Senior Cyber Security Analyst with 10+ Years Experience

Nana Owusu

Lawrenceville, GA ***** 770-***-**** ************@*****.*** LinkedIn

Summary

Senior Cyber Security Analyst with 10+ years in federal information security, specializing in detection engineering and threat analysis. Skilled in Splunk at power-user level, EDR platforms like CrowdStrike, log analysis, and MITRE ATT&CK frameworks. Experienced in developing and refining security policies and detection strategies, automating endpoint deployments, and guiding SA&A processes for large-scale AWS environments.

Skills

•Cybersecurity Tools & Platforms: Splunk Proficiency, Security Tools Experience

•Detection & Analysis: Detection Engineering, SIEM Analysis

•Frameworks & Methodologies: MITRE ATT&CK Framework

Professional Experience

CDC/Credence Jun 2021 - Sep 2025

Information Security Engineer- Senior

•Developed, communicate, and maintain cybersecurity policies, standards, and procedures, ensuring alignment with federal mandates such as FISMA.

•Facilitated the annual review of cybersecurity policies and oversee the distribution and training on updated procedures.

•Used AWS Config to ensure resources follow security and compliance security best practices Automated deployment and configuration of endpoint security tools (e.g., CrowdStrike, Nessus) on AWS instances using Python and Bash scripting. Implemented Application White & Black listing with AppLocker.

•Leased with CSPO staff and CDC Program stakeholders to coordinate the documentation, planning, assessment, and mitigation requirements necessary to complete the system Security Assessment and Authorization (SA&A) process, for approximately 700 CDC systems, based upon FISMA requirements using required SA&A management systems and tools such as RSA Archer, Trusted Agent, SharePoint, and Excel

•Provided senior-level expertise in Cybersecurity Governance, Risk, and Compliance (GRC), supporting CDC programs and partners in navigating complex GRC requirements.

•Served as the primary system assessor, the assessor shall design, develop, and implement an assessment and authorization validation process that tests systems and applications to validate implementation and function of security controls for CDC Infrastructure, Platform and Software implementations.

•Reviewed and analyzed AWS vulnerability scan and penetration testing reports, validating findings and tracking remediation actions to closure.

•Reviewed and update CDC IT system security control assessments and plans (SAP) to reflect accurate system information as part of the System Assessment and Authorization (SA&A) process as well as for required system annual assessments. Supported and assisted with the migration from NIST Rev4 to Rev5.

•Utilized AWS Config, CloudTrail, Security Hub, and other security tools to enforce configuration compliance, detect drift, and maintain audit readiness.

•Conducted reviews and assessments in accordance with the assessment procedures defined in the security assessment plan (SAP)

•Conducted manual and automated security testing aligned with the MITRE ATT&CK framework to identify system vulnerabilities and design remediation plans.

•Documented the assessment and authorization validation process that tests systems and applications to validate implementation and function of security controls at the infrastructure, platform, and software levels.

•Documented CDC IT system findings using designated GRC tool(s) such as RSA Archer, Trusted Agent and shall generate, review and update Security Assessment Reports (SAR) and submit reports to the SA&A Team Lead

•Participated in continuous monitoring and risk assessment of key business processes to drive risk-based audit plan.

•Conducted IT controls risk assessment including reviewing organizational policies, standards, and procedures and providing advice on their adequacy, accuracy, and compliance with industry standards.

•and PIA) for seven systems and facilities using NIST publications.

•Worked closely with system owners to oversee the preparation of Comprehensive and Executive Certification & Accreditation (C&A) packages for approval of an Authorization to Operate (ATO); generate, review and update System Security Plans (SSP) against NIST

800-18 and NIST 800-53 requirements.

•Developed, communicated, and maintained cybersecurity policies, standards, and procedures in alignment with FISMA and other federal mandates.

•Facilitated annual review of cybersecurity policies and delivered training on updated procedures.

•Provided PKI engineering support in the areas of Public Key Enabling, logical access, encryption, and other ID management initiatives.

•Administered and maintained endpoint protection tools (e.g., CrowdStrike), firewall rules, and SIEM/logging tools, applying detection engineering principles to enhance threat detection.

•Led Security Assessment & Authorization (SA&A) process for ~700 CDC systems, ensuring compliance with NIST 800-53 controls and documentation requirements.

•Designed and implemented assessment validation processes to verify control effectiveness across infrastructure, platform, and software layers.

•Conducted manual and automated security testing to identify system vulnerabilities, tracked findings, and oversaw remediation to closure.

