient and effective solutions that would help the organization achieve the best practice; Thereby increasing the productivity standard controls in the industry.
Information security experience, preferably in designing and implementing Cloud infrastructure management engineering, and operations, which includes personalization design, privacy, governance, life cycle, planning, configuring, troubleshooting, and supporting cyber threat intelligence, vulnerability management, scanning, and penetration testing.
Technical skills:
Security/Systems impact Analysis Product owner experience, SWOT Analysis, GAP Analysis, UML, SDLC, Rational unified process, Cost-Benefit Analysis, Cost effect Analysis Plainview, Active Directory, understanding governance, and privacy standard control assessment framework, POA&MS.
MS-Project, Jira, Salesforce, sap, service now. Citrix Enterprise Anti-Virus Software: Symantec Backup Exec, SAN, NAS, UPS, Dell & HP system Management and Inventory. Operating Systems (OS): Microsoft Windows Server 2008, 2012, 2016, 2019, Windows 7, Windows 8, Windows 10.
Virtualization, Infrastructure management: VMWare, Hyper-V, Oracle Virtual Box, Windows Virtual Machines networks
Directory Services: Active Directory Administration, Group Policy (GPO), Active Directory (DirSync), ADDS, (DLP) Data Loss Prevention. Symantec, McAfee, Proofpoint.
Implemented DLP life cycle, creating Dashboards, data controls and metric gap stages in enterprise networks.
Migration Tool (ADMT), Identity Management, Active Directory Federation Services (ADFS), Azure AD, AD Connect
Software: Office 365 (E1/E3/E5), Microsoft Office 2016, Office 2013, Office 2010 (e.g., NIST Standards-CSF, FFIEC CAT, CCPA/CPRA, ISO 27000 Series, Fedramp, Fisma, Fips, COBIT, COSO, SOC 1/2, FAIR, PCI-DSS.
Disaster Recovery Plan (DRP)/ Business Continuity Plan (BCP): Design and Implementation,
Symantec Backup (Full, Incremental, Differential), Restore, RPO (Recover point objective), RTO (Recover Time objective) Endpoint.
Mobile Devices: MDM, ActiveSync, Microsoft Windows Intune, Android, iPhone
Monitoring: Solar winds, Systems Center Operations Manager (SCOM), Microsoft System Center
Configuration (SCCM), MS NetMon, Nessus, Qualys, Splunk, Siem, McAfee, Azure DLP protection, Resource Manager.
Analyse and interpret data from multiple sources (clinical trials, safety databases, reports.
Security Controls: RBAC, Windows Firewalls with Advanced security, MFA (Digital security controls),
Patching for Compliance. Exchange Online security data Protection, Advanced Threat Analytics,
Azure Advanced Threat Protection, Azure Information Protection, Physical Security controls, MCAS (Microsoft Cloud App Security).
Strong collaboration liaising with clients, vendors, and management team on strategic planning.
Adhered to GRC third-party risk compliance, HIPPA regulation and guidance act of group policies protection.
Detection and Response (EDR), Rapid 7, Windows Defender, Crowd-Strike, Nessus, Qualys, Trend Micro Rational Rose Installation and configuration of various desktop applications and software packages, Knowledge of SQL, Bash Scripting, HTTP, MS Access, TCP/IP and networking configuration Knowledge of Windows installation, configuration troubleshooting, vulnerability research, malware analysis, Security system development and implementation, testing, Business intelligence.
Technical Exposure:
Skills/Training: CCNA, CCNP, MCSE, SQL, Excel, MS Outlook, PowerPoint, Exchange Server, Networking+, Linux/Unix, Windows Vista/XP/7/8
Wired: PSTN, ISDN, and SS7.
Protocols: MTP, ISUP, TUP, SCCP, TCAP, and INAP.
Wireless: Cellular Communications - GSM, GPRS, EDGE, CDMA, UMTS.
Protocols: LAPD, CC, MM, RR, SS, SMS, DTAP, BSSMAP, MAP, and CAMEL.
Networking: TCP/IP, TCP, UDP, ARP, RARP, ICMP, RIP, OSPF, BGP.
VOIP: H.323, SIP.
VoIP Protocols: RTP, RTCP, RTSP.
Certifications:
CISA
AWS Machine Learning Basics.
Microsoft Azure Security.
EC Council Security CEH
Advanced Wireless Communication.
Professional Experience:
Dexperts/Optum, Irving Texas. June 2022 – March 2023
Endpoints Security Analyst
Communicated with clients across business needs, translating security risk complexity to business-relevant concepts.
