| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Street Address Castle Blvd, Silver Spring, MD PHONE: PHONE NUMBER AVAILABLEEMAIL: EMAIL AVAILABLESummaryAccomplished cybersecurity leader with 8+ years of experience driving security initiatives across diverse environments. Proven success in vulnerability management, cloud security (AWS ), compliance (FISMA & FedRAMP), DevSecOps, and Threat Hunting. Expertise in architecting and implementing robust security controls, leading incident response efforts, and proactively mitigating threats. Strong collaborator with a passion for fostering a security-first culture within organizations.Certifications/Technical ExperienceCertifications: AWS Solutions Architect, AWS Certified Security Specialty, CompTIA CompTIA Sec+, CompTIA CASP+, EC-COUNCIL CEH ISACA CISAVulnerability Management: Qualys, Nessus, Scanner. Tenable.sc, AWS Inspector, SSM, OWASP, OVAL, CVSS, CVE, SCAP, etc.Cloud Security: AWS AWS (CloudWatch, CloudTrail, Config, GuardDuty, Inspector, Trusted Advisor, VPC Flow Logs, etc.),Compliance: FISMA/FedRAMP ATOSecurity Operations: SIEM -Splunk, AlienVault, Fire Eye HX, NX, Barracuda, FireEye, Cisco IronPort, IDS/IPS, Darktrace, Symantec, Wireshark, McAfee ePO etc.DevSecOps: DAST, SAST, Snyk, Aqua Security, etc.SIEM - Splunk, AlienVault, Fire Eye HX, NX, Barracuda, FireEye, Cisco IronPort, IDS/IPS, Darktrace, Symantec, Wireshark, McAfee ePO etc.Operating Systems: Windows, LinuxGRC Tools: (e.g., eMASS, Xacta, CSAM, Asset Manager) to track, manage, and report on security controls, compliance, and risks.ExperienceFedRAMP Cyber Engineer/Vulnerability Management Noblis (GSA) April 2023 - PresentConducted in-depth reviews of Cloud Service Provider (CSP) packages on Max.gov, meticulously verifying technical and network diagrams for alignment with FedRAMP ATO requirements, ensuring a secure and compliant Cloud foundation.Evaluated high and moderate risk vulnerabilities in CSP packages, contributing to successful FedRAMP authorization of various Cloud service providers, demonstrating expertise in Cloud security assessmentLead comprehensive vulnerability management programs for diverse environments, encompassing on-premises systems and cloud infrastructure, ensuring a holistic approach to risk mitigation.Executed vulnerability assessments and remediation planning utilizing Nessus Scanner and Nessus Security Center, identifying critical weaknesses and orchestrating timely patch deployment and configuration adjustments.Leveraged AWS Inspector and Systems Manager (SSM) to proactively identify vulnerabilities and automate patching for both EC2 instances and container registries, enhancing the security posture of AWS environments.Conducted in-depth reviews of Cloud Service Provider (CSP) packages on Max.gov, meticulously verifying technical and network diagrams for alignment with FedRAMP ATO requirements, ensuring a secure and compliant cloud foundation.Evaluated high and moderate risk vulnerabilities in CSP packages, contributing to the successful FedRAMP authorization of various cloud service providers, demonstrating expertise in cloud security assessment.Maintained expertise in industry-standard vulnerability frameworks, including OWASP, OVAL, CVSS, CVE, and SCAP, applying this knowledge to assess and prioritize security risks effectively.FedRAMP/ Cloud Security Engineer Penguin Computing Feb 2021 April 2023.Led the design and implementation of robust identity and access management (IAM) policies, roles, and permissions to ensure least privilege access and minimize security risks across AWS environments.Developed comprehensive incident response strategies for AWS services and on-premises systems, encompassing threat detection, containment, eradication, recovery, and post-incident analysis, ensuring swift and effective responses to security incidents.Collaborated with 3PAOs to compile FedRAMP authorization artifacts (SSP, SAR, POA&M) for both agency and JAB paths, ensuring template adherence and addressing deficiencies.Engineered holistic data security strategies for cloud-hosted and on-premises systems, implementing encryption, tokenization, access controls, and data loss prevention mechanisms to protect sensitive information and maintain compliance with regulatory requirements.Architected secure infrastructure designs for cloud and on-premises systems, adhering to security best practices outlined