Cyber Security Information Technology

BISMARK DANSO

Bronx/NY ~ 347-***-**** ~ ************@*****.***

Http://www.linkedin.com/in/bismarkdanso

US Navy Veteran CompTIA Sec+ CE, CND & CEH SECRET Security Clearance (Active)

PROFESSIONAL SUMMARY

A U.S. Navy Veteran of over 13 years of experience in steel working and Computer Defense Specialist (IT). Presently hold an Active Secret Clearance exp: June 2029. Spent the last 6 years in law enforcement (NYPD) but always held a strong interest in the Information Technology industry and decided it was time to pursue a professional career in IT. I have a graduate level of education in cybersecurity technology from UMGC, IVMF CORE online COHORT at University of Syracuse, NY and ACI Learning Company for Information Technology and Cyber Security courses gaining a strong cyber security foundation with training for the CompTIA Security+, Certified Network Defender (CND), and Certified Ethical Hacker (CEH) certifications. Seeking entry-level to intermediate opportunities in areas including Cyber Security Specialist, Information Security Auditor, Information Security Analyst, Site Security Administrator, Data Security Analyst, and more.

TECHNICAL SKILLS

Software & Systems:

Microsoft Windows (XP, Vista, 7, 8, 8.1, 10, 11), Mac OSX, iOS

Microsoft Office Suite (2003, 2007, 2010, 2013, 2016, and 365), Norton Antivirus, McAfee, AVG, LogMeIn, Discord, Adobe products, Microsoft Exchange, and iCloud

Hardware:

Identification of hardware and replacement

Diagnosing and troubleshooting hardware issues. Perform upgrades and maintenance support. Computer hardware, Storage capabilities & network support

Networking:

TCP/IP, LAN, WAN, VLAN, Wi-Fi, VPN, VOIP

Cybersecurity:

NetFlow, PCAP, Packet capture, Wireshark, Splunk, ArcSight, APT, TTP, threat, malware, cyber, NMAP, IDS,

IPS. LDAP

TECHNICAL TRAINING

ACI Learning Center (Virtual Campus) Denver, CO

Information Security Analyst Program

Completion Dates:

CompTIA SEC+ (SYO-601) September 2022

Certified Ethical Hacker (312-50) September 2022

Certified Network Defender (312-38) September 2022

Hardware Security February 2021

Software Security February 2021

Usable Security February 2021

CERTIFICATIONS

Graduate Cert

Graduate Cert in Cybersecurity Technology Date obtained: June 2022

CompTIA Sec+ SYO-601 Certification Exp: December 2025

Certified Ethical Hacker 312-50 Exp: January 2026

Certified Network Defender Certification 312-38 Exp: February 2027

PROFESSIONAL EXPERIENCE

CHEROKEE FEDERAL REMOTE

Cyber Security Logistics Specialist SME II May 2021-Present

Review and Update System Artifacts: You are reviewing and updating detailed architecture diagrams, hardware/software inventories, and other system artifacts to have a clear understanding of the system's components and structure, which is crucial for security assessments.

Applies new information technology security developments to ensure current guidelines are updated accurately

Baseline Impact Values for Medical Devices: Developing impact values (low, moderate, high) for medical devices helps prioritize security measures and responses based on the potential impact of security incidents.

Identify Common Controls: Identifying common controls associated with inherited controls in the Security Plan helps streamline security efforts and ensures consistency in security implementations.

Document Responsibilities: Documenting responsibilities associated with inherited controls helps assign accountability and ensure that necessary actions are taken to maintain security posture.

Tailoring Security Controls: Initiating the tailoring process in eMASS to modify the control set based on specific system conditions ensures that security controls are aligned with the unique requirements and risks of the system.

Supplemental Security Controls: Adding relevant supplemental security controls and marking extraneous controls as "Not Applicable" helps optimize security measures and focus resources efficiently.

Identify Controls for Ongoing Monitoring: Identifying security controls to be monitored on an ongoing basis is essential for continuous assessment and improvement of the system's security posture.

Review Change Control Policies: Reviewing site/organization change control policies ensures that changes to the system are managed effectively and with due consideration for security implications.

