Dynamic, objective and success-oriented Security Control Assessor and I.T Auditor with over five years experience in Systems Development Life Cycle (SDLC), Security and Vulnerability Management Lifecycle. Well experienced in using FISMA and applicable NIST Special Publications e.g. FIPS 199, 200, SP 800-30, 800-37, 800-53r4/53A, 800-60, and 800-137.
Windows, Unix, Linux, Mac OSX, VMWare
Developed and implemented two information security and risk management programs covering everything from assessment to management to optimization.
Designed and conducted walkthroughs.
SmartThink LtdMDFISMA/C&A Analyst03/2012 to Current
I work as part of a team to conduct various types of assessments to include developmental testing and evaluation, independent verification and validation, security authorizations and/or reauthorizations, audits, continuous monitoring and remediation actions on major and minor applications.
I review management, operational, technical and Privacy security controls.
I prepare, analyze and update artifacts like SSP, RAR, SAR, PTA, PIA, ST&E and POA&M.
I designate and categorize systems in accordance with FISMA/NIST requirement at the SDLC and reauthorization stages.
I work with ISO, ISSO & other POCs in preparing certification and accreditation packages for granting of an ATO as stipulated by FISMA.
I conduct vulnerability scanning with the Nessus vulnerability scanner.
I assist in creating standard templates for required security assessments and system authorization.
I review organizational policies, standards and procedures, and provide professional advice and recommendations on their adequacy, accuracy and compliance with the FISMA/other required regulations.
Enlightened Inc. DCJunior Cyber Security Analyst02/2010 to 04/2011
I performed IT risk assessments, documented assessment results and offered suggestions on mitigation actions.
I conducted meetings with IT team, and other POCs to gather evidence, develop test plans, testing procedures etc.
I designed and conducted walkthroughs, formulated test plans, test results and developed remediation plans for each area of the testing.
I wrote audit reports for distribution to management and senior management staff, documenting the results of the audit.
I reviewed Business Continuity Plan and relationship with outsourced vendors.
Haran Resources LtdLagos, NigeriaDesktop Manager01/2005 to 10/2009
I Installed and configured DNS, and WINS Servers.
I administered, Configured and maintained NT I setup and maintained Exchange Servers.
I provided user's desktop assistance and training when necessary.
I setup and configured network printers.
I monitored the laying and termination of data and patch cables for LAN.
I performed risk analyses and assessments I defined security requirements for desktop systems.
I performed vulnerability checks on both servers and desktops.
Education and Certification
EnglishUniversity of Lagos, Lagos, NigeriaEnglish
RISK MANAGEMENT2016www.cybrary.it, online
APPLYING THE RISK
MANAGEMENT FRAMEWORK NIST
Certification Number: SC-59eb877fd-349c2d
Audit reports, Desktops, Risk Management, Scanning, SDLC, Artifacts creation,
HTML, Strong communication
skills, Working independently/part of a team, Managing tight
deadlines and Leadership skills