Risk Management Secret Clearance
Resume:
ALECSIA NKWENTI
Dallas, TX ***** 214-***-**** *********@*****.***
Cybersecurity GRC Risk Management Tech Compliance DoD-Cleared Professional Active Secret Clearance CompTIA Security+ Bilingual: English & French PROFESSIONAL SUMMARY
Results-driven Cybersecurity and GRC Analyst with 5+ years of experience driving risk management and security compliance across DoD and civilian environments. Demonstrated success supporting RMF accreditation, policy development, and vulnerability management in both classified and hybrid infrastructures. Adept in NIST 800- 53, ISO 27001, SOC 2, HIPAA, and FISMA frameworks. Skilled at delivering audit-ready documentation, automating GRC workflows, and executing cyber training at scale. Cleared to access sensitive and classified information; proven track record of strengthening enterprise cybersecurity posture in complex, regulated environments. Seeking a cleared federal opportunity to advance national security objectives through cybersecurity excellence.
SECURITY CLEARANCE
Active DoD Secret Clearance
Adjudicated under DoD 5200.2-R; eligible to access classified systems and sensitive federal data (SCI eligible)
PROFESSIONAL EXPERIENCE
IT Risk & Compliance Analyst
Reliant Technologies LLC – Remote Jan 2022 – Present
• Conducted comprehensive control assessments under NIST 800-53, RMF, ISO 27001, and SOC 2 frameworks, ensuring continuous compliance.
• Directed audit readiness initiatives for SOC 2, HIPAA, and ISO 27001, resulting in 100% certification retention over two audit cycles.
• Implemented Archer GRC platform, automating risk register management and reducing manual tracking efforts by 70%.
• Orchestrated third-party risk management processes, cutting vendor onboarding delays by 50% through automated workflows.
• Authored and enforced security policies governing access control, encryption, data classification, and incident handling.
• Designed Power BI dashboards to visualize control health, KRIs, and risk trends, enhancing leadership reporting efficiency.
• Translated regulatory mandates (HIPAA, GDPR, CCPA) into enterprise security SOPs and IT team execution plans.
• Reduced audit finding remediation time by 40% through proactive control testing and evidence automation in Archer and OneTrust.
• Performed root cause analysis of compliance gaps and coordinated corrective action plans across cross-functional teams.
• Served as SME for internal and client-facing GRC platforms; trained staff on evidence submission, workflow tracking, and control testing. Information Security Analyst
U.S. Army – Fort Bragg, NC Apr 2017 – Jul 2021
• Developed, maintained, and submitted RMF A&A packages for classified networks, achieving timely ATOs for critical systems.
• Authored and maintained SSPs, SARs, and POA&Ms aligned with DoDI 8510.01 and FISMA mandates.
• Conducted system vulnerability scans using Tenable.sc and ensured DISA STIG compliance across SIPR/NIPR environments.
• Supported incident triage using Splunk, McAfee ePO, and Microsoft Defender, reducing response time by 35%.
• Acted as cybersecurity representative during command inspections and FISMA audits—recognized for zero non-conformities.
• Delivered quarterly OPSEC, phishing, and insider threat awareness training to 200+ personnel.
• Managed secure token (CAC), PKI, and VPN access for remote and field-deployed users across classified enclaves.
• Collaborated with ISSOs, SAs, and network teams to secure cross-domain communications and mission applications.
• Remediated 100% of open findings from RMF inspections within mandated timelines.
• Received the Army Achievement Medal for excellence in cybersecurity and RMF execution in support of overseas operations.
Customer Support Analyst (Privacy & Security)
Shimmer Me Boutique – Remote Jan 2017 – Jun 2017
• Triaged customer issues and access-related tickets via ServiceNow and Jira with a focus on secure provisioning and deprovisioning.
• Authored GDPR- and CCPA-aligned knowledge base articles to support data subject access requests and consent practices.
• Supported internal compliance audits and coordinated data privacy documentation for legal review.
• Advised marketing and legal teams on privacy-by-design practices during campaign and platform updates.
• Maintained logs of user data interactions and supported incident escalation tracking across business units.
• Monitored privacy policy adherence during customer onboarding, retention, and deletion workflows.
• Drafted SOPs for secure handling of customer PII and payment details, aligned with PCI-DSS best practices.
• Flagged unauthorized access incidents and supported follow-up investigations with security analysts.
• Improved ticket resolution speed by 25% by optimizing routing logic and template- based responses.
• Contributed to quarterly training refreshers on customer security protocols and secure communication standards.
PROJECT HIGHLIGHTS
• GRC Automation (Reliant Technologies, 2023): Reduced compliance reporting time by 60% through integration across Archer, OneTrust, and ServiceNow.
• RMF Accreditation (U.S. Army, 2019): Authored and submitted classified enclave ATO package approved with zero revision requests.
• Vendor Risk Management Program (Reliant, 2022): Reduced third-party risk cycle time by 45% and increased transparency across vendor portfolios. EDUCATION
B.S. in Computer Information Science – Cybersecurity (May 2025) American Military University
B.S. in Computer Science
University of Buea – Cameroon
CERTIFICATIONS
• CompTIA Security+ (Active)
• Security clearance
TECHNICAL SKILLS
Frameworks & Governance: NIST 800-53, RMF, ISO 27001, FISMA, DISA STIGs, HIPAA, SOC 2, COBIT 5, GDPR, CCPA, PCI-DSS
Tools & Platforms: Splunk, Tenable.sc, Nessus, ServiceNow, Jira, Microsoft Defender, Archer GRC, OneTrust, Azure, AD, Windows Server, M365, VPN, PKI Domains: GRC, TPRM, IAM, Audit Readiness, Compliance Policy, Incident Response, Security Awareness, IRP/BCP
Languages: Fluent in English and French (Written & Verbal) PROFESSIONAL AFFILIATIONS
• ISACA – Member, Risk & GRC Advisory Community
• (ISC) – Cybersecurity Student Member
AVAILABILITY & MOBILITY
Security Clearance: Active DoD Secret (SCI Eligible) Work Authorization: U.S. Citizen – No Sponsorship Required Mobility: Open to Remote, Hybrid, or On-Site Roles Nationwide
Contact this candidate