Scrum Master Security Officer
Resume:
JOHN ABOAGYE DUODU
CySA+, SEC+, Scrum Master, Cybersecurity Workforce, Secrete Clearance- Norfolk, VA Zip: 23505. Tel:561-***-****) Email:***********@*****.***
SUMMARY OF QUALIFICATIONS
Skilled Information System Security Officer with ample experience in Federal Privacy and Data Security Management & Operations, Project Management, NIST 800-53 rev4 and NIST SP 800-37 rev 1, 800-18, 800-53, 800-34, FIPS, FISMA, eMass, ACAS, Security Content Automation Protocol, NIST Family of Security Controls, POA&M, incident Response, and Contingency Planning.
Technology: NESSUS by Tenable, Rave by Microsoft, MS-Solve by Microsoft, Nmap, Wireshark.
TRAINING
eMass certified Acas/ Nessus certified Risk Management Framework NIST Special Publication 800 HIPAA Course Certification Vulnerability Management Certification
DOD Cyber Awareness challenge, The Active Shooter, Domestic Violence - All Hands, Ncis Cntr Intel/Insider Threat, Operations Security, Dod Mandatory Cui Training, Suicide Prevention Gmt,
Sexual Assault Prev/Response, U.S. Navy Equal Opportunity, Joint Staff Suicide Awareness
TECHNICAL SKILLS
Software: Windows, EPIC, Soaring Clinical, T-systems, Excel, Microsoft Office 2016, 2010 and 2007; Server 2008; Linux, Norton Antivirus, Norton Ghost, Remote Desktop and Help Desk Management software, SQL, Active Directory.
Hardware: – Desktops, laptops, printers, scanners. Format, partition EIDE, SATA, SCSI, and SSD and perform data recovery and imaging.
SUMMARY OF PROFESSIONAL EXPERIENCE
United States Navy - Information Security Analyst Naval Station (NAVSTA) Norfolk March 2021– October 16, 2024
Perform roles/responsibilities of the Information System Analyst for assigned information systems
Serve as the lead point-of-contact for all security-related matters to those systems
POA&M Remediation: Perform evaluation of policies and procedures, security scan results, and system settings in order to address controls that were deemed insufficient during Certification and Accreditation (C&A).
Review existing policies, procedures and guidelines to ensure compliance with NSWCPD and Navy Cyber Security/Information Assurance (IA) Policy
Assist, and when required, conduct vulnerability scans of assigned networks and databases
Provide assistance in the remediation of vulnerabilities identified through network scans
Coordinate changes or modifications to hardware, software, or firmware of a system with the applicable cybersecurity entities prior to a change
Assisted in procedures to support A&A workflow processes and the various criteria needed to facilitate processes and accreditation decisios.
Supported the performance of periodic reviews of security controls for responsible systems
Provide on-site and off-site system engineers to assist with the acquisition, integration, and certification of systems and components under the purview of the Program. These include Navy-type Navy-owned systems
Develop and maintain a Plan of Action and Milestone (POA&M) for all IA-related tasks and deliverables in accordance with the Security Technical Implementation Guide (STIG)
Develop Risk Assessment Reports (RARs) based on vulnerability test results, automated scan reviews, Assured Compliance Assessment Solution (ACAS) scans, and other DoD-mandated assessment-utilities.
Input reports in eMass, or deliver in MS Office-products/Visio formats, as appropriate.
C.R.J Technologies LLC Information Security Analyst Worcester, MA January 2018- March 2021
Perform Risk Management Framework (RMF) Using NIST 800-37 as a guide for assessments and Continuous Monitoring.
Initiate meetings with various System Owners and Information System Security Officers (ISSO), providing guidance and evidence needed for security controls, and documenting findings of assessment.
POA&M Remediation: Perform evaluation of policies and procedures, security scan results, and system settings in order to address controls that were deemed insufficient during Certification and Accreditation (C&A).
Expertise in National Institute of Standards and Technology Special Publication (NIST SP) documentation: Perform assessments, assist with POA&M creation and remediation, using NIST SP 800-53 Rev.1 and NIST SP 800-53 rev.4.
Review updates on System Security Plan (SSP) using NIST SP 800-18 guidelines.
with multiple clients to perform POA&M remediation. Maintain excellent working relationships with both internal and external clients using good communication skills.
Provide security control assessor (SCA) services, such assisting with the Assessment and Authorization process, including A&A, documentation, reporting and analysis – analyzing current threats to information security and systems.
Assist with the Risk Management Framework (RMF) process using NIST SP 800-37 as a guide for assessments and Continuous Monitoring.
Perform Security Risk Assessment and risk analysis of resources, controls, vulnerabilities, impact of losing systems’ capabilities, and threats to the mission objective and provided guidance on vulnerability and malware remediation.
Republic Bank Ghana Ltd Mortgage Financing Accra, Ghana October 2010- April 2018.
Received and processed customer’s request.
Performed customer service activities.
Liaised with customers of the bank with real estate developers for proper administration of their mortgage loan requests.
Kept a clean portfolio of 95% or higher efficiency rate.
Interacted with customers for their mortgage origination and servicing needs.
Performed all banking activities as may be required of me by the Bank
TECHNICAL CERTIFICATIONS
Cybersecurity Workforce Certification.
CompTIA Security+ Certified CE
CompTIA Cyber Security Analyst (CySA+)
Scrum Master Accredited Certificate
CLEARANCE
Citizen of the United States.
Secret Clearance (Active).
Certificate of release or discharge from active duty (DD214)
EDUCATION
Information and Cybersecurity Workforce-ECPI University
Cybersecurity Workforce- University of Louisville – 2023
Surface Warfare Institute, Great Lakes.
B. Ed Social Science (Accounting and Management) U.C.C-2006
Contact this candidate