Network Security Information System
Resume:
Felix O. Nuako
**********@*****.***, 214-***-****.
Skills:
•Knowledge and experience in IT Securities including access controls, network Security, Login/monitoring, Pen Testing, Vulnerability scan, Vulnerability assessments, ITGC and Application controls. Efficient in using SAST/DAST/IAST tools like Check Max, IBM App scan, Prisma Cloud and Qualys for Infrastructure scanning. CISCO Switches, Routers and Viptela.
•Frameworks: RMF, FIPS 199, NIST 800 – 60, SP 800-53, SP 800-53A, SOX 404, FedRAMP, PCI DSS and PFI, HIPAA, HITRUST, COSO, COBIT, Risk Assessment, ISO 27001, and ISO 27002.TCP/IP, HTTP/HTTPS, SSL, DNS, DHCP, basic routing/switching, wireless 802.1X, authentication policies,authentication protocols such as LDAP, NTLM or Kerberos,Biometrics (facial,eye finger) Mobile authentication,Single sign -on scheme,Ping identity,Identity proofing.SOX,SOC 1,SOC 2 AND RCSA.
•Scanning Tools: HP Fortify, App Scan, CheckMax, Open Bugs, Brakeman, Nmap, Nessus, Open Vas, Qualys, Zap, Burp Suite, Vega, Nikto, App Sider.
Education and Professional Certifications:
•BSC, Network & Telecommunication Management, DeVry University 2001 -2005
•MS, Information System Management, Keller Graduate School 2006-2008
•MS, Business Management, Keller Graduate School 2009 – 2010
•Wireless Technology Certificate, Keller Graduate School
•CCNA: Cisco Certified Network Associate
•MCP: Microsoft Certified Professional
•CISA: Certified Information System Auditor
Experience:
Gary Marvin Memorial Hospital – Remote Jul 2023 – April 2024
Cyber Security Consultant / Network Security Engineer Consultant
•Review, analyze and evaluate the system for effectiveness of control.
•Compliance and regulatory and IT Security, ISO 270001 provide protection and privacy and is vital to the company. HiTrust (HIPAA)/HITRUST compliance.
•Review, and analyze complex systems such as Applications, Operating Systems, and Networking devices to identify risks. Risk mitigation, security assessments, analysis of security threats.Testing Prisma Cloud Enterprise as well as Security posture.
•Test the controls, evaluate the password and make recommendations.
•Analyse the artifacts and make recommendation Make sure there is a Policy and Procedure are place.
•Vulnerability Management tools such as Tanium, Tenable Nessus.
•Biometrics (facial, eye finger) Mobile authentication,SSO,Ping identity, Identity proofing and so on.
•During the testing, the applicable tools are Qualys and Nessus.
•Risk Assessment Methodologies, examples are Threat Modeling, NIST 800-30
•Analyze penetration Test and Vulnerability Scan results and make recommendations.
•Test, evaluate, and verify hardware and/or software to determine compliance with defined specifications and requirements as well as Microsoft Windows-based enterprise Public Key Infrastructure (PKI) and PKI compliance. Test and implement Windows Failover Cluster.
•Installed anti-virus such as McAfee and make sure there is a Checkpoint, Palo Alto and/or Juniper firewalls to monitor the networks Connettivity,Network Access Control, Installation of IDS and IPS.Palo Alto platform help the company to secure everything from the latest threat from everywhere as well as monitoring.
•Using GRC Platform like ServiceNow GRC, RSA Archer.
• Preventing and analyzing the Threat Modeling in real time for secure growth of the company.
• Juniper switches work faster and improve the economics of networking with cloud base and high density ethernet.
•Utilizing the risk management frameworks such as NIST 1800,RMF,ISO 27001 -27005,NIST CSF.
•Monitor the company Network with monitoring tools such as Splunk, and so on.
•Provide recommendations and guidance on identified security control, risks and weaknesses.
•Tableau and sharePoint provide integration,customization,workflow automation and collaboration as well as ease of use.
Prosperity Bank (IT Consultant) – Remote Jan 2019 – Nov 2022
Cybersecurity/IT Auditor Analyst
•Conduct efficient and effective IT audit procedures. (Testing, Interview and Examination).
•Perform, review, and analyze complex systems (Applications, Operating Systems, and Networking devices), to identify risks, and make recommendations.
•Produces final reports on compliance to detail the controls observed during security assessments in accordance with various security standards and regulations.
•Manages client's third-party assessment program, including security assessments, task tracking, analyses reporting, documentation, and process improvement.
•Performs walkthrough interviews and maintains communication with a variety of client stakeholders, including system personnel such as system administrators.
•Requests, obtains, reviews, and analyzes a variety of artifacts to assist in executing IT controls testing such as Security Plans, Standard Operating Procedure (SOPs), system screenshots, and system configuration settings.
•Plan, implement, monitor, and upgrade security measures for the protection of the organization’s data, systems, and networks.
•Respond to system vulnerabilities, network security breaches and IT controls.
•Examine internal IT controls, evaluate the design and operational effectiveness, determine exposure to risk, and develop remediation strategies.
•Test and identify network and system vulnerabilities and create counteractive strategies to protect the network.
•Perform regular audit testing and provide recommendations.
•Review, evaluate, and test application controls. Applicable tools are Nessus and Qualys.
•Analyze penetration Test and Vulnerability Scan results and make recommendations.
•Provide recommendations and guidance on identified security control risks and weaknesses.
First Allied Bank (IT Consultant) – Remote Jan 2016 – Nov 2018
IT Auditor
•Performed audit planning, conducted walkthroughs, and assessed the internal control environment through control testing.
•Ensured that policies and procedures are implemented, and processes are well documented and performed internal reviews which identified compliance problems that called for formal attention.
•NIST 800 -53 R4,ISO 270001 provide protection and privacy which is vital.
•Participated in day-to-day execution of audit engagements, such as SOX, compliance audit, and operational audit.
•Worked with external auditors during annual audits and ensured deficiencies are remediated in a timely manner before following up.
•Analyzed and concluded on effectiveness of control environment.
•Performed IT general and application controls testing, identified deficiencies in the design and operating effectiveness of controls and provided recommendations.
•Identified expectations of the client and took actions to support the client experience.
•Coordinate with others and proactively take on additional work.
•Effectively communicate information, issues and audit progress to teammates, clients, and auditor-in-charge.
Zale’s Corporation – Irving, TX Mar 2010 – Nov 2015
Network Technician
•Oversee the day-to-day activities or operations of the company network more so IT issues, such as Planning, Implementation and Training.
•Provide training in new software as well as for the new employees in how to use the system.
•Make sure the work is done according to the requirements and network implementation.
•Installation of Software such as OS, anti-virus, LAN, and WAN implementation. TCP/IP protocols, routing protocols and switching.
•Configuration of PC system and Network, Network Operation Systems using Windows Network Security, Network design such as LAN and WAN Technology.
•Troubleshooting technical problems which may arise.
Washington Mutual - Irving, TX Jan 2004 – Dec 2009
Technical Support
•Troubleshooting technical issues and solving computer problems.
•Updates, identifying hardware and software solutions.
•Diagnosing and repairing faults.
•Resolving network issues.
•Monitor the company Network with monitoring tools such as Splunk and so on.
•Installing computers, printers and configuring hardware and software, such as McAfee.
Contact this candidate