in NIST 800-53, CIS Benchmarks, and NIST CSF, implementing measures like network segmentation, intrusion detection/prevention systems, and web application firewalls.Established proactive continuous monitoring frameworks for AWS environments, leveraging native tools like CloudWatch, CloudTrail, Config, GuardDuty, Inspector, Trusted Advisor, and VPC Flow Logs, in conjunction with third-party solutions like Splunk, to detect and respond to security events in real-time.Designed and implemented robust data loss prevention (DLP) strategies for both cloud and on-premises systems, employing content filtering, access controls, encryption, and real-time monitoring to prevent unauthorized data exfiltration.Led FedRAMP readiness assessments for Cloud Service Providers (CSPs), identifying security gaps, developing remediation roadmaps, and facilitating successful authorizations.Conducted comprehensive gap analyses against FedRAMP Security Assessment Framework (SAF) and NIST SP 800-53 controls, providing detailed documentation and actionable recommendations.Senior Cloud Security Engineer (ISSO) Perspecta (DHS) March 2020 - Feb 2021Led FedRAMP readiness assessments for multiple Cloud Service Providers (CSPs), identifying security gaps, developing remediation roadmaps, and facilitating successful authorizations.Conducted comprehensive gap analyses against FedRAMP Security Assessment Framework (SAF) and NIST SP 800-53 controls, providing detailed documentation and actionable recommendations. Collaboration with 3PAOs: Collaborated with 3PAOs to compile FedRAMP authorization artifacts (SSP, SAR, POA&M) for both agency and JAB paths, ensuring adherence to templates and addressing deficiencies.Authorization Package Review: Reviewed and validated FedRAMP authorization packages, assessing the completeness, accuracy, and compliance of security documentation for high-impact systems.SSP Development: Developed and maintained System Security Plans (SSPs) per FedRAMP requirements, detailing system architectures, security controls, and risk mitigation strategies.Served as a subject matter expert in FISMA/FedRAMP compliance, guiding internal teams and external stakeholders on security control implementation and documentation.Participated in FedRAMP continuous monitoring activities, conducting regular assessments, tracking POA&M items, and ensuring ongoing compliance with federal security standards.Presented FedRAMP compliance findings and recommendations to senior management, effectively communicating complex security concepts and driving remediation efforts.Utilized Xacta/CSAM to streamline security control assessment, documentation, and reporting processes, facilitating efficient risk management and compliance tracking.SOC/Threat Hunting Engineer GDH ( Food and Drugs Administration) Sep 2019 - Mar 2020.CI/CD Pipeline Security Integration: Successfully integrated Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) tools into CI/CD pipelines, enabling automated vulnerability scanning and security testing throughout the development process.Snyk Implementation: Led the implementation of Snyk into the CI/CD pipeline to perform comprehensive vulnerability scanning of code dependencies and open-source libraries, proactively identifying and addressing security risks.Aqua Security: Leveraged Aqua Security to enhance container security, performing vulnerability scanning and runtime protection for containerized applications, ensuring the integrity and security of containerized environments.Data Loss Prevention (DLP) Strategist: Designed and executed comprehensive DLP strategies for both cloud and on-premise systems, safeguarding sensitive data through classification, access controls, and real-time monitoring.DevSecOps Champion: Fostered a shift-left security culture, collaborating closely with DevOps teams to integrate security practices and tools throughout the software development lifecycle (SDLC).Vulnerability Management Automation Architect: Established automated vulnerability management processes, ensuring regular scanning of cloud and on-premise systems, prompt remediation, and continuous risk reduction.Threat Hunter: Led proactive threat-hunting initiatives, utilizing in-depth knowledge of static and dynamic techniques to analyze logs, traffic, and telemetry, uncovering hidden threats and indicators of compromise (IOCs).Incident Response Specialist: Conducted