| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
INFORMATION SYSTEMS SECURITY OFFICER (ISSO)ProfileWith over 7 years of practical involvement as an Information Systems Security Officer (ISSO), I have consistently showcased my proficiency in safeguarding critical data and maintaining rigorous security standards. My capabilities extend across risk assessment, vulnerability management and the enforcement of security protocols, ensuring the confidentiality, integrity and availability of organizational assets. I thrive in collaborative environments, adept at facilitating the seamless integration of impactful security measures across diverse teams. I am enthusiastic about contributing to a dynamic organization, leveraging my expertise and skills in the capacity of an ISSO. My proven track record underscores my commitment and proficiency in this domain, positioning me to make significant contributions to any team I join.SKILLSRisk Management: Risk assessment and risk mitigation analysis, Information Assurance & Privacy, RMF, System / Network vulnerability analysis, Testing IS Controls, Cloud Cybersecurity (NIST SP 800-Series, FIPS 199, FIPS 200).Regulatory Compliance: HIPAA, FedRAMP, NIST SPs, PCI-DSS, ISO 27001, CMMC, Contingency planning.Policy and Compliance Review: SOPs, ISAs, MOUs, test results, firewall policy, Ports & Protocols, Plug-ins.Security Tools: Nessus Scan [Tenable io], Web Inspect, STIGS.Software: Microsoft Office Suite 2016: Word, Outlook, Excel, Visio, PowerPoint, Teams, Virtualization, Windows and Linux Operating Systems, SharePoint, Risk Vision, Splunk.Server: Windows Server 2016.GRC Tools: RSA Archer, eMASS, CSAM, ServiceNow.Soft skills: Strong oral and technical writing skills, team player, detail-oriented, ability to work independently, strong leadership and organizational skills.Employment HistoryInformation System Security Officer (ISSO), CITIBANK N.A., New York.JUNE 2021 PRESENTImplemented Plan of Action and Milestones (POA&M) through CSAM, executing annual security assessments, encompassing NIST SP 800-53 and autonomous security evaluations. Executed evaluations of designated information systems security prerequisites, assessed the prevailing security stance, and suggested priorities for rectification.Revised System Security Plans (SSPs) for systems, executing requisite tasks in CSAM to compile a comprehensive SSP.Formulated, sanctioned, and verified POA&M ensuring their currency, precision, and efficacy in addressing identified security vulnerabilities.Orchestrated and executed compliance procedures as per Federal directives (NIST 800-53, 800-53A, 800-37, etc.) and client specifications.Assisted and documented security control assessments, aiding in remediation endeavors, and overseeing proper POA&M management.Scrutinized and improved standardized Security Authorization & Assessment (SA&A) Documentation, Security Assessment Reports, while furnishing recommendations for security infrastructure enhancements (e.g., firewalls, vulnerability scanning tools).Offered ISSO assistance for evaluating security assessments and their associated documentation.Information System Security Officer (ISSO), George Mason SCHAR School of Policy, Arlington, VirginiaOCTOBER 2017 DECEMBER 2020Conducted annual security assessments, including NIST SP 800-53 assessment and independent security assessments as required.Established and managed an IT System Security Compliance Schedule, covering POA&M Action Items, required ITSS reports/updates, Change Control Board Meetings, scheduled Vulnerability Scans, and updates to System IT Security Documentation.Identified the hardware and software components to be covered by the Security Authorization Package.Conducted assessments of assigned information systems security requirements, evaluated current security posture, and recommended priorities for remediation.Planned engagements, leveraging relevant work completed for other systems to achieve schedule cost savings and minimize impact on customer staff resources.Updated System Security Plans (SSPs) for IT systems and completed necessary activities in CSAM to generate a complete SSP.Coordinated the distribution of SSPs for review by project teams, tracked progress, and revised applicable areas in the CSAM tool as required.Drafted, approved, and validated POA&M, ensuring they remained up-to-date, accurate, and represented a true plan to mitigate identified security weaknesses.Conducted assessments of NIST SP 800-53, Rev 4 controls, documented findings in DOJ's CSAM repository, and ensured data quality and alignment with DOJ requirements.Reviewed and conducted NIST-based self-assessments, identifying weaknesses requiring attention, and developed a POAM for each based on industry best practices.Supported and documented security controls tests, assisted in remediation, and ensured appropriate management of POAMs.Information Assurance Analyst, First Atlantic Bank, Richmond, VirginiaJULY 2015 SEPTEMBER 2017Utilized expertise in NIST, OMB, RMF, FISMA, and government security requirements to improve organizational security protocols.Oversaw the monitoring and identification of risks and exceptions, ensuring resolution through the creation of Plans of Action and Milestones (POA&M).Executed risk and vulnerability assessments at the network system and application levels.Reviewed Nessus findings and generated vulnerability reports.Orchestrated the system accreditation process, collaborating with stakeholders to ensure successful reviews.Implemented security controls and devised operational risk mitigations.and assisted in conducting security awareness programs.Assessed and recommended new security tools, techniques, and technologies.Conducted routine assessments of site implementation of FISMA controls to support Continuous Monitoring.EducationGeorge Mason University (GPA: 3.70), MBA - International Commerce & Finance PolicyRelevant Coursework: Multilateral Development Banks Partnerships, Strategic Trade Controlsand Compliance, Global Business Finance, Microeconomics and Computational Policy, ManagerialEconomics, Macroeconomics and Trade Policy, Contract Negotiations, Methods of Analysis.University of Ghana (GPA: 3.29), Bachelor of Science: Mathematics & Computer ScienceRelevant Coursework: Linear and Abstract Algebra, Systems Programming, Advance Calculus,Object Oriented Programming, Statistics, Practical Physics, Electromagnetism, Atomic and NuclearPhysics, Software EngineeringSookmyung University, South Korea (GPA: 3.06), Bachelor of Science: Computer ScienceRelevant Coursework: Cryptography Encryption, Signal Algorithms, Computer Security andComputer Network, SQL Database Management and Design, Korean Language, Agile, Linux, C++,Java ScriptCertificationsCertified DOD Secret Clearance - ActiveCertified Scrum Master - ActiveProfessional Scrum Master (PSM I) - ActiveProfessional Scrum Master (PSM II) - ActiveCompTIA Network Security + - ActiveCertificate of US Army LeadershipAWS Solutions Architect- Associate (SAA) - ActiveAWARDS AND CERTIFICATIONS2023 JBSA Fort Sam Houston Echo Company Leadership Medal (US Army)2019 Virginia Business Council Scholarship2012 Government of Ghana STEM Scholarship (Computer Science)2011 Professor F.T. Sai Award for Best Female (Mathematical Science)SECURITY CLEARANCE LEVELCertified DOD Secret Clearance - ActiveWORK STATUSUS CITIZENREFERENCESAvailable upon requestDetails1961 Gableridge Turn, Woodbrige, Virginia 22191, United StatesPHONE NUMBER AVAILABLEEMAIL AVAILABLE |
