Security Clearance Risk Management

FAVOUR NWOKOLO

Mobile: +1-832-***-**** Email: *******.***@*****.*** LinkedIn: https://www.linkedin.com/in/Favourntech/ PROFESSIONAL SUMMARY

Driven and results-oriented Cybersecurity Professional with over 5 years experience and possess a valid security clearance. I have experience managing risk, ensuring regulatory compliance, and implementing cybersecurity frameworks such as NIST, ISO27001 and Risk Management Framework. Adept at integrating findings into enterprise vulnerability management programs and collaborating cross-functionally for effective remediation. Proven ability to assess and enhance security controls using GRC platforms i.e. AuditBoard. Experienced in performing internal audits, conducting risk assessments, and supporting incident response. Proficient at developing cybersecurity policies, managing access controls, and facilitating cybersecurity awareness training. Responsible for Third-party risk management function and compliance reporting. Effective communicator skilled in cross-functional collaboration and stakeholder engagement. SECURITY CLEARANCE / EDUCATION

Active Security Clearance

Eligible for Top Secret Clearance

M.Sc. Cybersecurity Technology University of Maryland – Adelphi, MD Apr 2023 – Dec 2024

CompTIA Security+

Certified Information Systems Security Professional (CISSP) TECHNICAL SKILLS

Security Tools: Nmap, Qualys, Tenable.sc, Upguard, One trust, Knowbe4, Lansweeper, Scaler, Audit board Wireshark, Metasploit, Nessus, Snort, Burp Suite, Splunk, FTKimager, AlienVault OTX, Cisco Talos, Maltego, VirusTotal, Autopsy, AWS, Azure. RSA Archer, Orca. CORE COMPETENCIES

Third Party Risk management

Regulatory compliance

Cybersecurity Framework

Policy Creation

Access Control

Internal Audits

Threat Intelligence

Vulnerability Management

Incident Response

Control Testing

Audit Readiness

Data Protection

Technical Documentation

Log Analysis

Identity Management

Change Management

Network Security

PROFESSIONAL EXPERIENCES

GRC Analyst

Salesforce – Miami, FL

Jun 2021 – Present

Collaborated with infrastructure and development teams to ensure prioritized remediation based on CVSS Scores, Ensured continuous compliance by tracking remediation status across cloud and on-prem environments.

Conducted weekly and monthly vulnerability scans using Qualys and ad-hoc cloud vulnerability scans using Orca, producing structured reports for senior IT leadership.

Worked with Palo Alto Next Generation Firewall for threat prevention, URL filtering, VPN configuration, and zero-trust access control.

Achieved 99% compliance in PII data handling audits by developing data classification schemas, access controls, and privacy training to safeguard sensitive personnel records and digital identity assets.

Delivered quarterly risk performance reports to executive leadership by monitoring over 80 security controls via RSA Archer and ServiceNow, tracking mitigation plans, and supporting governance board reviews to enhance decision-making and prioritize cybersecurity investments.

Led incident response efforts for 8+ cybersecurity events, including phishing, unauthorized access, and malware infections, coordinating with naval cybersecurity teams and forensic analysts to contain threats, recover systems, and document lessons learned for future prevention.

Analysed risk assessment questionnaires, conducted risk ranking and vendor tiering.

Spearheaded a cross-departmental initiative to implement continuous security training for personnel, resulting in 85% reduction in security incidents caused by human error and enhancing overall network defense capabilities across Navy operations. Compliance Analyst

Dominion Systems, Inc – Houston, Texas

May 2018 – Jun 2021

Supported ongoing compliance testing and monitoring efforts to ensure conformance with key standards including SOC 2 Type II, HIPAA and NIST frameworks by designing test procedures and reviewing technical control documentation thoroughly.

Conducted performance evaluations of internal controls and led risk assessments, ensuring timely documentation and audit readiness across technical and procedural security domains in collaboration with cross-functional teams and external audit partners.

Partnering with leadership teams to develop risk mitigation strategies, streamline compliance processes, and implement system improvements and best practice frameworks to strengthen enterprise-wide information security governance and data integrity controls.

Maintained and updated policy and procedure documentation to support a mature, auditable compliance program aligned with industry regulations and internal governance using GRC platforms using ServiceNow and Auditboard.

Deployed prisma cloud to provide continuous monitoring, vulnerability management, and compliance enforcement for multi-cloud workloads.

Prepared detailed audit reports and executive summaries, disclosing significant control deficiencies and recommending corrective actions for continuous improvement across infrastructure, application, and cloud based compliance control domains.

Collaborated with the development team to develop python scripts that automate cloud security compliance checks, IAM role reviews, and vulnerability reporting. Also Created custom Python-based tools for log analysis,malware detection and threat intelligence correlation.

Delivered expert information security, compliance, and data protection consultancy to IT projects while maintaining the Information Security Risk Register, directly supporting audit readiness and enhancing risk visibility across the organization.

Achieved full GDPR compliance by drafting and enforcing cybersecurity policies on device management, password practices, and acceptable use. IT Technical Support

Whiteplains British School

May 2015 – Apr 2018

Resolved 98% of IT service requests within SLA, supporting a user base of 550 by troubleshooting software/hardware issues and optimizing endpoint security configurations to ensure uninterrupted learning and administrative system availability.

Strengthened threat preparedness by 50% by delivering weekly threat intelligence reports based on CVE updates, global threat feeds, and vendor disclosures, enabling proactive defense across academic, administrative, and internet-connected classroom systems.

Achieved a 100% success rate in resolving end-user account issues, including password resets, account unlocks, and MFA implementation, resulting in improved security posture and reduced access-related support tickets.

Successfully onboarded new clients by configuring IT environments and resolving network/application issues, contributing to a 30% reduction in setup time and enhancing initial client satisfaction scores.

Conducted regular cybersecurity awareness training for staff and students, increasing security best practices adoption by 40%, and significantly reducing phishing incidents and other social engineering attack vectors across the school’s network.

Assisted in patching systems and updating antivirus software on over 200 endpoints. AWARDS & HONORS

Outstanding Performance Award

Leadership Award

Merit Award for Exceptional Performance of Duty

HOBBIES / INTEREST

Traveling / skydiving

REFERENCE

Available on Request

Contact this candidate