Uploaded File
add photo
Anthony
aakwakye4@gmail.com
972-878-7773
1109. Iron Horse Drive
Fort Worth, TX 76131
Information Assurance Officer
4 years experience W2
0
Recommendations
Average rating
10
Profile views
Summary

  • Review the System Security Plan (SSP) using NIST SP 800-18 as a guide
  • Participated in FIPS 199 process in which Security Categorization takes place, and selecting the Technical, Operational and Managerial Controls using NIST SP 800-60 guidelines.
  • Reviewing and developing of E-Authorization document using NIST 800-37 as a guide.
  • Ability to develop POA&M (Plan of Action & Milestones) document to take corrective actions resulting from ST&E (System Test & Evaluation).
  • Reviewing and developing Risk Assessment (RA) using NIST SP 800-30 guidelines.
  • Understanding in IT Security Compliance work, including demonstrated experience documenting/reviewing policy, Plan and Procedures and IT Security artifacts in accordance with NIST.
  • Professional knowledge in providing support and guidance to System Owner's through the NIST Risk Management Framework & Systems Assessment and Authorization processes.
  • Developing SAP, Security Categorization using 800-61/FIPS 199, selecting of security controls using 800-53/FIP 200.
  • Progressively experience in pen testing and working with industry tools such as Nessus, nmap etc.
  • Perform Information Security Analyst responsibilities.
  • Assist in drafting "Authorization to Operate" (ATO) packages for new and existing systems
  • Experience Penetration testing and technical Assessment as defined NIST sp 800-53A
  • Fundamental understanding of security technologies such as SIEM, IDS/IPS, Web filters, two factor authentication, web application firewalls

Experience
Information Assurance Officer
May 2017 - May 2017
  • Responsible for implementing and enforcing an Information Assurance (IA) program at the organization.
  • Ensured all systems and applications are certified and accredited and that RMF packages were processed, reported and coordinated in a timely fashion with the organization.
  • Assisted subordinate IAMs to create RMF artifacts and Plans of Actions and Milestones (POA&Ms).
  • Developed and reviewed artifacts such as eAuthentication, PTA, PIA, CM Plan, CP Plan, SAR, POA&M, SSP
  • Ensured POA&M mitigations and timelines were adhered to and documented any changes that occurred.
  • Reviewed status of Information Systems for modifications and assessed the impact to current system accreditation.
  • Develop kickoff meeting slides and emails
  • Validated system requirements, security policies and procedures, contingency plans, incident response plans, personnel security, access control mechanisms and identification and authentication mechanisms.
  • Performed technical assessments to ensure the system or application proposed for accreditation or connection met the classification and sensitivity levels of the systems and applicable policies, regulations, and standards.
  • Ensured the implemented security safeguards were adequate to assure the integrity, availability, and confidentiality of the information being processed, transmitted, or stored consistent with the level of sensitivity of that information.
  • Ensured system POA&M mitigations and timelines were adhered to and documented all changes that occurred.
  • Responsible for 4 accredited systems and ensuring that system security postures are maintained.
  • Analyze and verify information obtained from IT and Security areas for risk reporting and other purposes. Create metrics based on this information for management reporting.
  • Participate in the Security Product team meetings, Patching and Vulnerability Management meetings, Cyber Security Working Group meetings, and other meetings as appropriate
No skills were added
Remove Skill
Edit Skills
Non-cloudteam Skill
Education
Computer Science/ Engineering
not provided 2007
Certifications
CompTIA Security+
Skills