I am a Risk Management Framework analyst with over 5 years of experience in Assessment and Authorization (A&A) activities and tasks for information systems, Plan of Action & Milestone (PO&AM) management, Operation Policy and Procedures, Vulnerability Management as well as conducting Security Control Assessments (SCAs). Experienced in all phases of preparing and reviewing complete Authorization-to-Operate (ATO) packages for information technology systems and applications as defined by the Federal Information Security Management Act of 2002 (FISMA) and implemented by the guidance of the National Institute of Standards and Technology (NIST) Special Publication 800-53 series. I have an excellent leadership skill, work in a timely manner of executing deliverables to senior executives in an organization as well as excellent verbal and communication skills.
With over 5 years of experience. I have an excellent reputation for resolving problems, improving customer satisfaction, and driving overall operational improvements. Consistently saved costs while increasing profits.
I am very enthusiastic and eager to contribute to team success through hard work, attention to detail and excellent organizational skills. Clear understanding, Motivated to learn, grow and excel.
Skills
IT Security controls assessment, Risk Management Framework (RMF), Assessment & Authorization (A&A),Information Assurance, NIST 800 series, FISMA Compliance, Plan Of Action &Milestone, Risk Assessment, System Security Plan (SSP),Security Assessment Report (SAR), FIPS 199 System Security Categorization, IT Policy Coherence, Risk Analysis and Microsoft Office Suite (Word, Excel, PowerPoint).
Agency
Client
Data Analysis
Documentation
Financial
Foreign Exchange
Human resources
Information Security
Information Systems
Information Technology
Meetings
Excel
Microsoft Office Suite
PowerPoint
Word
Enterprise
Organizational
Personnel
Policies
Processes
Progress
Publication
Requirement
Risk Analysis
Risk Assessment
Risk Management
Scanning
Scanner
SOP
SSP
Incident Response Management
Developing security plans
Business operations
Problem resolution
Communications
Work History
OWNER/PRESIDENT/CEO, 01/2017 to Current Adp – Fairport, NY,
Communicating, on behalf of the company, with third parties and the development of the company's short- and long-term strategy. Creating and implementing the company or organization's vision and mission.
Directs, administers, and coordinates the internal operational activities of the organization in accordance with policies, goals, and objectives established by the CEO and the Board of Directors.
Leads and directs the following functions and/or business units: operations, human resources, traffic, new business coordination, and agency promotions and communication.
Developing organizational policies and goals that cover operations, personnel, financial performances, and growth of the functions and/or business units mentioned above policies and goals.
Promoted team productivity by keeping supplies organized and well-stocked.
Achieved substantial result by using market expertise and business knowledge to make proactive decisions.
Led operational oversight and budgetary supervision
Increased company revenue through aggressive new market strategies.
Devised new promotional approaches to boost customer numbers and market penetration while enhancing engagement and driving growth.
CYBERSECURITY ANALYST, 01/2016 to Current Booz Allen Hamilton Inc. – Redstone Arsenal, AL,
Performs updates to System Security Plans (SSP) Using NIST 800-18 as a guide todevelop SSP, Risk Assessments, Business Continuity Plan and Incident ResponsePlans •Performs RMF assessment which includes initiating meetings with various SystemOwners (SO) and Information System Security Officers (ISSO) •Creates change control procedures, drafts, reviews, and updates Plans of Action and Milestones (POAMs) •Conducts FedRAMP Readiness Assessments and review ATO Packages for FedRAMP Cloud environments •Expertise in National Institute of Standards and Technology Special Publication (NIST SP) documentation •Performs assessment, POAM Remediation, and document creation using NIST SP 800-53 Rev.1 and NIST SP 800-53 •Develops solutions to security weaknesses in the Requirement Traceable Matrix (RTM) and SAR, while working on POA&M remediation and corrective action plan.
Assisted ISSOs create solutions to weaknesses based on system functionality •Performs evaluation of policies, procedures, security scan results, and system settings in order to address controls that were deemed insufficient during Certification and Accreditation (C&A), RMF, and continuous monitoring •Ensures that the Information Systems Security department's policies, procedures, and practices as well as other systems user groups are compliant with FISMA, NIST, and general agency standards •Reviews documentation to include System Security Plan NIST 800-18 as a guide, Authorization to Operate (ATO), Security Assessment Report (SAR) using NIST800-30 as a guide, FIPPS 199 System Categorization using NIST 800-60 Vol1/Vol2 based on confidentiality, integrity and availability (CIA), policy and procedures, e-authentication, privacy threshold analysis (PTA), privacy impact analysis (PIA), contingency plan (CP) and interconnection security agreement as per NIST 800-47, certification and accreditation (C&A) packages and system standard operating procedures.
INFORMATION SYSTEM SECURITY ANALYST, 11/2014 to 07/2016 UNISYS-VA – City, STATE,
Supervised system vulnerability scanning, and administration of system security configuration using Tenable Nessus vulnerability scanner •Serve as the Subject Matter Expertise (SME) departments on all issues surrounding Information Security and Information Technology compliance standards •Conduct RMF briefings to the client explaining the life development cycle of the system •Assists by implementing data in the information system’s assessment and authorization tool known as Enterprise Mission Assurance Support Service (eMASS) •Develop the Standard Operating Procedures (SOP)s needed in creating the A&A processes.
Coordinate and track remediation of security weaknesses as they are discovered, via the Plan of Actions and Milestones (POA&M) tracking tool •Develop System Assessment and Authorization (SA &A) packages for compliance with NIST guidance, including System Security Plans, System Categorization documents using FIPS 199, Risk Assessment, POA&M, Contingency Plans, and Private Impact Assessments (PIA) •Review and update security documentation governed by NIST 800 series and organizational policies •Provide continuous security monitoring of assigned systems and make decisions either in critical high value situations or marginal risk situations •Maintain an understanding of operations throughout the organization to proactively enhance the user experience of new security policies •Collaborate with other security personnel on security assessment activities •Review results of vulnerability scans to ensure client system is devoid of critical and high vulnerabilities •Assess the information technology systems, security regulatory risk management and security vulnerabilities.
Increased customer satisfaction by resolving issues.
Handled calls per to address customer inquiries and concerns.
Developed team communications and information for meetings.
I design and implement IT security systems to protect the organization's computer networks from cyber attacks. ... You will monitor computer networks for security issues, install security software and document all security issues or breaches I find.
Education
Master of Business Administration: Business Administration And Management, Expected in 06/1999 Oxford University - , GPA:
MBA: , Expected in 1996 - , GPA:
Master of Arts: Mass Communication, Expected in 1991 UNILAG - , GPA:
Bachelor Degree in Mass Communication : Mass Communication, Expected in 1985 Unilag - , GPA:
Masters: Business Administration, Expected in - , GPA:
Certified Authorization Professional (CAP): In Progress: , Expected in - , GPA:
: IT, Expected in 01/2014 Online IT Classes - , GPA:
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
How this resume score could be improved?
Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:
resume Strength
Personalization
Target Job
Resume Overview
School Attended
Oxford University
UNILAG
Unilag
Online IT Classes
Job Titles Held:
OWNER/PRESIDENT/CEO
CYBERSECURITY ANALYST
INFORMATION SYSTEM SECURITY ANALYST
Degrees
Master of Business Administration
MBA
Master of Arts
Bachelor Degree in Mass Communication
Masters
Certified Authorization Professional (CAP): In Progress
