Risk Management Cybersecurity Engineer

ACHIANGA K. NKEMCHAP

Msc.* CISM PMP CEH Security+ Splunk Admin

Maryland 301-***-**** **********@*****.***

Sr. CYBERSECURITY ENGINEER (Top Secret SCI Eligible - DHS)

COMMITMENT PASSION EXCELLENCE RESULTS

SKILLS AND KNOWLEDGE SUMMARY

Security Compliance & Governance

NIST RMF (800-37, 800-53, 800-207, 800-137), FedRAMP / FISMA Compliance, Continuous Monitoring,

System Security Plans (SSP), POA&Ms, SARs, ATO Packages, Risk Management & Mitigation Planning,

Security Authorization Process (A&A)

Technical Security Knowledge

STIG Implementation & SRG Compliance (DISA STIGs, SCAP) Vulnerability Scanning & Remediation (ACAS,

Nessus), SIEM Tool (Splunk) Firewall, IDS/IPS configuration (Palo Alto, Cisco ASA), Patch Management and

System Hardening (Windows, Linux, MacOS), Secure Configuration of AWS Environments, Fortify.

Tools & Technologies

eMASS, Xacta, RMF Knowledge Service (RMF KS)

ServiceNow (security modules), Jira, Confluence

WORK EXPERIENCE

03/2025 – PRESENT: Sr. SECURITY CONTROL ASSESSOR – Humango LLC - WASHINGTON, DC

Managed and approved accreditation packages (SSP, SAP, SAR, POA&M) in accordance with RMF and ISO/IEC 15026-2 standards.

Established and documented acceptable risk thresholds for DHS software applications, systems, and networks to support mission assurance.

Reviewed and validated authorization and assurance artifacts to confirm that residual risk was within acceptable limits for ATO recommendations.

Assessed security controls against DISA STIGs, NIST 800-53 and mission requirements, providing risk analysis and remediation guidance to system owners.

Coordinated with Authorizing Officials (AOs), ISSOs and system stakeholders to maintain compliant accreditation records and ensure timely closure of POA&M items.

02/2021 – 03/2025: Sr. ZERO TRUST ENGINEER – MANTECH INC. Ft. MEADE, MD

Designed and implemented a Zero Trust-based InfoSec architecture for DoD agencies (USCYBERCOM, DISA, NSA), ensuring compliance with STIGs and NIST 800-53 controls.

Conducted vulnerability assessments using ACAS, SCAP and Fortify, applying STIGs to mission systems, Microsoft Dynamics CRM, and Dell hardware to identify and remediate security flaws.

Reviewed security authorization artifacts and evaluated the technical and functional adequacy of cybersecurity and information assurance (IA) controls in compliance with NIST SP 800-53 standards.

Developed and maintained SCA-R / Verification & Validation (V&V) schedules aligned with system Assessment & Authorization (A&A) timelines, ensuring adequate resourcing based on required control assessments and POA&M validation.

Engineered secure architectures by applying DISA STIGs, RMF controls and Zero Trust, reducing system vulnerabilities by 30% during pre-ATO assessments.

Led risk assessments and authored mitigation strategies that directly influenced senior leadership authorization decisions, accelerating ATO approvals across multiple mission systems.

Partnered with ISSOs, system owners and engineers to validate SAPs and SSPs, improving audit readiness and cutting control deficiencies during evaluations.

12/2019 – 01/2021: Sr. CYBER SECURITY (SIEM) ENGINEER – ACCENTURE FEDERAL Washington, DC

Engineered and maintained secure system architectures in alignment with NIST RMF and DOL security standards, supporting ATO efforts across multiple environments.

Collaborated with system administrators to deploy and configure Splunk (Linux/Windows), including data onboarding, UF/HF management, and log parsing for enhanced visibility.

Conducted vulnerability remediation and data feed troubleshooting using tools like Splunk, Tenable, BigFix, and RSA Archer to ensure compliance and operational continuity.

Authored SOPs and installation documentation for test environments, supporting repeatable processes and secure system deployment across DOL systems.

Promoted security awareness by guiding stakeholders on upstream risks, STIG compliance, and data-driven best practices across the OCIO-CDM team.

I also used the Password Generator App which syncs with AD to generate the User Password that Reconcile within CyberArk on a 24hrs window.

I was also responsible to Deactivate the account of any resource, when the User leaves the organization to ensure we are security compliant to the government regulations

05/2012– 11/2019: SPLUNK ENGINEER – WELLS FARGO (REMOTE) MARYLAND

Deployed and configured Splunk on Linux and Windows, managing Universal Forwarders and onboarding data from sources such as Syslog, databases, and custom APIs.

Configured event breaking, timestamping, and indexing to ensure accurate data parsing, search optimization, and performance tuning.

Managed user access by provisioning Admin, Power User, and User roles, and enforced appropriate app-sharing permissions across the platform.

Built and maintained custom ingestion pipelines using AppDynamics APIs and distributed processing, enabling rich operational data analysis.

Delivered Splunk onboarding best practices using SVN and Triage, while mentoring users on architecture components like indexers, forwarders, and search heads.

EDUCATION

2018 Master Graduate: Cyber Security Technology

University of Maryland University College - College Park, Maryland, USA

2014 Master Graduate: (MBA) Marketing Management

University of Maryland University College - College Park, Maryland, USA

2007 Bachelor of Arts: Law

University of Buea, Cameroon

PROFESSIONAL TRAINING & CERTIFICATIONS

Prince George College (2017) - Computer Security/Security+

SPLUNK: - Certified User 6.x License #: Cert - 253095

- Certified Power User 6.x License #: Cert – 254530

- Certified System Administrator 6.x License #: Cert – 254532

CompTIA - CompTIA Security+ License # - 352714362

EC-COUNCIL – Certified Ethical Hacker V10 License # - 539714

– CERTIFIED INFORMATION SECURITY MANAGER (CISM) License # - 201073302

– PROJECT MANAGEMENT PROFESSIONAL (PMP) License # - 3147050

Contact this candidate