Information Security Risk Management
Resume:
EDWIN NWAMADU C
***************@*****.*** • 832-***-**** • LinkedIn • Houston, TX
CYBERSECURITY ANALYST PROFILE
Results-driven information security professional with 15+ years of expertise in cybersecurity analysis, vulnerability assessments, and risk management. Proficient in continuous monitoring, assessment and authorization processes, and security control implementation. Adept at developing security documentation, conducting risk assessments, and ensuring regulatory compliance. Proven track record of implementing robust security measures, managing vulnerability remediation, and collaborating with cross-functional teams. Accomplished in developing security policies, maintaining IT control frameworks, and driving enterprise-wide security initiatives. Experienced in establishing strong stakeholder relationships to ensure effective risk mitigation and compliance adherence.
AREAS OF EXPERTISE
Security Control Assessment
FISMA Compliance
FedRAMP Authorization
Disaster Recovery & Contingency Management
Identity & Access Management (IAM)
Risk Management Framework
Authorization & Assessment
Enterprise Security Architecture
Security Documentation Development
Incident Response Planning
Governance, Risk, & Compliance (GRC)
Service Management
Configuration Management
Continuous Monitoring
Change Control Management
System Security Planning
Digital Banking Security
Data Loss Prevention
TECHNICAL EXPERTISE
Frameworks:
NIST RMF, NIST SP 800-53, 800-53A, NIST SP 800-61 R2, FIPS-199, FIPS-200, SOC, GAAP, PCI DSS, ISO 27001, FedRAMP, TOGAF, SABSA, IEC-62443
Tools:
Splunk, Nmap, Nessus, Verizon MTIPS, Qualys, TrendMicro, CSAM, XACTA, Jira, Web Inspect, OpenVAS Security
Systems:
RHEL 7 & 8, CentOS, Windows Server
Network Protocols:
TCP/IP, DHCP, DNS, SNMP, ICMP, ARP, IP, LAN, WLAN
PROFESSIONAL EXPERIENCE
Texas Children's Health, Houston, TX 2022 — Present
Security Control Assessor
Spearhead comprehensive security control assessments adhering to NIST SP 800-53A guidelines and FISMA compliance frameworks. Orchestrate system assessment kick-off meetings to establish control implementation responsibilities with key stakeholders. Generate Security Assessment Plans and Reports while evaluating System Security Plans and technical artifacts for authorization packages. Validate configuration changes across software and firmware implementations through change control boards. Design vulnerability assessments and remediation planning using NIST guidelines for FISMA systems.
Key Achievements:
●Engineered systematic POA&M tracking process for vulnerability management with Information System Security Officers.
●Streamlined security control assessment procedures aligned with FISMA requirements.
●Transformed technical documentation processes for security assessment deliverables.
●Constructed comprehensive Security Assessment Reports leveraging NIST frameworks.
●Facilitated collaboration with security engineers for system impact assessments.
●Formulated remediation strategies for identified system weaknesses through POA&Ms.
●Executed timely completion of security assessment deliverables through systematic documentation review.
●Pioneered efficient vulnerability tracking and remediation protocols with ISSOs.
DelTaahTech Consulting LLC, Washington, DC 2018 — 2022
Information Security Analyst (ISSO)
Directed continuous monitoring and Assessment & Authorization support for enterprise systems. Created critical security documentation including System Security Plans, Contingency Plans, Incident Response Plans, and Configuration Management Plans. Implemented vulnerability scanning and audit log analysis according to agency monitoring strategies. Established Authorization to Operate processes through risk assessment and remediation planning. Managed security patches and annual security assessments with system administrators.
Key Achievements:
●Architected innovative POA&M management system for tracking non-compliant security controls.
●Modernized vulnerability management processes through improved scanning protocols.
●Optimized security documentation development aligned with NIST guidelines.
●Performed comprehensive security assessments ensuring control effectiveness.
●Strengthened security standards through systematic vulnerability management.
●Launched successful system implementation for Authorization to Operate.
●Developed detailed corrective action plans for identified security risks.
●Instituted effective patch management procedures through systematic coordination.
United Bank for Africa (UBA), Lagos, Nigeria 2008 — 2016
Digital Banking Manager
Led deployment and support of digital and electronic banking products while ensuring IT audit and risk compliance. Analyzed comprehensive IT risk and policy development initiatives. Coordinated security vulnerability remediation efforts across banking platforms. Enhanced technical guidance on enterprise risk management to teams and customers. Structured IT control framework reviews in collaboration with internal and external auditors.
Key Achievements:
●Built cost-effective security solutions reducing organizational risk exposure.
●Integrated standardized IT risk assessment procedures for digital banking products.
●Achieved improved communication protocols between teams and enterprise risk associates.
●Refined comprehensive IT control framework aligned with banking regulations.
●Cultivated effective working relationships with enterprise risk associates.
●Delivered customer-focused technical guidance and support.
●Authored effective risk policies addressing security vulnerabilities.
●Upgraded digital banking security measures through systematic risk analysis.
EDUCATION & CREDENTIALS
Master of Science in Cybersecurity, 2024 American Intercontinental University, Houston, TX
Master of Business Administration Lagos State University, Nigeria
Bachelor's Degree in Computer Science Institute of Management and Technology, Enugu, Nigeria
CISSP (Certified Information Systems Security Professional) (In Progress), Issuer
CompTIA Security+ (SY0-701), CompTIA
Certified in Cybersecurity, International Information System Security Certification Consortium
Computer Associates Certified Security Specialist, Issuer
Computer Associates Certified Intrusion Detection Specialist, Issuer
Contact this candidate