Installation, configuration, support, and troubleshooting of various systems and network issues.
Performed Nist risk management framework processes improvement and vulnerability analysis / Assessment of the agency’s assets within the environment using 3rd party tools digital Guardian 7.0 software. Rapid 7 and Tanium.
Collaborated with a support team to assist client stakeholders with emergent technical issues, develop effective solutions, and conferred with vendors to obtain replacement hardware or software and escalate more complex concerns.
Created and consolidated security dashboards using Tanium, and Azure security, for compliance checklist and Azure governance. streamlined data with policy standards and reporting metrics and KPIs to end users and stakeholders.
Updated hard copy training manuals on various software packages that were used within the company and at remote offices.
Performed unified endpoint management using Siem, Qualys, Nessus, Rapid 7, and Tanium / McAfee Mvision software.
Performed data classification and data loss prevention and exfiltration with McAfee.
Conduct design and architecture of Endpoint Security Solutions to deliver proactive protection by configuring controls and policies (Anti-malware, AppLocker, BitLocker, Windows device control, Enhanced Mitigation Experience Toolkit (EMET), Firewall management, Software Restriction (SRP), and Remediation policies) and enforcements using Tanium Protect.
Configured compliance standards from patch list, new patch build, organization recommendation, or Adhoc and use of labelling.
Monitor security logs to identify key events and incidents that require hands-on investigation.
Perform Level 2 and Level 3 computer security incident response activities including coordinating with the third-party Security Operations Center (MSSP) and third-party forensic firms including Verizon Breach Services
Perform on-demand industry-relevant compliance checks (PCI DSS, HIPAA) vulnerability scans to boost security hygiene, prepare for audits, and improve workflow regulatory compliance using Tanium Comply and Tanium Protect Module.
Performed vulnerability assessment scan test using crowd strike for the auditing process.
Analyse triage anomalies to ensure appropriate identification of risk and recommend security solutions.
High-level, hands-on coordination of AWS platform capabilities and core services (EC2, S3, IAM, VPC, Cloud Watch management, Load balancing Configuration).
Tanium Threat Response: To detect, investigate, and respond to threats with a single solution. To hunt, detect, investigate, contain, and remediate threats and vulnerabilities with unparalleled speed and scalability.
Implemented the use of (RBAC) supports two role categories of admin, permission to custom-create, edit, or delete custom platform or module content roles.
Tanium Integrity Monitor: Simplify regulatory compliance and file integrity monitoring. Improve the effectiveness of file integrity monitoring enterprise-wide and simplify regulatory compliance at scale.
Tanium Protect: Modernize and Simplify Endpoint Protection. Unleash native security controls' full potential.
Optimum Healthcare, Jacksonville, Florida June 2017 – July 2022
Security/Compliance
Tanium Comply: Performed industry-relevant compliance checks CVE after vulnerability scans on-demand to boost security hygiene, prepare for audits, and patch to improve regulatory compliance.
Create database reports (CSV format) to identify CVEs and Prepare for an audit by aggregating assessment results using the Tanium Protect Module
Tanium Reveal: To reduce risks of data exposure, mitigate the impact of breaches, & meet regulatory compliance. Quickly identify sensitive data at rest across all your endpoints, at scale.
Analyse and triage anomalies to ensure appropriate identification of risk and recommend security solutions.
Managed roles using role-based access control (RBAC) to allow permissions to specify allowed activities or deny permissions to specify prohibited activities. You assign roles to users, user groups, and personas to control what users can see and do in the Tanium Core Platform.
Applied Tanium Comply for reports to create or use standard assessment on vulnerability scans on-demand to boost security hygiene, prepare for audits, and improve regulatory compliance and Tanium Protect Module.
McAfee Conduct design and architecture of Endpoint Security Solutions to deliver proactive protection by configuring policies (Anti-malware, AppLocker, BitLocker, Windows device control, Enhanced Mitigation Experience Toolkit (EMET), Firewall management, Software Restriction (SRP), and Remediation policies) and enforcements using Tanium Protect.
WPI (Windows Platform Initiatives, RFT (release for testing) \RFP (release for production) and performing client upgrades as migration from Tanium Protect to Tanium Enforce.
Monitor security logs to identify key events and incidents that require hands-on investigation.
Perform Level 2 and Level 3 computer security incident response activities including coordinating with the third-party Security Operations Center (MSSP) and third-party forensics.
Physician Technology Partners/Nuance, Beavercreek, Ohio May 2017 – Nov 2019
Security/Compliance
Wrote business specifications and forwards them to technical staff for system development Optimization and supported physicians with one-on-one personalization, customization, and evaluation of end-users.
