| | | 20,000+ Fresh Resumes Monthly | |
|
|
| | Related Resumes Security Analyst Cyber Fort Washington, MD cYBER SECURITY ANALYST HAGERSTOWN, MD Cyber Security Risk Analyst Broad Run, VA Cyber Security Soc Analyst Manassas, VA Cyber Security Analyst Washington, DC Cybersecurity Analyst, EDR, SIEM, Email security solution, Secur Ashburn, VA Cyber Security Analyst Ashburn, VA |
|
Click here or scroll down to respond to this candidate
Candidate's Name , CASP, SECURITY+ 9 DRUMCASTLE COURT. GERMANTOWN, MD Street Address
EMAIL AVAILABLE, PHONE NUMBER AVAILABLE
CYBER SECURITY ANALYSTA dedicated technology professional with over four years of extensive experience as a Cybersecurity analyst, IT Auditing, compliance, and leveraging best practices from my many years of education, skills, and work experience to help businesses boost their defenses and safeguards towards maximizing their investment in technology with the least acceptable risk.
Working knowledge and understanding of PCI DSS, ISO 27001/2, SOC 2 Type II, FedRAMP, Vendor Risk Management, CIS Critical Security Controls (Top 20), HIPAA/HITRUST, NIST RMF, NIST CSF, and COBIT frameworks in enterprise risk management (ERM).
Highly motivated, adept at multitasking, detail-oriented, working under pressure, solving complex problems, working in integrated project teams (IPT), and a self-starter with a demonstrated command of decision-making skills that are consistently sought out by superiors, peers, and business partners for guidance and insight on critical and sensitive project issues.
CORE SKILLS Expert in designing and implementing critical security controls and technology. Expert knowledge in designing, implementing and protecting the confidentiality, integrity, and availability of corporate data and resources once relevant business operations, systems, and technological risks are recognized and understood. Experience in reviewing, assessing, and auditing PCI DSS, NIST, ISO 27001, and HIPAA controls as part of either merchant or service provider compliance. Expert and experience in the FEDRAMP authorization process and continuous monitoring. Performed vulnerability assessment, assessed the weaknesses identified and prioritized the remediation based on the CVSS, and tracked remediation with the relevant business unit and control owners. Experience in building new tools using existing platforms to help secure organization for better service customers can rely on Working knowledge of industry tools like Nessus, Nmap, Wireshark. Ability to articulate technology into secure business solutions with minimal acceptable risk.PROFESSIONAL EXPERIENCE.Security Analyst |Cyberworkforce365 LLC (Part-time/Contractor) | June 2021 Present Perform and evaluate risk and vulnerability assessment. Discover, analyze, and track vulnerabilities and implement remediation across the system. Lead the IT security risk assessment and scoping exercise, execute the process and control walkthroughs, assess the design of controls, develop and enhance comprehensive test plans and perform independent testing. Coordinate audit and maintain systems-related Vulnerability Management programs. Reviews and build security tools and systems to solve security challenges Conduct audit testing by reviewing and analyzing audit evidence to determine compliance with policies and procedures and determine the operating effectiveness of controls under review within budgeted time.
Assess processes and procedures and exercise risk-based judgment to help teams make the right security decisions Evaluate the design and effectiveness of the control environment; track, monitor, and maintain control issues; develop, assist with remediation plans & prepare compliance summaries. Evaluate the impact to the organization of current security trends, advisories, publications, and remediating across the system. Communicate findings to management and identify opportunities for improvement in the design and effectiveness of critical controls.Compliance Readiness Consultant PCI DSS | TAC Solutions (Contractor) | Aug 2020 May 2021
Experience in reviewing, assessing, and auditing the 12 requirements under PCI DSS. Perform detailed security inspections of Linux and Windows Server configurations to ensure compliance with PCI DSS requirements. Spearhead successful Self-Assessments to ensure adherence to the standards and avoid fines.
I provide reports and metrics to the client on gaps, remediation efforts, clarifications, and tracking remediation plans of findings and timelines for corrective action. I support the client through compliance readiness through documentation and gap analysis during periodic completion and submission across the organization.
Ensure risks associated with business activities are effectively identified, measured, monitored, and controlled. Design and maintain a risk governance framework that supports enterprise-wide standard operating policies (SOPs) and procedures that align with the client s risk appetite, business and strategic objectives, and regulatory expectations. Follow written risk and compliance policies and procedures for business activities. Review and evaluate 3rd party risk management program and incorporate applicable requirements into EIT risk governance program. Utilize vulnerability scanning solutions such as Nessus to identify system vulnerabilities on critical infrastructure and develop remediation plans to address risk.
Advise the business on strengthening and managing their control environment concerning oversight of procedures/processes, accurate regulatory reporting and filings, governance documentation, risk control self-assessments, control design, and new product controls. Perform ongoing monitoring of business controls, control testing, root cause analysis, and examination of the effectiveness of established business controls.
EDUCATION AND PROFESSIONAL CERTIFICATIONS
BSc. Computer Science - Ghana in Institute of Professional Studies.
Certifications: CASP+, SECURITY+, ( RMF, CISM - In progress )REFERENCES:
Samuel Owusu PHONE NUMBER AVAILABLEAgyeman Duah PHONE NUMBER AVAILABLE |
