Summary

Detail-oriented and highly motivated, IT Security Analyst and Information Assurance Engineer with 4 years of experience in performing Assessment and Authorization, Risk Management and Continuous Monitoring, POA M management, and Policy and Procedure, Security Assessment and Authorization, continuous monitoring and well versed in NIST 800-53 Rev 3/4 requirements, demonstrates outstanding leadership with keen ability to support others, using a lead-by-example approach.

SOFTWARE /PLATFORM:

• Windows, LAN/WAN Network, VMware.
• Applications: Microsoft Office 2003, 2007, 2010 and 2013 Professional Suite, SharePoint, CSAM.

EXPERIENCE:

Confidential

• Support security assessment and accreditation activities for SBA's systems and applications, including security audits i.e., FISMA , risk assessments, security plans, and system test and evaluations
• Develop and support implementation and enforcement of Information Security Policies and Procedures
• Review and update all Information Systems Security Plans/SSPs and support certification and accreditation efforts.
• Ensure proper protection and/or corrective measures have been taken when an Incident or Vulnerability has been discovered.
• Manage and coordinate Plan of Action and Milestone POA Ms for SBA systems utilizing CSAM
• Provide support for OIG audits, A-123 assessment
• Provide technical support in the areas of vulnerability assessment, risk assessment, and security implementation.
• Design and implement solutions for protecting the confidentiality, integrity and availability of sensitive information.
• Provide technical evaluations of customer systems and assists with making security improvements.
• Participate in design of information system contingency plans that maintain appropriate levels of protection and meet time requirements for minimizing operational impact to the organization.
• Conduct testing and audit log reviews to evaluate the effectiveness of security controls for SBA's applications.

Confidential

IT Security Analyst

• Sound understanding and experience with NIST Risk Management Framework RMF process.
• Perform Information Systems Security Audits, Certification and Accreditation C A Test Team efforts.
• Review and update System Security Plans SSP against NIST 800-18 and NIST 800-53 requirements.
• Review Technical Security Controls and provided implementation responses as to if/how the Systems are currently meeting the requirements.
• Determine security controls effectiveness i.e., controls implemented correctly, operating as intended, and meeting security requirements .
• Conduct Risk Assessments ensured measures raised in assessments were implemented in accordance with risk profile, and root-causes of risks were fully addressed following NIST 800-30 and NIST 800-37.
• Develop NIST Compliant Vulnerability Assessments, technical documentation, and Plans of Action and Milestone POA M , and address system weaknesses.
• Assess existing Security Policies, processes, and templates against NIST guidance.
• Participate in on-site and off-site security testing using vulnerability scanning tools such as Nessus.
• Ensure clients are in compliance with security policies and procedures following NIST 800-53 Rev3/4 and NIST 800-53A.
• Provide IA Support and Risk Management Framework and Continuous Monitoring processes
• The acquisition of information and documentation to meet initial and annual certification and accreditation requirements set forth by various Federal agencies
• Provide guidance and quality assurance to the system owner and ISSO on closing POA Ms.
• Ensured that policies and procedures are implemented and processes are well documented and performed internal reviews which identified compliance issues that required management actions.

Confidential

System Engineer Volunteer

• Assist soldiers and family members on the use of Computer System and Accessories.
• Configured, troubleshoot, repaired and maintained Desktops and Laptops systems with the facility.
• Assisted users on the use of Application Software.
• Co-ordinated trainings on Microsoft office and other software.
• Assembled and make operational computer systems and other office equipment such as printers, copiers and scanners.
• Ability to set priorities, able to multi-task in a complex/fast paced setting and manage customer's expectations
• Provided repairs to computer system and accessories within the facility
• Troubleshoot and resolve all LAN/WAN issues
• Test systems to ensure elimination of bugs and viruses
• Perform upgrade and patching on existing computer system within the facility
• Evaluate threats and vulnerabilities of each system and ensure proper safeguards are in place to protect the environment

Confidential

System Engineer

• Plan, implement, install, operate and maintain systems hardware, software applications and Information Technology infrastructure.
• Perform functional analysis and cost benefit studies to determine proper allocation of resources.
• Provide hardware and software engineering support for Information Systems utilizing object oriented programming and client / server applications
• Oversee the testing and monitoring of applications and systems performance.
• Install and implement new programs, modules, servers, hardware, and network equipment when necessary to upgrade, improve resources or increase compatibility.
• Configured, troubleshoot, repaired and maintained Desktops and Laptops systems.
• Provided IT solutions for staff, students, acted as consultant to departmental heads, Co-ordinated and supervised student's computer practical works.
• Support staff and end user with resolution of systems issues, malfunctions or software programming problems.
• Responsible for the purchase of computer systems and accessories for Departments.
• Co-ordinate periodical workshops on computer security awareness for staff
• Assembled all department computer systems and other office equipment such as printers, copiers and scanners.
• Maintain hardware and software inventory for components
• Installing, configuring and maintaining Windows Operating System including patches, updates, and performance monitoring.
• Troubleshoot personal computers provide network and troubleshooting hardware and software for students and staff.
• Liaise with Internet Service Provider for quick and prompt solution to network issues
• Assist with URL and/or TCP monitoring for critical web sites
• Strong troubleshooting skills and experience in Windows OS, Ubuntu
• Develop and present detailed technical documentation

Confidential

System Engineer/Trainer

• Responsible for selling Computer systems and accessories with the sale of after sale maintenance and warranties to customers
• Provide training for clients on the use of Windows OS, Microsoft office suites, other software and Hardware troubleshooting
• Maintained, organize the training department and liaised with other IT providers for the effective dispensation of services to our clients.
• Evaluate customer or product requirements to develop total systems solutions within project timelines and cost constraints.
• Provide assistance with systems planning, business information analysis and process improvement initiatives.
• Identify, evaluate and correct hardware, software, desktop operations problems, and peripheral equipment
• Evaluate and resolve computer, system, and user's problems including compatibility conflicts, application operations, hardware malfunctions
• Monitor and report on system performance and vulnerabilities and provide recommendations for improvement.
• Ability to operate with minimum supervision, towards achieving specified objectives for each client.
• Analyze the technical requirements and details required for developing the system and proposed solutions for implementing the same to clients