Cybersecurity Analyst Remote/DMV flexible resume title
Resume:
MUFIDAT AUDU
**********@*****.*** 202-***-**** https://www.linkedin.com/in/mufidat-audu-6a0714164/
Professional Summary
Cyber security analyst with more than 5 years’ experience in safeguarding organizational assets through the development and implementation of robust security protocols. Proficient in conducting risk assessments, managing system security plans, and ensuring compliance with industry standards such as RMF, NIST 800-53 Rev 5, Risk Management Framework (RMF), NIST 800-Series, Security Assessment & Authorization. Demonstrate ability to collaborate with cross-functional teams to identify vulnerabilities and implement effective mitigation strategies. I am committed to maintaining confidentiality, integrity, and availability of information systems.
AREAS OF EXPERTISE
Ability to conduct periodic assessments of systems and security controls to ensure compliance with control and security requirements.
Excellent communication, collaboration, and presentation skills.
Expert knowledge of NIST/FISMA requirements, application and policies.
Experience in Vulnerability Management and GRC tools (Archer)
Worked with the security team for the implementation of a Zero Trust Architecture, thereby significantly enhancing the organization's overall security posture.
Experienced in analyzing and documenting security control deficiencies and system vulnerabilities.
Experience in conducting kick-off briefings for companies ensuring the system is in compliance with their requirements and breaking down how the system is being handled.
Experience with Risk Assessments and the process(es) to track and report POA&Ms.
Experience Developing and maintaining security documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and Plan of Action and Milestones (POA&Ms).
Experience in assessing, reviewing and updating security plans (SSP) in accordance with NIST guidelines.
Ensured that security and compliance are maintained throughout the process of system migration transitioning.
Work Experience
CVP CORP
November 2023- April 2025
Information System Security Officer
Categorized information systems using FIPS 199 as a guide while taking account the security objective to determine impact levels to the system based on the information type derived from NIST 800-60 vol2
Assess, Create and maintain existing information system security documentation, including:
System Security Plan (SSP), Account management, contingency plan, Business Impact Analysis, E-authentication documentation, incident response plan and configuration management plan.
Spearheaded the implementation of security frameworks (NIST 800-53) across organizational systems, improving compliance.
Prepare system documentation for assessment in accordance with the Risk Management Framework (RMF) and NIST Special Publications.
Analyze vulnerability scanning results and follow up with technical leads for remediation efforts.
Track vulnerabilities with Plan of Action and Milestones (POA&M) and implement mitigation and/or risk acceptance.
Directed organization-wide risk management initiatives, identifying and mitigating the critical vulnerabilities through proactive assessments and remediation plans.
Review of the Readiness Assessment Report (RAR) received from security control auditors in accordance with FEDRAMP and FISMA requirements.
I assisted in Managing the overall security control assessment schedule as well as resource allocations to support assessment activities.
Upload and maintain the system documentation within the Archer repository.
Implement zero trust framework on all projects.
Prepare and present ATO Debrief slide deck.
Attend scheduled meetings with stakeholders for continuous monitoring.
Apex system
AUGUST 2019 – November 2023
LEAD INFORMATION SYSTEM SECURITY OFFICER
Conducted a system readiness evaluation (SRE) to ensure that system documentations are current and up to date.
Categorized information systems using FIPS 199 as a guide while taking account the security objective to determine impact levels to the system based on the information type derived from NIST 800-60 vol2
Assessed, Create and maintain existing information system security documentation, including
System Security Plan (SSP), security controls matrix and/or assessment.
Spearheaded the implementation of security frameworks (NIST CSF, ISO 27001, NIST 800-53) across organizational systems, improving compliance with state and federal regulations by 30%.
Prepared system documentation for assessment in accordance with the Risk Management Framework (RMF) and NIST Special Publications.
Reviewed and Update the Security Artifacts which include Security Assessment Plan (SAP), Security Assessment Report (SAR) and the System Security Plan (SSP.
Track findings with Plan of Action and Milestones (POA&M) through mitigation and/or risk acceptance.
Directed organization-wide risk management initiatives, identifying and mitigating 95% of critical vulnerabilities through proactive assessments and remediation plans.
Created and Reviewed the Readiness Assessment Report (RAR) in accordance with FEDRAMP and FISMA requirements.
Analyzed vulnerability scanning results and follow up with technical leads for remediation efforts.
I assisted in Managing the overall security control assessment schedule as well as resource allocations to support assessment activities.
Attended scheduled meetings with stakeholders for continuous monitoring.
K2share
OCT 2018- DEC 2019
SECURITY CONTROL ASSESSOR
Lead kick-off meetings and assist System Owners, Security Staff and other Stakeholders in understanding documentation and reporting requirements.
Generated POA&M for system. Assessing and Audit Remediation across the infrastructure and information systems to satisfy compliance requirements in accordance with NIST regulations.
Participated in continuous monitoring activities and initiatives.
Ensured information systems security documentation templates (e.g. System Boundary development, System Security Plan (SSP), Contingency Plan, Contingency Plan Test, Business Impact Analysis,) remain up to date.
Ensured that established internal control procedures were complying by examining reports, records documentation and operating practices.
Ensured that security awareness and training materials are reviewed periodically and updated when necessary
Updated and assessed ART (Assessment Result Table) and RAT (Risk Assessment Table) document.
Intersolutions
MARCH 2017 - JULY 2018
CYBER SECURITY ANALYST
Ensured that established internal control procedures were in compliance by examining reports, records documentation and operating practices.
Ensured that security awareness and training materials are reviewed periodically and updated when necessary.
Analyzed Nessus scans to identify vulnerabilities/anomalies on the network and took the necessary incident response steps to remediate the vulnerabilities.
Assessed General security Control audits, composed system security control risk assessments & engaged in business process reviews.
Assessing and documenting specific measures to be taken to correct deficiencies found during a security control assessment.
Identified The tasks needed to correct the deficiency, and the resources required to make the system compliant. Developing Milestones in completing the tasks.
Monitored security events in the system using intrusion prevention systems, and data loss prevention systems.
Education
University Of Maryland: Masters in Cybersecurity
Certifications
CompTIA Security+ Ce
Contact this candidate