Cybersecurity Analyst Risk Management
Resume:
Linda Manu
** **** ***, **********, **, *****
E-mail: ************@*****.***
Summary
An experienced Cybersecurity Analyst with a unique combination of passions in developing and implementing security policies, procedures, and best practices resulting in a 25% decrease in security incidents and breaches. Concentrate on project development and management, enterprise security risk management with in-depth knowledge of assessing risks in information systems. Also experienced in implementing appropriate controls, identifying and mitigating vulnerabilities through POA&M and vulnerability management, ensuring appropriate configuration management for all software and hardware using industrial standards frameworks. Collaborative team player with exceptional skills in monitoring and analyzing security events and logs, identifying and responding to 95% of security alerts and notifications looking for a role as a Cybersecurity Analyst.
Technical Skills:
§ Knowledge of and experience with federal security policies, standards, and guidelines including NIST 800 SPs such as 800-37, 800-53/53A rev 4, FIPS 199/200, FISMA & HIPAA.
§ Working knowledge of Risk Assessment, Risk Management Framework (RMF), Systems Development Life Cycle (SDLC) and Security Assessment and Authorization process (SA&A).
§ Experience in the development of ATO package documents such as SSPs, SARs, POA&Ms, Contingency Plans, Incident Response Plans, PIA and Configuration Management Plans.
§ Proficient in explaining technical information, resolutions, documentations, and presentations to clients and non-technical personnel at all levels of the organization or enterprise.
§ Network Security & Monitoring
§ Incident Response & Management
§ Vulnerability Assessment & Testing
§ Security Framework, e.g., NIST, FISMA, ISO 27001
§ Threat Intelligence & Analysis
§ Cloud Security Platform, e.g., AWS, Azure
§ Security Policy Development & Compliance
§ Communication & Collaboration Skills
§ Analytical and detail oriented
§ Problem solving skills
Education/Certificates
• Certified Information Security Manager (CISM)
• COMPTIA Security Plus (S+)
• SCRUM Master Accredited Certification (SCM)
• PBSeminary Wayne – Cybersecurity
• Presbyterian University – BSc Information and communication Technology RELATED EXPERIENCE
08/2019 – Present
Snr. Security Analyst, The church of Pentecost USA à Worked with the director of IT and development team in the implementation and deployment of a next-generation AI threat detection, in the COPUSA EMS and ChMs ERP systems. à Worked with Information System Security Officers to prepare Assessment and Authorization
(A&A) packages using the six steps Risk Management Framework Process (RMF). à Reviewed, monitors, and reports Plan of Action and Milestone (POA&M) status to all stakeholders and follows up with appropriate personnel to ensure that POA&Ms are remediated and reported in a timely manner to the POA&M Manager.
à Orchestrated the integration of quantum-resistant cryptography protocols into the organization's data protection framework, future-proofing sensitive information against emerging quantum computing threats.
à Assisted with implementing IT policies and procedures including information security, IT governance, responsible use of data, incidence response, security awareness and business continuity.
à Analyze identified malicious activity to determine means, method, and details of exploitations against the organization’s systems (EMS and CHMS) and other applications. à Respond to security incidents and minimize their impact and perform root cause of data breaches. à Collaborates and verifies third-party vendors' security and work with them to meet security requirements.
à Implemented tasks related to amazon web services (AWS) security protection and system optimization protocols.
à Routinely check AWS firewall rules that provide control over network traffic across VPCs. Specific/ongoing tasks
• Validate system requirements, security policies and procedures, contingency plans, incident response plans, personnel security, access control mechanisms and identification and authentication mechanisms.
• Perform assessments based on customer responsibility documentation and controls provided by the AWS access.
• Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments.
• Governs the internal control activities to ensure management, technical, and operational controls are being executed without exception.
• Executes Continuous Monitoring program requirements and prepares artifacts to submit to authorizing officials.
Achievements
- Implemented traffic], leading to the detection and prevention of security to monitor and analyze COP network (over 4 million users) potential data breaches, saving the company an estimated 5 million in damages.
- Designed and delivered basic security training to 300K employees, resulting in a 90% decrease in successful phishing attempts and a [percentage] increase in security policy compliance
- Creation of an IT policy document. Together with the IT director and audit team lead, I assisted with creating an IT policy document to ensure data integrity, security, and availability, creating a reliable framework for data usage across the organization ADDITIONAL EXPERIENCE
Systems Analyst, Creative IT SOFT, CIS
06/2017 – 02/2019
• Designed and implemented a machine learning-based user behavior analytics (UBA) system, Developed and delivered advanced cybersecurity training programs for 500+ employees resulting in a 78% decrease in successful phishing attempts and a 92% improvement in security policy compliance.
• Optimized the Security Operations Center (SOC) workflow by automating routine tasks with custom Python scripts and integrating other technologies, increasing analyst productivity by 40% and reducing mean time to resolution by 55%.
• Conduct root cause analysis for each incident to define follow up actions items and make recommendations.
• Monitor events and triage alerts across various security platforms. Analyze logs and alerts on a daily/weekly and monthly basis and report any suspicious activities to the SOC Team.
• Conduct and analyze vulnerability scans utilizing analysis tools, such as Microsoft Defender or Tenable SC to identify vulnerabilities.
References:
1. Samuel Morgan
Director of IT -COPUSA
Phone: 470-***-****
2. Perry Adjei-Dartey
Snr. Systems Analyst, CIS
Phone: 862-***-****
Contact this candidate