Post Job Free
Sign in

Information Security It Systems

Location:
Durham, NC
Salary:
96000
Posted:
July 20, 2025

Contact this candidate

Resume:

Mohammed Alhassan

Email: ********@*****.***

Tel: 347-***-****

*** ***** ******* ******, ****** 27705 NC

Professional Summary

Seasoned Information Security professional with 8 years of experience providing subject matter expertise in Information Technology services supporting security initiatives for government and commercial customers. Adaptable to changing priorities, excelling in both team and remote settings, with an unblemished background with security clearances.

Skills

RISK Management Framework (RMF) NIST, ISO 27001, FEDRAMP, FISMA Enterprise Risk Continuous Security Monitoring Risk Assessment Governance Risk Compliance (GRC), Vulnerability Management, Control Assessment, information System Security Training Governance Risk Compliance Training, ISO 27001 Training, SOC-2 Training, eMASS Training, Audit Support Compliance Management

Work History

TACONIC INNOVATIONS INC. NEW YORK DEC. 2022 - DATE Information Assurance Analyst

• Applying appropriate Information security controls for Federal Information System based on FIPS 199, FIPS 200, NSIT 800-18, 37rev1, 53rev4, 50, 60.

• Develop and promulgate Security Assessment Plans (SAP) and Security Assessment Reports (SARs)

• Experience in implementation of preventative, mitigating, and compensation controls, ensuring protection and adherence to the goals of organizational SAP Security GRC strategy

• Ensure that appropriate steps are taken to implement information security requirements for IT systems throughout their life cycle, from the requirements definition phase through disposal.

• Reviewed existing security plans to identify areas needing improvement or additional controls.

• Use and apply knowledge of Security Assessment & Authorization (SA&A) policies, guidelines, and regulations in the assessment of IT systems and the documentation and preparation of related documents.

• Work with Assessment and Authorization (A&A) team members and senior representatives to establish and define programs, resources, schedules, and risks

• Performed security assessment by testing information security controls.

• Reviewed vulnerability scans and performed analysis of results.

• Conducted regular vulnerability assessments and collaborated with system administrators and developers to remediate vulnerabilities promptly, ensuring a robust and secure infrastructure.

• Ensured compliance with relevant cyber security standards and regulations applicable to offices within the department, including but not limited to ISO 27001 and GDPR.

• Contributed to the design and implementation of secure systems and networks, conducting regular reviews and assessments to identify areas for improvement in the security posture. UNITED SITE SERVICES ( REMOTE) MAY 2019– NOVEMBER 2022 Compliance Analyst

● Performs System Security Categorizations using FIPS 199 and the NIST 800-60 Vol.11 Rev1 guidelines and templates to select provisional impact level assigned to the Confidentiality, Integrity, and Availability (CIA) based on the information type.

● Maintains and manages Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), POA&Ms, SAR, and other relevant security documentations for the system.

● Performs security risk assessment and analysis of resources, controls, vulnerabilities, asset decommissioning, and information security threats to the organization's objective.

● Participates in the System Assessment and Authorization process by working with the key stakeholders to ensure complete and accurate ATO packages.

● Validated system requirements, security policies and procedures, contingency plans, incident response plans, personnel access control mechanism and identification.

● Use and apply knowledge of Security Assessment & Authorization (SA&A) policies, guidelines, and regulations in the assessment of IT systems and the documentation and preparation of related documents.

● Brief senior leadership on security posture, vulnerability management, metrics, compliance, vulnerability mitigation strategies, project timelines and complicated cyber security matters.

● Reviewed existing security plans to identify areas needing improvement or additional controls.

● Use and apply knowledge of Security Assessment & Authorization (SA&A) policies, guidelines, and regulations in the assessment of IT systems and the documentation and preparation of related documents.

KPMG (REMOTE)

Service Desk Specialist Feb. 2015 – April 2019

• Gather, record, and perform initial troubleshooting on customer technical issues via phone support.

• Handle tickets coming in through the self-service portal and answer incoming chat requests.

• Manage personal ticket load and ensure timely resolution

• Stay current with all products and services by attending training, meetings, and reading all provided documentation

• Other duties assigned by management

EDUCATION

BSC COMPUTER SCIENCE AND STATISTICS - University of Ghana Legon CERTIFICATION

● CompTIA Security Plus

● CISA- Ongoing



Contact this candidate