Post Job Free
Sign in

Zero Trust Regulatory Compliance

Location:
Maryland
Posted:
February 18, 2025

Contact this candidate

Resume:

ACHIANGA K. NKEMCHAP

Msc.* CISM PMP CEH Security+ Splunk Admin

Maryland 301-***-**** **********@*****.***

Sr. ZERO TRUST ENGINEER

COMMITMENT PASSION EXCELLENCE RESULTS

PROFILE: Top Secret Clearance

A Security professional with experience including but not limited to managing IT/Computer systems and Network Security, implementing SIEM tool, Designs/Plans and Implementation, Zero Trust System, System configuration & management, Risk Management and Regulatory Compliance.

SKILLS AND KNOWLEDGE SUMMARY

Operating System: Windows XP, Linux

Splunk: Splunk Cloud Stack, Configuration, Splunk Troubleshooting, Onboarding data, etc.

Server Technologies: Windows 2003, 2008, Windows Server 2012 R2 and Linux

Statutory & Regulatory Compliance: NIST-SP-800-53, HIPAA

Zero Trust:7 Pillars (User, Device, Visibility & Analytics, Automation, Data, Infrastructure, et al) Venafi (Certificates), Tenable (Vulnerabilities), Tanium (Endpoints), Cyberark

PC Support: Help Desk service & Support; Remote Desktop Support, TeamViewer and other Unified Systems.

STIG Compliance: Policy Development, Compliance, and Implementation,

ACAS Suite: Network vulnerability, Network Scanners

SOC: Threat detection, Analyzing Risk, Incidence Response, Threat Remediation, AWS CloudWatch (Events & Logs), AWS SNS, AWS S3, CyberArk, etc.

Security Technologies: IDS, WebInspect, Symantec DLP, Firewalls, VPN, PKI, PaloAlto.

Soft Skills: Microsoft Office (Word, Excel, PowerPoint), JIRA, Remedy Software, Google Apps, MS SharePoint, Slack

Languages: French and English

WORK EXPERIENCE

02/2020 – PRESENT: Sr. ZERO TRUST ENGINEER – MANTECH INC. Ft. MEADE, MD

Prepared and develop a NEXTGEN InfoSec architecture based on the data centric concepts of ZTA, (DoD - USCYBERCOM, DISA, NSA, USTRANSCOM) ensuring compliance with Security Technical Implementation Guides (STIGs).

Applied STIG controls on Dell Latitude mission laptops using ACAS, identifying, and remediating vulnerabilities.

Conducted regular STIG audits to identify and remediate vulnerabilities, improving overall system security posture using SCAP.

Applied APPDEV STIG checklist to Microsoft Dynamics CRM, scanning code with Fortify to fix security flaws.

I developed and tested incident response plans to ensure a swift and effective response to security incidents using Splunk and other technologies. (Test Evaluation Master Plan)

Collaborated with system administrators to enforce STIG policies, achieving a 98% compliance rate across all managed systems.

I also designed and implemented Zero Trust plan with integrated ACAS to ensure continuous network monitoring and compliance.

Utilized ACAS to conduct vulnerability assessments and compliance checks, identifying and mitigating security risks.

Conducted risk assessments on database systems by evaluating vulnerabilities related to patch management, access control, and encryption. Provided mitigation strategies aligned with NIST SP 800-53 controls.

Performed a detailed risk assessment on Dell PowerEdge servers, identifying potential risks related to hardware failures, firmware vulnerabilities, and misconfigurations. Recommended remediation steps, including firmware updates and secure boot configurations.

Reviews technical security controls and provides implementation responses to meet requirements, while participating in client POA&M tracking meetings to ensure accurate tracking processes.

Develop security policies and enforcement points within each segment of the architecture.

12/2018 – 01/2020: Sr. CYBER SECURITY (SIEM) ENGINEER – ACCENTURE FEDERAL Washington, DC

Led IT security management across enterprise data systems, networks, and web environments to ensure the highest standards of security.

Promoted regulatory compliance and best practices by driving awareness of industry standards and upstream risks across the OCIO-CDM team.

Served as a liaison between internal and external stakeholders to address inquiries and clarify the architecture of the Continuous Diagnostics and Mitigation (CDM) program.

Troubleshot data feed issues utilizing SIEM tools such as RSA Archer, Splunk, IBM BigFix, and Tenable, supporting Phases 1 and 2 of the CDM Project.