Worked with clients / end-users to integrate and support business process improvement via a live chat end-user support system.
Trained users on Nuance Dragon Dmo personalization. Speech Engine, Nuance licensing, Vocalizer.
Used practice manager scheduling and patient-registration operations, while utilizing an electronic health record application, (inpatient, outpatient, pre-registration, and emergency trauma) without compromising high-quality standards.
Certified Live Chat for Allscripts Professional, Allscripts Torchworks, Allscripts Sunrise, Sorian.
Escalation points for clients and internal customers regarding technical or client satisfaction issues.
Extracted and analysed specific demographic data and patient identification/history correct data entry and chart completion and charting track.
Coordinated the work of project teams, track progress, communicate status, and ensure quality.
Teamed at Allscripts which utilized the Global Managed Services (GMS) team to assist with configuration, testing, and training for major upgrades to Allscripts 15.1. Served as a liaison between the GMS team and Allscripts.
any scale with visibility, speed, and control.
Coordinated and implemented network security measures to protect data, assisted in analysing system risk to identify and implement appropriate security countermeasures
Handled software upgrades and installations, PC imaging and configuration, Created and maintained liaison with vendors for warranty and troubleshooting issues.
Developed information security policies and ensured compliance with ISO 27001 standards and HIPPA guidelines.
Trained end users on proper security protocols to minimize cyber security attacks, document control, and loss prevention.
Dexis/Randstad, Duluth, GA January 2015 – May 2017
Security Analyst
Phone support resolving software/hardware issues, root cause analysis, maintenance, and increase quality technical evaluation scoring.
Liaison between the development team and operations enhancing workflows through JIRA.
Responsible for identifying and resolving 70% of escalations to support queues and production application interface. Service now, Toad, Oracle, SQL Excellent standard SQL command/syntax.
Troubleshooting /evaluating dental devices e.g., Intraoral cameras/sensors/3rd party hardware.
Remotely triage using Bomgar Training and assist users around the country.
Perform software testing/installations and upgrades/patches/ file transfer/ data /server migration.
Contribute and update knowledge base information system wiki for commonly occurring problems.
Document issues and resolutions thoroughly in CRM/SAP Warranty, RMA processing, and tracking.
Provide exceptional customer service and front-line support via ACD (automatic call distribution),
outbound calls, email, fax, or other methods as specified within company standards and guidelines.
Software license management registration – work with OSS and SLA teams to solve issues within SLA guidelines to inventory and manage all hardware warranty and software license renewals.
Prime Atlantic/Cegelec, October 2011 – March 2013
Sr Help Desk Analyst
Provided technical support, evaluated hardware and software compatibility; managed systems resources Installed, configured, delivered upgraded, troubleshot, and maintained PCs/network testing, upgrading, and modified hardware operating systems by business goals.
Diagnosed and resolved problems in response to customer-reported incidents. Supported data backup/recovery, and communications. Installed integration of systems fixes, updates, and enhancements.
Maintained network services, such as DNS, DHCP, SNMP, TCP\IP, WINS, and FTP. Installed, configured, and troubleshot network workstations, server monitoring tools, and peripherals and instructed customers in logging on and accessing network services.
Threat intelligence, vulnerability management, vulnerability scanning, penetration testing, vulnerability research, malware analysis, and countermeasures.
Nethergate Energy January 2010 – September 2011
System Admin Support
Assisted with system outages, software data upgrades, and help desks. In-depth knowledge of LAN\WAN installation, implementation/testing, configuration, customization, optimization, and maintenance of routers, switches, bridges, hubs, and pix firewalls.
Install, configure, and update patches to Windows operating systems (Windows 7 & 8)
Use RDP, telephone, and Microsoft Lync to connect to users to diagnose, troubleshoot and resolve technical problems Install and configure hardware, software, phone, and other applications.
End-user support includes adding new users, resetting passwords, and enabling locked accounts.
Insight Communications October 2009– January 2010
Telecom Network Support Engineer
Responsible for daily operational duties on enterprise network routing, content routing, switching, firewall, and VPN configurations, modifications, and installations.
Coordinate with voice engineers and data management teams in areas of maintaining, testing, troubleshooting, and resolving a wide variety of network issues.
Handled tasks of providing high-level backup support to operations and maintenance personnel as required, and developed documents and procedures for newly deployed systems.
Education:
Bachelors in computer science from Is fop University, Benin 2011- 2015
Bachelors in Zoology from University of Lagos, Lagos State 2003 – 2007
Contact this candidate