| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidate5Candidate's Name
Elizabeth City, NC Street Address PHONE NUMBER AVAILABLE EMAIL AVAILABLESummary of Skills and AccomplishmentsResults-oriented, dynamic, and versatile IT professional with verifiable knowledge and over 5 years of successful experience in the cybersecurity industry and the ability to work in a fast-paced enterprise environment.Excellent grasp of cybersecurity within an enterprise government cloud environment, a strong background in Cloud Computing, and able to apply FedRAMP, and RMF security practice expertise across complex cloud architectures.Security Lead who provides FedRAMP and DoD government, regulatory, compliance, and cybersecurity guidance. This includes managing the Continuous Monitoring process and relationship with the FedRAMP PMO, JAB Reviewers, DoD Authorizing Official, and Third-Party Assessment Organization (3PAO).Lead and manage NIST-based system security assessments, privacy assessments, continuous monitoring, and other Assessment and Authorization (A&A) activities, Third-Party Vendor Risk Management, and Vulnerability Management.Adequate knowledge, and understanding of private, commercial, and/or government community clouds such as Microsoft Azure and AWS, GovCloud, and other regulatory frameworks which includes NIST 800 Series, eMASS, and vast experience in Microsoft Office suite; (Word, Excel, PowerPoint, Outlook Visio) and Mac Platforms, SPSS, Windows 10.Knowledgeable in the classification and categorization using the FIPS 199 documentation to ensure Systems high watermark value to ensure system CIA.Skilled in writing and presenting reports for risk assessment recommendation documents such as SSP, RAR, SAP, ST&E, PTA, PIA, and POA&M.Objectives for GrowthVulnerability Assessment Audit and Accountability Outstanding Customer ServiceRisk Management Framework Threat Analysis Security Assessment ReportComputer Network Security Team PlayerSoftware Platforms and System/Network Scanning ToolsSoftware: Microsoft Office (2003, 2007, 2010, 2013) Access, Word, Excel, PowerPoint, OneNote, Outlook, Project, Publisher Operating Systems: Mac / Microsoft Windows (95, 98, XP, Vista), Windows 10, eMASS, and AWS Cloud.Professional Experience1. COMPQSOFT, Inc. 11/2021- PresentInformation Assurance Security SpecialistAssisted a Team of Security assessors in achieving an Authorization to Operate (ATO) for the AMPS system.Implementing the DoD Assessment and Authorization (A&A) process IAW DoDI 8510.01 Risk Management Framework (RMF) for DoD Platform Information Technology (PIT).Develops and maintains security processes and controls that ensure security posture meets and/or exceeds FISMA and other Federal security standards as required.Creates documentation in support of the A&A efforts to include the Security Control Assessment Report, System Security Plan, and Security Standard Operating Procedures.Performs Risk Assessment (RA), review of System Security Plan (SSP), Contingency Plans, System Security Test Evaluation (ST&E), and update Plan of Action & Milestones (POAMS).Delivers weekly briefs to ISSO, ISSM, and higher-level stakeholders.Provides high-level audit analysis on security data to identify significant and unusual activity, initiate and review artifacts in compliance with NIST RMF process, complete meeting minutes, and prepare other documents as required by the assigned Team Lead.Review system vulnerability scan reports, provide recommendations to systems administrators for remediation, and document non-remediated findings in the Plan of Action and Milestone (POA&M)Monitors and track remediation progress in eMASS.Ensures system documentation (Contingency Plan) plans are tested and maintained on an annual basis and are compliant with NIST 800-53 rev control requirementsFosters an innovative and inclusive team-oriented work environmentCoordinates external audits to ensure all evidence for requirements has been reviewed and provided on time.Serves as the Policy Subject Matter Expert on a multi-functional team, performing gap analysis on several federal policies, OMB directives, DOD Binding Operational Directives (BOD), and NIST special publications (gap analysis on NIST SP 800-53, Rev.4 and Rev. 5).Interacts in both oral and written communications with all levels of System staff including Computer center staff, developers and other IT staff, technical staff, general counsel, auditors, and all System staff and technology