•Configured encryption for data at rest and in transit across AWS services to ensure compliance with federal and agency security standards.

•Performed risk-based audits leveraging NIST, CIS Controls, FedRAMP, and ISO/IEC frameworks to ensure operational compliance and minimize security exposure.

•Produced Security Assessment Reports (SARs) and collaborated with stakeholders for mitigation planning.

•Supported FedRAMP and FISMA compliance activities by validating AWS system configurations, documenting evidence, and preparing inputs for ATO (Authorization to Operate) packages.

•Enhanced security posture by identifying control gaps, conducting remediation planning, and validating effectiveness of implemented controls.

•Implemented data encryption solutions for data at rest and in transit.

•Leveraged Splunk (power user) to monitor security threats and perform SIEM analysis, improving detection capabilities and response times.

•Accessed Cloud Systems using the FedRAMP System Security Plans (SSPs) for ATO approval.

•Used Nessus scanner for security assessments to identify software flaws.

Vectrus Afghanistan Mar 2015 - Mar 2020

Infor. Ass. Analyst Afghanistan

•Provided key government US TAAC SOUTH MILITARY) personnel with policy coordination and interpretation support, general information security support, and assisting with the development and implementation of a defensive security program that protects Information systems and documents.

•Supported secure AWS cloud operations for defense and government systems, ensuring alignment with DoD RMF, FISMA, and NIST

800-53 requirements.

•Evaluated risk impacts of missing or misconfigured AWS controls, developing mitigation and compensating control strategies aligned with mission objectives.

•Drafted POA&Ms and tracked these POA&Ms to ensure vulnerabilities were remediated and the plans were closed.

•Conducted Security Test & Evaluation (ST&E) of AWS-based systems following NIST SP 800-53A, documenting results in assessment reports for authorization reviews

•Implemented and managed Zscaler and Cisco SASE to apply Zero Trust security models across multi-cloud and on-prem environments.

•Determined how the TAAC South Military systems will be impacted if security controls were not implemented.

•Assisted with defining security objectives and system-level performance requirements.

•Researched and stayed abreast with tools, techniques, countermeasures, and trends in computer network vulnerabilities.

•Implemented Zero Trust security principles within AWS using Zscaler and Cisco SASE, securing access to applications and data across multi-cloud and on-prem environments

•Spearheaded risk-based audit plans by leveraging frameworks such as NIST 800-53 and COBIT to evaluate IT environments.

•Developed and conducted ST&E (Security Test and Evaluation) per NIST SP 800-53A and perform on-site security testing using vulnerability scanning tools such as Nessus, after which an assessment report is created.

•Used Airlock Digital platform for application control (allowlisting) preventing unauthorized software, scripts, and code from running on endpoints to block threats like malware, ransomware.

•Applied ITIL Incident, Problem, and Change Management processes to ensure security events were logged, prioritized, escalated, and resolved efficiently while maintaining mission-critical system availability.

•Supported US TAAC South Military operations with security policy interpretation, compliance support, and defensive security program implementation.

•Confirmed and ensuring the appropriate DoD RMF (Risk Management Framework) process is met and the adequate input of documentation, such as ACAS scans, STIGs.

•Utilized vulnerability scanning tools such as Nessus and ACAS to identify weaknesses and prepared assessment reports with remediation recommendations.

•Reviewed and updated System Security Plans (SSPs), Security Assessment Reports (SARs), and Risk Assessments (RAs) for AWS-hosted systems to maintain ATO readiness.

•Evaluated risk impacts of unimplemented controls and developed mitigation strategies.

•Applied NIST, COBIT, and CIS frameworks in risk assessment activities to ensure mission-critical system security.

•Stayed current with emerging AWS security services, best practices, and evolving threat trends, integrating them into cloud governance and defensive strategies.

•Conducted vulnerability scanning and remediation using Nessus/ACAS and supported incident response and forensics

•Enhanced documentation and standard operating procedures (SOPs) using ITIL service management guidelines, resulting more consistent security operations and improved audit readiness.

•Researched and recommended emerging AWS compliance tools and services to enhance cloud governance, control validation, and automated evidence collection.

Education and Certifications

The Wayne State University

Bachelor of Science, Computer Science

Certification

•Certified Information Security Manager (CISM)

•Certified Ethical Hacker (CEH)

•CompTIA Security Plus (SEC +)

•Certified Network Defense Architect (CNDA)

•CompTIA Server+

•CompTIA SecurityX

•CompTIA Advanced Security Practitioner (CAPS)

2011

Contact this candidate