Document Policy Application: Documenting the method of applying policies to specific controls helps ensure that the policies are correctly implemented and enforced.

Applies project management principles and methods to gain an overview knowledge of future IT enterprise infrastructure

Coordinate with IV&V Team: Coordinating with the Independent Verification and Validation (IV&V) Team to clarify information required for Special Access Programs ensures that all security requirements are adequately addressed.

Lead Self-Assessment Activities: Leading the execution of self-assessment activities allows for proactive identification of security vulnerabilities and implementation of corrective actions.

Processes engineering concepts to comply with organizational standards and supports implementation of infrastructure to secure and protect the environment.

VA NY Harbor Healthcare System NEW YORK, NY

Information Security Intern MAR 2021 – MAY 2021

Identify security threats. Harden internal systems and services, Harden internetwork devices and services, Secure network communications, and manage a PKI. Manage certificates, enforce an organizational security policy, and monitor the security infrastructure.

Basic computer literacy. Basic PC operating system navigation skills. Basic Internet usage skills. Basic IP addressing knowledge.

Computer network and defense fundamentals. Network security threats, vulnerabilities, and attacks. Network security controls, protocols, and devices. Network security policy design and implementation. Physical security. Host security.

Secure firewall configuration and management. Secure IDS configuration and management. Secure VPN configuration and management. Wireless network defense. Network traffic monitoring analysis. Network risk and vulnerability management. Data backup and recovery Network incident response and management.

Footprinting and reconnaissance. Scanning networks. System hacking. Malware threats. Sniffing. Social engineering. Denial of service. Session hijacking. Hacking web servers and web applications. SQL injection. Hacking wireless networks. Hacking mobile platforms. Evading IDS, firewalls, and honeypots. Cryptography. Knowledge of TCP/IP. Information systems and security background.

ACCOUNTemps, A Robert Half Company NEW YORK, NY

Cybersecurity Specialist AUG2019 – MAR 2021

Provides senior consultative services to stakeholders on new, emerging, and/or most complex IAM security and compliance developments, including SOX, SOC-1, and SOC-2, GBLA, and others.

Evaluates and interprets internal and enterprise IAM policies, processes, and standards, and influences compliance and control decisions on net new or material changes to IT assets.

Directs information security risk assessment and analysis and recommends remediation plans and strategies.

Provides strategic leadership in responding to IT audit, compliance, and issue management requirements on behalf of the IAM domain.

Lead and Coordinate with stakeholders across lines of business for resolution within the target timeline.

Review compliance standards and evaluate risks and controls around role management, provisioning and De-provisioning of access, credential enrollment, secrets management, access policy management, authorization policy management, segregation of duties, and management of entitlement metadata.

Work associated with the Automated and manual management of roles, entitlements, discretionary access, and credentials as part of their respective lifecycles.

MILITARY EXPERIENCE.

United States Navy Afghanistan & Bahrain

Computer Defense Specialist (IT) 08/2013 – 07/ 2022

Monitor client networks through defensive measures and information collected from various sources to identify, analyze, and report events that occur or might occur within the network to protect the information, information systems, and networks from threats.

Job Duties:

Detect host and network-based intrusions via intrusion detection technologies.

Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.

Perform computer network defense (CND) trend analysis and reporting.

Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.

Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.

Conduct tests of information assurance (IA) safeguard in accordance with established test plans and procedures

Identify and analyze anomalies in network traffic using metadata.

Identify and triage the malware.

Create technically detailed reports based on intrusions and events.

Assist in troubleshooting and problem-solving a wide variety of client issues.

Provide quality customer service with excellent communication skills.

EDUCATION

The University of Maryland Global Campus Global Campus, MD

Graduate Certificate in Cybersecurity Technology Completion Date: July 2022

GPA 3.33/4.00

Lehman College Bronx, NY

Bachelor of Arts in Accounting Completion Date: May 2018

GPA 3.14/4.00 Cape Coast, Ghana

Cape Coast Technical College Completion Date: Apr 2010

HND Accountancy studies

Contact this candidate