vendors and contractors, in matters related to information security and security awareness materials.With the help of system engineers, I design and draw network architecture boundaries for systems under the RMF process requiring an ATO.2.CYBERVISION 11/2018- 10/2021Information Assurance Security SpecialistDeveloped cybersecurity policies, memoranda, standards, and guidance for API and supports the maintenance of such policies covering a wide field of disciplines including cyber security program governance, IT security and privacy operations, continuous monitoring, and risk management.Advised business stakeholders on policy strategies by determining cyber security policy applicability to the API environment and integrating such policy updates into GRC tools.Prepared regulatory and policy crosswalks to meet API needs.Provided technical guidance on a range of specific controls under the Risk Management Framework (RMF), NIST Publications, OMB directives, and HHS Policies to increase the API Systems security posture.Participated in collaborative and integrative projects in an agile environment by serving as a quality assurance point of contact for the API cybersecurity program and providing technical reviews of deliverables.Led the system-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies, and regulations of CMMC compliance per the NIST 800-171 CUI requirements.Developed and implemented effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.Analyzed security vulnerabilities and risk, within the Risk Management Framework (RMF) guidance provided through the NISPOM, DAAPM, and the JSIG, and provided suitable options for identified issues.Reviewed, prepared, and updated RMF and AIS accreditation packages in eMass.Performed self-inspections, and provided security coordination and review of all system test plans.Identified vulnerabilities and implemented countermeasures in POAM mitigation.3.CACI 08/2016- 10/2018Information Security AnalystParticipated in designing, developing, and implementing complex applications, often using new technologies, software, hardware, and tools.Worked closely with senior developers under the supervision and guidance of more seasoned consultants and may also be expected to provide application support.Collaborated with external programmers to coordinate delivery of software applications.Performed routine accountability for technical knowledge and capabilitiesDeveloped and customized data access routines to mine data from source systems for monitoring operations compliance according to banking laws and standards.Developed enterprise-independent tests models for compliance and regulatory reporting of various lines of businesses.Developed, reviewed, and updated Information Security System Policies,4.UNITED STATES ARMY Fort Bragg, NC 11/2012-05/2016Logistics Operations ManagerManaged the health, welfare, and professional growth of 5 subordinate managers and 10 employees; provided monthly and quarterly performance evaluation reviews, resulting in 100% operational readiness.Spearheaded all aspects of logistics, maintenance, and inventory handling in the reorganization of 2 companys assets worth over $59.3M utilizing automated property and accounting systems, resulting in $0 loss.Maintaining soldiers records and filing documents properlyBriefed executive leadership team daily on mission-critical asset status, optimized maintenance production, and aided 100% maintenance scheduling effectiveness.Providing customer service through interaction with soldiers and command groups by way of providing logistics.5.FEDEX - Aurora, CO 06/2012-11/2012Supply Chain TechnicianEnsuring successful transfer and delivery of goods to intended destinations.Sorting packages out for delivery.Picking up and delivering packages worth 100,000 dollars.Supervising other workers to make sure everything runs smoothly.CertificationsCurrently certified with an active CompTIA Security+ from Pearson Vue, USA.Enterprise Mission Assurance Support Service Certificate (Emass)TrainingEmass TrainingACAS TrainingCybersecurity SymposiumAmazon Web ServicesEducation and Professional DevelopmentPost Graduate Certificate in Cybersecurity Threat Detection Webster University- 2022Bachelor of Arts, Economics K.N.U.S.T, Kumasi, Ghana 2009Select AwardsUnited States Army Achievement Medal (1)Department of Defense Certificate of Achievement (3)Clearance StatusUS Citizen/Secret ClearanceReferencesReferences will be provided upon request. |