Provided Tier 1 incident response by working temporarily with the ESOC team to monitor and track inbound/outbound network traffic using tools like ServiceNow, McAfee EPO, MTIPS, Splunk, Cisco Stealthwatch, and SolarWinds.

Developed Standard Operating Procedures (SOPs) and created installation documentation for the OCIO Department of Labor (DOL) Test environment.

05/2019 – 11/2019: SPLUNK ENGINEER – WELLS FARGO (REMOTE) MARYLAND

Collaborated with system administrators to deploy and configure Splunk on both Linux and Windows platforms.

Provisioned Admin, Power User, and User roles, ensuring appropriate app-sharing permissions for different access levels.

Performed installation and configuration of Universal Forwarder agents, including data onboarding from various sources (Splunk Agent, SYSLOG, and Database).

Configured event breaking, timestamping, and indexed fields during the data onboarding process to optimize search accuracy and performance.

Educated novice users on core Splunk components, including indexers, forwarders, search heads, and deployment servers, to enhance team knowledge and self-sufficiency.

Developed and refined ingestion processes to extract, annotate, and transform a variety of rich operational data sources.

Leveraged AppDynamic APIs for seamless ingestion of logs from transactional data, improving monitoring and analysis capabilities.

Collaborated with clients to iteratively validate performance metrics, optimize output, and drive towards business-oriented solutions using APIs, distributed processing, and platform integrations.

Provided best practices for Splunk data onboarding, utilizing SVN and Triage for enhanced version control and troubleshooting.

Managed UF/HF forwarder configuration, search heads, and indexing to ensure seamless data flow and system performance.

Monitored and maintained the performance of all deployed systems, proactively identifying and resolving issues to maintain high availability.

09/2015 – 05/2019: SPLUNK SUPPORT ENGINEER – CAPSEC Ellicott City, Maryland

Supported Splunk and Splunk Enterprise architecture by designing, implementing, and troubleshooting solutions for deployment, maintenance, and upgrades in large-scale Enterprise Management environments.

Performed administrative tasks such as license management, forwarder and cluster management, app and add-on deployment, Splunk health monitoring, and index configuration and management.

Executed data transformation processes including field extraction (using regular expressions), data transformation, and tagging to optimize data workflows.

Deployed and fine-tuned Splunk apps to align with functional and performance objectives, ensuring smooth system integration.

Developed Business and Operational Intelligence Systems, leveraging Splunk for comprehensive data insights and decision-making support.

01/2012 – 05/2015: SECURITY ENGINEER – HEADWATER TECHNOLOGIES Washington DC

Collaborated with Project Managers, Business Analysts, and Architects through all phases of the project lifecycle, ensuring seamless communication and coordination.

Authored and maintained comprehensive documentation, including Standard Operating Procedures (SOPs), operational/configuration builds, and security operation manuals.

Monitored and analyzed logs from various cybersecurity solutions, including firewalls, IDS/IPS, VPNs, anti-malware, and SIEMs, to detect and respond to security threats.

Provided technical support, executed configuration changes, and optimized security infrastructure components to enhance system performance and security posture.

04/2011 – 01/2012: INTERN – DNET SECURITY Washington DC

Submitted Request for Information (RFI) and Request for Proposal (RFP) to the DHS-OCIA for the provision of advanced cybersecurity and infrastructure analytics, including interactive data visualization services.

Collaborated as part of the customer support team, executing installation, maintenance, testing, and patching activities for client systems using Remedy Software to ensure optimal performance and stability.

Assisted in the preparation of a Request for Quote (RFQ) to the Substance Abuse and Mental Health Services Administration (SAMHSA).

EDUCATION

2018 Master Graduate: Cyber Security Technology

University of Maryland University College - College Park, Maryland, USA

2014 Master Graduate: (MBA) Marketing Management

University of Maryland University College - College Park, Maryland, USA

2007 Bachelor of Arts: Law

University of Buea, Cameroon

PROFESSIONAL TRAINING & CERTIFICATIONS

Prince George College (2017) - Computer Security/Security+

SPLUNK: - Certified User 6.x License #: Cert - 253095

- Certified Power User 6.x License #: Cert – 254530

- Certified System Administrator 6.x License #: Cert – 254532

CompTIA - CompTIA Security+ License # - 352714362

EC-COUNCIL – Certified Ethical Hacker V10 License # - 539714

– CERTIFIED INFORMATION SECURITY MANAGER (CISM) License # - 201073302

– PROJECT MANAGEMENT PROFESSIONAL (PMP) License # - 3147050



Contact this candidate