comprehensive investigations across diverse environments (cloud, on-premise), leveraging SIEM, network forensics, and endpoint analysis tools to resolve security incidents efficiently.Security Advisor: Researched and disseminated weekly threat/vulnerability advisories, providing stakeholders with actionable insights and recommendations to enhance security posture.Phishing Mitigation Expert: Investigated phishing campaigns, analyzing email headers, malicious URLs, and IP addresses, and implemented blacklisting measures to protect the organization.Vulnerability/Cyber Security Engineer, Serigor Jul 2018 - Sep 2019Spearheaded a comprehensive vulnerability management program encompassing on-premises, cloud (AWS), and containerized environments, significantly reducing mean time to remediate critical vulnerabilities.Leveraged Nessus Professional and Nessus Security Center to conduct in-depth vulnerability scans, ensuring accurate identification and prioritization of security weaknesses for efficient remediation planning.Implemented AWS Inspector and Systems Manager (SSM) to automate vulnerability scanning and patching processes for EC2 instances and container registries, enhancing the security posture of AWS cloud environments.Designed and implemented a scalable vulnerability management program, establishing robust processes for POAM (Plan of Action and Milestones) creation and management to track and drive remediation efforts effectively.Maintained in-depth knowledge of vulnerability management standards (OWASP, OVAL, CVSS, CVE, SCAP), ensuring accurate risk assessment and prioritization of vulnerabilities for remediation.Fostered collaboration with engineering and stakeholders to streamline remediation of vulnerabilities and missing patches, utilizing ad hoc scans to address emerging threats and maintain a strong security posture.Conducted weekly vulnerability scans to identify and prioritize emerging risks, ensuring continuous monitoring and timely remediation of vulnerabilities.Prepared and distributed comprehensive monthly vulnerability reports to stakeholders, providing actionable insights and facilitating informed decision-making to enhance overall security posture.Security Operations Center (SOC) Analyst/Threat Hunter TruShield April 2015 - Jul 2018Led proactive threat-hunting initiatives applying in-depth knowledge of static and dynamic analysis techniques to identify and neutralize advanced threats across diverse IT environments.Leveraged extensive expertise in security tools including Splunk, Barracuda, FireEye, Cisco IronPort, IDS/IPS, DarkTrace, Symantec, RSA NetWitness, and others to conduct comprehensive incident response and threat investigations.Spearheaded threat hunting and incident response in cloud environments, utilizing AWS native tools like GuardDuty, CloudTrail, Inspector, Macie, and Security Hub to detect and mitigate threats specific to AWS infrastructure.Developed and disseminated weekly threat and vulnerability advisories to stakeholders, providing actionable intelligence on emerging threats and vulnerabilities to enhance organizational security awareness and preparedness.Conducted in-depth investigations of phishing campaigns, malicious URLs, and IP addresses, promptly blacklisting malicious entities to protect the organization from cyber threats.Mentored and trained junior SOC analysts on threat-hunting techniques, incident response procedures, and the effective use of security tools, fostering a culture of continuous learning and improvement.Collaborated effectively with cross-functional teams, including network engineers, system administrators, and security architects, to implement security controls, remediate vulnerabilities, and strengthen the overall security posture.Maintained up-to-date knowledge of the latest threat landscape, actively participated in security communities, and attended industry conferences to stay ahead of emerging threats and vulnerabilities.Investigated phishing campaigns, analyzing email headers, malicious URLs, and IP addresses, and implemented blacklisting measures to protect the organization.EducationAmerican Public University: Charles Town, WV Master of Science (M.S.) International Relations and Human Resource Man. - April 2017 Master of Science (M.S.) Cyber Security (In progress)University of Dschang: Cameroon Information Security: University of Dschang (Cameroon) - 2007 |
