Information Security Analyst

INFORMATION SECURITY ANALYST

Godlove Funwi

Forney TX, 75126

Phone: 213-***-****.

Email: ******@*****.***

************@*****.***

CAREER OBJECTIVES:

A passionate and motivated Security Analyst with hands-on experience in Cybersecurity, seeking a position to utilize my experience to secure information systems. I am able to motivate, assist, and work with various IT Security Teams. I am excited to utilize my skills and experience to guarantee the Confidentiality, Integrity and Availability of information Systems.

EXPERIENCE SUMMARY:

Over 7 years of experience in Information Technology, 4 years experience as Security Analyst. Risk Management Framework (RMF)

Incident Response: with tools such as Crowds trike, Carbon Black Data Loss Prevention (DLP) using tools such as Digital Guardian Regulatory compliance, familiarity with NIST 800 Series documents System Assessment and Audit Vulnerability Management with tools such as Qualys, Tenable, Nessus and Nexpose

Cloud Security including IaaS, PaaS, and SaaS

Threat Hunting and Penetrations with tools like Nmap IDS/IPS monitoring and analysis

Policy writing and Review, SOP, IRP, Security Policies SIEM tools such as Splunk

PROFESSIONAL EXPERIENCE

Information System Security Officer

Individual Advocacy Group 01/2021 to Date

Location – Silver Spring, MD

Responsibilities:

Perform network scanning activities using tools like Qualys, Nessus and Nexpose.

Executing Information Security Strategy to proactively identify risk and drive remediation.

Strong documentation skills: writing Standard Operating Procedures (SOP) and Vulnerability Management Policies and Standards.

Demonstrating ability to identify project stakeholders, plan and manage stakeholders’ engagement.

Assisting in the responsibility for the reviewing of vulnerabilities, data from multiple sources

Reviewing and triaging information security alerts, provide analysis, determine, and track remediation, and escalates appropriate.

Implement and manage security tools and processes.

Identity and access management (IAM) ensuring Authorize access by investigating improper access, revoking access, reporting violations, and enabling Multifactor Authentication (MFA) INFORMATION SECURITY ANALYST

Investigate suspicious activities, contain and prevent threats.

Assessing security systems and measures for weaknesses and providing possible improvements.

Installing maintaining and upgrading the organization’s cloud computing environments and core infrastructure

Providing guidance on operations of secure cloud infrastructure, platforms, and software

Counseling project teams’ application owners, and other information Security teams on information security controls

Providing support on Incident strategies, processes, response and technologies to Security operations and other teams.

Collaborating cross- functionally with Analysts, engineers and data scientists to achieve continuous improvement in cyber defense/resilience.

Perform scheduled and on demand scanning activities of both corporate and cloud environments utilizing Qualys and Nessus

Providing consultation for system owners for impact analysis before remediation

Assisting in implementing risk modeling concepts and frameworks.

Influence stakeholders to prioritize and execute risk management initiatives and drive remediation of process and technology gaps

Assist in interfacing with third-party vendors and other organizations in improving the overall scanning process.

Help to formulates vulnerability management frameworks and working structures for initiatives associated with infrastructure technology and solution delivery teams.

Performing assessments and penetration testing activities

Troubleshooting security and network problems

Responding to all system and network potential security breaches

Participating in the change management process

Testing and identifying network and system vulnerabilities

Daily administrative tasks, reporting and communication with the relevant departments in the PROFESSIONAL EXPERIENCE

Cyber Security Analyst/Assessor

WIPRO Limited 01/2018 - 12/2020

Location – Alabama

Responsibilities:

Assessing security systems and measures for weaknesses and providing possible improvements.

Perform installation, maintenance, upgrade, and troubleshooting of security applications and appliances across organization. Apply the NIST special publicat800-53, Rev 5 Risk Management framework (RMF) process to information systems and applications being assessed or developed.

Work with system owners and system stewards to gather and document information to assist with the creation of ATO packages.

Reviewing and writing controls implementation statements.

Servings Subject matter expert (SME) related to full life cycle A&A activities INFORMATION SECURITY ANALYST

Work with system teams and information system own (ISO) to review, updates and create POAMs, System Security Plans, Privacy Impact Assessments and other artifacts.

Developing, upgrading, and Reviewing RMF documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessments Report

Analyze vulnerability scans of information systems and assist in remediation tasks.

Experience working with cloud service providers

Assessing security systems and measures for weaknesses and providing possible improvements.

Perform installation, maintenance, upgrade, and troubleshooting of security applications and appliances across organization.

Apply the NIST special publicat800-53, Rev 5 Risk Management framework (RMF) process to information systems and applications being assessed or developed.

Work with system owners and system stewards to gather and document information to assist with the creation of ATO packages.

Reviewing and writing controls implementation statements.

Servings Subject matter expert (SME) related to full life cycle A&A activities

Work with system teams and information system own (ISO) to review, updates and create POAMs, System Security Plans, Privacy Impact Assessments and other artifacts.

Developing, upgrading, and Reviewing RMF documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessments Report.

Analyze vulnerability scans of information systems and assist in remediation tasks.

Experience working with cloud service providers

Develop RMF documentation as required to prepare products and systems for submission to an Authorization to Operate (ATO)

Responsible for input and feedback on security architectures

Assisting team leads in generating weekly reports

IDS/IPS monitoring and analysis using tools like snor EDUCATION

University of Buea, Cameroon

Bachelor of Science in Banking and Finance Certifications Scrum Master Accredited Certification

Security + (In Progress)

CISSP (In Progress)

INFORMATION SECURITY ANALYST

Contact this candidate