SUMMARY:

• Extensive experience in Team Leadership, Project Management, Helpdesk Support, Business/Systems and Requirements Analysis.
• Extensive experience in developing Security Authorization To Operate (ATO) packages, Business Forms, Templates, Processes, Policies, Procedures, Handbooks, Manuals, System Specification/Design Documents. Experienced in consulting to Private, State and U.S Federal Government.

TECHNICAL SKILLS:

NISTSP: NIST SP 800 - 18, 800-37, 800-53rev4, 53a rev4, 800-137, 800-30, FIPS 199,NIST SP 800- 34, NIST 800-66 rev 1.

Operating Systems: Windows XP, Windows7, Microsoft Server 2003, 2008R2, Mac OS.

Microsoft Office: Word, Project, Excel, PowerPoint, Visio, InfoPath, Outlook, SharePoint.

Requirements Management: SharePoint, MKS-PTC, Google Drive, JIRA, ALM

PROFESSIONAL EXPERIENCE:

Cyber Security Team Lead

Confidential

• Plan and coordinate the efforts of the Security Compliance/Assessment Team to uncover weaknesses in the client's systems, and submit the associated reports i.e. Security Requirements Traceability Matrix (SRTM), Security Assessment Reports (SAR), Risk Assessment Reports (RAR) in a timely manner.
• Plan and lead the efforts of the Plan of Action & Milestone (POA&M) Teams to remediate vulnerabilities uncovered for low and moderate impact systems.
• Plan and lead the efforts of the Authorization to Operate (ATO) Team to document, validate, prepare and submit the ATO artifacts in order to ensure that the client passes the Department of Homeland Security (DHS) Audits.
• Lead Security Governance activities by researching, reviewing and updating security policies based on the directives from the client's leadership.
• Lead Security Governance activities by developing plans to address common controls discrepancies related to existing Risk Based Decisions (RBDs) with regards to vulnerabilities.
• Review and update the clients Information System Contingency Plan (ISCP) and Disaster Recovery Plan (DRP) based on the NIST SP 800 - 34 Guidance.
• Lead teams to work onsite with client's technical team and leadership to ensure recommendations are maximized.
• Document security requirements for the client, provide validation support to the cyber security engineers to ensure that requirements and security controls are correctly and adequately implemented.
• Organize and facilitate various technical and non-technical meetings with the client's leadership on topics relating to statement of work, deliverables, project schedules and statuses.
• Provided career guidance and training to new hires as well as junior team members at various intervals to ensure they are seasoned and properly skilled to complete tasks independently.
• As the Scrum Master of the Cyber Security Team, responsible for organizing and facilitating the scrum ceremonies (Sprint Planning, Daily Scum, Sprint Review, and Sprint Retrospective) and coordinating the senior management to remove project impediments .

IT Systems Technical Specialist

Confidential

• Developed, evaluated and implemented information security governance processes, including policies, standards, procedures and risk management practices.
• Performed user logon management on major applications in order to prevent unauthorized access.
• Advised the Licensing Division and System Owners in the security of their IT infrastructure based on the guidelines of the Organization’s IT Security Directives and NIST Special Publication 800-53 Rev 4 Standards.
• Reviewed and updated IT security policies, procedures, standards, and guidelines according to department requirements.
• Served as a key resource in promoting the agency's security policies and ensuring they are followed.
• Performed continuous re-evaluation of quality and effectiveness of policies, procedures, handbooks, manuals, processes and standards.
• Monitored security websites, blogs, articles, and reports to remain up to date on the latest security risks, threats, and technology trends to in corporate information into processes, procedures, and communication activities.
• Disseminated updates on relevant policy and publications to the appropriate audience.
• Responsible for the Security Awareness and training of the Licensing Division personnel.
• Developed project artifacts like business cases, proposals, stakeholder registers, project charter, kick-off meeting agendas, team contracts, work breakdown structures and implementation plans.
• Assessed projects issues and recommended resolutions to achieve high level of productivity, quality and stakeholder’s satisfaction.
• Created and monitored and controlled Change Requests (CR).
• Functioned as the Primary liaison between the business line, operations, and the technical areas.

IT Analyst

Confidential

• Categorized information systems and developed System Security Plan (SSP) based on NIST SP 800-60 and NIST SP 800-18.
• Selected and tailored Security Controls for Information Systems based on control baselines and high water mark using NIST SP 800-53 rev 4.
• Updated SSP with the Information System officer when necessary.
• Documented Control findings and status from risk assessment and recommended solutions with detailed action plans in Security Testing and Evaluation (ST&E) worksheet.
• Developed Plan of Action and Milestone (POA&M) to ensure that adequate controls are implemented.
• Created Security authorization package (SSP, SAP, SAR and POA&M).
• Performed continuous monitoring on Information systems using NIST SP 800-137.
• Conducted Vulnerability assessment and validated remediated vulnerabilities.
• Prepared weekly reports of time driven events, findings and vulnerabilities to management.
• Organized and coordinated security awareness and training programs for staff, faculty and students of the school.
• Provided technical support for hardware/software configurations and applications. Provided support for network devices (Printers, servers, Copiers, workstations).
• Installed and configured IT equipment as well as Networking devices on the campus. Troubleshoot and resolved Connectivity problems.
• Maintained a central source of information enabling Help Desk technicians to recover outages with minimal disruption to expected service levels.
• Performed network administration functions, set up network user accounts/permissions, reset passwords, and administer group policies.
• Monitored the problem management database (Heat Ticketing System) and followed up with assigned technicians to ensure timely resolution of problems.
• Contributed to departmental productivity and development objectives by organizing and coordinating IT training programs for the student technicians.

Business/Systems Analyst

Confidential

Responsibilities:

• Conducted Security Risk Assessment on all new applications, IT Systems or changes to existing IT systems to verify that they satisfy established security baseline before adoption.
• Coordinated and managed team activities during security assessment engagements.
• Assisted in the identification of potential security exposures that existed on business applications Proactively escalated potential or existing threats to Information Security Management and contributed to the development of risk mitigation strategies.
• Assisted in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security control procedures, and security auditing procedures).
• Assisted with development and communication of information protection guidelines and requirements.
• Provided managerial assistance by supervising project team, managed project budgets, and presented project updates to the projects sponsors. Co-ordinate trainings for successful transition to new systems.
• Assisted the Senior Project Manager in the development of project artifacts like business cases, stakeholder registers, project charter, kick-off meeting agendas, team contracts, work breakdown structures and implementation plans.
• Monitored, identified and promptly escalated projects risks and concerns to the senior Project Manager.
• Conducted Gap Analysis in order to arrive at clearly defined business needs, and facilitated Joint Applications Development sessions among stakeholders.
• Critically evaluated information gathered from multiple sources, reconciled conflicts, decomposed high-level information into details.

Jr. Project Analyst

Confidential

• Attended meetings with Project Managers, Senior Analysts, documented meeting notes and followed up on action items.
• Assisted in requirements elicitation activities as well as in the documentation of elicitation results.
• Published project proposals, presentation slides and requirements packages on desktop computers, using Microsoft Office Suite.
• Organized, printed and stored project documents as well as organizational process assets.
• Scheduled project meetings and other requirements gathering events.
• Acted as the face of Confidential at the Nigerian Air Force Barracks.