Risk Management Analyst

YAH ANGELA KOLOKOLLIE

Self-Sufficient Professional with Advanced Expertise and Proven Leadership Abilities

EXECUTIVE SUMMARY

Dynamic Information Assurance and Cybersecurity Professional with proven expertise in safeguarding enterprise assets and driving measurable improvements in security posture. Spearheaded vulnerability assessments and remediation efforts, achieving a 25% reduction in critical vulnerabilities across organizational systems. Partnered with cross-functional teams to implement NIST 800-53, FedRAMP, and RMF controls, ensuring compliance and operational resilience. Optimized cloud security operations, streamlining server patching via Endpoint Central and provisioning secure environments in AWS EC2 and Workspaces, leading to a 15% increase in system availability. Adept at mitigating cybersecurity risks, automating security processes, and supporting strategic initiatives with precision and agility.

EDUCATION

University of Maryland Global Campus - College Park, MD Bachelor of Science

CERTIFICATIONS

CompTIA Security+ CE

Certified Information Systems Auditor (CISA)

EXPERIENCE

CIS University - Arlington, VA Vulnerability Management Analyst Internship

Feb. 2022 - Present

Conducts regular and ad-hoc testing of applications, systems, and networks to identify vulnerabilities and evaluate the organization's cybersecurity posture.

Performs security vulnerability management and remediation, ensuring timely resolution of identified issues. Executes configuration verification and compliance scans to enforce organizational standards, utilizing tools like Tenable: sc, ACAS, and Qualys.

Conducts discovery scanning to identify unmanaged or unidentified hosts within the organization's IT environment. Maintains and updates the Assured Compliance Assessment Solution (ACAS), including its operating system, ensuring up-to-date vulnerability assessment capabilities.

Monitors and responds to directives and guidance from Continuous Monitoring and Risk Scoring (CMRS) systems. Creates and tracks Plans of Action and Milestones (POA&M) for security weaknesses, collaborating with Subject Matter Experts (SMEs) to ensure risk mitigation.

Develops and maintains Risk Management Framework (RMF) documentation and Approval to Connect (ATC) packages to meet compliance requirements.

Responds to and reports security incidents in alignment with organizational SOPs and processes.

Monitors, analyzes, and responds to cybersecurity issues using an Information Technology Service Management (ITSM) system.

Categorizes, logs, and reports incidents in adherence to established protocols.

Provides expertise in networking technologies, security monitoring solutions, and system performance engineering to improve the security and reliability of IT operations

EXPERIENCE

December 2016 to present

Inova Alexandria Hospital

Clinical Technician 2

Performing EKGs, phlebotomy, assisting patients with ADLs, admitting and discharging Patients on and from the Unit. Bladder Scanning. Transferring patients from bed to chair, then back to bed. Feeding patients, Showers, Giving CHG Baths, Placing heart monitors on patients.

SKILLS

Cyber Risk Assessment & Strategy, IT Risk Modeling & Forecasting

Regulatory Compliance & Cybersecurity Cybersecurity Risk Reporting & Analysis Third-Party Risk Management

System Maintenance & Troubleshooting Cross-Functional Collaboration

End-User Support/Technical Assistance Hardware Software Management

Server Deployment

Cybersecurity Incident Response Information Assurance Documentation Vulnerability Assessment & Management Compliance & Risk Management

Artifact Approval & Coordination, User Story, Security Reviews

Risk Management & POA&M Documentation Security Control Assessments

Asset Management

Contact this candidate