Uploaded File
Roselyn
roselynukwedeh@yahoo.com
843-754-2022
207 Shagbark Trail, Apt. F
Frisco, TX 75035
Senior Cyber Security Engineer
6 years experience W2
0
Recommendations
Average rating
182
Profile views
Summary

An innovative, highly proficient and detail oriented Cyber Security Engineer, with over 5 years of proven IT experience in developing and completing system authorization packages including but not limited to System Security Plan (SSP), Security Assessment Report (SAR), Contingency Plan, Privacy Threshold Analysis, Privacy Impact Analysis, and Security Assessment Plan (SAP). I have the adaptability to work as a team player or independently to progress vertically through any organization, while having the expertise to grasp technical nuances in support of management analysis and effectively communicate. Authorized to work for any employer. Willing to relocate anywhere.

  • Knowledge of NIST 800 series, ISO/IEC 27000 series, Sans 20, DoDI 8510.01& 8500.2, PCI DSS, HIPAA, SSAE 16, SOC-2, STIGs, audit and Risk Management Framework (RMF) Process.
  • Knowledge of IT security best practices and current security threats.
  • Expertise in security concepts, such as intrusion detection and prevention (IDS/IPS) systems methods to secure wireless networks, and remote access technologies using Network-based intrusion detection system (NIDS) sensors and Host-based IDS (HIDS) software.
  • Proficient in the development of A&A security packages, security plan (SP), Contingency Plans, Disaster Recovery Plans, Incidence Response plan, configuration management and documents in accordance with NIST Information Assurance Control Compliance Checks.
  • Proficient with common security Tools, Multi-Factor Authentication, encryption, PKI, SIEM, Web application Firewalls and network devices.
  • Working knowledge of Plan of Action and Milestones (POA&M) management, vulnerability scanning and penetration testing.
  • Good working knowledge of active directory; TCP/IP networking protocols, ports and advanced troubleshooting.
  • Working knowledge of Network Infrastructures, Web Applications, Oracle Databases, Application Servers, Windows, Unix/Linux and mainframe platforms.
  • Excellent analytical, problem solving skills, and good working/interpersonal relationships with customers, colleagues, and other stakeholders.
  • Excellent written and verbal communication skills.
  • Ability to analyze complex problems and develop new solutions using logical thinking skills and analytical problem solving skills.
  • Ability to handle and prioritize multiple simultaneous systems, projects, and other assignments.
  • Ability to multi-task, work under pressure and meet multiple deadlines and milestones as required.

Experience
Senior Cyber Security Engineer
Information Technology
Sep 2014 - Jan 2017
  • Risk Management Framework (RMF) assessments and Continuous Monitoring: Perform RMF assessment on several different environments, using both scanning tools and manual assessment. Assessments include: initiating meetings with various System Owners and Information System Security Officers (ISSO), providing guidance of evidence needed for security controls, and documenting findings of assessment.
  • Security Documentation: Perform updates to System Security Plans (SSP), Risk Assessments, and Incident Response Plans while creating Change Control procedures and draft Plans of Action and Milestones (POAMs). Provide continuous gap analysis of current policies, procedures and practices in relation to established guidelines outlined by FISMA, OMB and NIST.
  • POAM Remediation: Perform evaluation of policies, procedures, security scan results, and system settings in order to address controls that were deemed insufficient during Certification and Accreditation (C&A), RMF, continuous monitoring, and FISCAM audits.
  • Develop Solution to Security Weaknesses: Develop solutions to security weaknesses while working on POAM remediation and Corrective Action Plan (CAP). Assist ISSOs create solutions to weaknesses based on system functionality and pre-existing architecture.
  • Communications between multiple clients: Act as the single point of contact for clients in regards to POAM remediation and HHS for CAP remediation. Handle internal communications within Office of Information Security and external communications with several different divisions. Maintain excellent working relationships with both internal and external customers using efficient communication skills.
  • Develop, update and review Security Assessment and Authorization (A&A) documentation such as Security Plans, Contingency Plans, Risk Assessment, SAR and Contingency Plan Tests in compliance with NIST 800 SP Series.
Auditing Compliance Cyber Security FISMA Gap Analysis Information Security NIST Risk Assessment Risk Management Security Engineer
Remove Skill
Cyber Security Analyst
Information Technology
Sep 2012 - Sep 2014
  • Communicated directly with management on appropriate FIPS 199 impact level designations and identified appropriate security controls based on characterization of the general support system or major applications.
  • Oversaw the preparation of a Comprehensive and Executive Certification & Accreditation (C&A) packages for approval of an Authorization to Operate (ATO).
  • Developed and maintained Plan of Action and Milestones POAMs of all accepted risks upon completion of system C&A.
  • Provided audit briefings to agency and Information Systems Security Officer's (ISSO), to assist in the preparation of independent audit assessments with the agency's goal of improving their operational effectiveness and ensuring that all findings are documented as POAM within their Trusted Agent FISMA (TAF) tool.
  • Performed Vulnerability Assessment: Ensured that risks were assessed, evaluated and proper actions taken to limit their impact on the Information and Information Systems. Assisted in conducting Network and Application Vulnerability Assessment (NVA), using Nmap, Nessus, Splunk, AppDetective etc.
  • Monitored and analyzed Intrusion Detection Systems (IDS) and IPS to identify security issues for remediation.
Vulnerability Assessments Splunk Security Analyst FISMA Cyber Security Auditing IPS
Remove Skill
Information Assurance Security Engineer
Information Technology
Apr 2011 - Aug 2012
  • Developed security policies, procedures, and security certification & accreditation (C&A) packages for a variety of commercial and government activities worldwide.
  • Tested all mitigations for the vulnerability, and upon applying the mitigation to the system, report compliance in the Vulnerability Management System (VMS).
  • Ensured that data, which contains protected health information (PHI), is continuously protected from unauthorized access, use, modification, or disclosure.
Vulnerability Managment Security Engineer Compliance
Remove Skill
Edit Skills
Non-cloudteam Skill
Education
Petroleum Engineering
Robert Gordon University 2012
Chemical Engineering
Federal University of Technology 2008
Minor: Minna
Certifications
security plan SP
IT Infrastructure Library certification (ITIL) -
Skills
Auditing
2017
4
Cyber Security
2017
4
FISMA
2017
4
Compliance
2017
3
Security Engineer
2017
3
Gap Analysis
2017
2
Information Security
2017
2
IPS
2014
2
NIST
2017
2
Risk Assessment
2017
2
Risk Management
2017
2
Security Analyst
2014
2
Splunk
2014
2
Vulnerability Assessments
2014
2
Vulnerability Managment
2012
1
Analysis
0
1
Configuration Management
0
1
Disaster Recovery
0
1
Firewall
0
1
HIPAA
0
1
IDS
0
1
Linux
0
1
MS Active Directory
0
1
Network Infrastructure
0
1
Oracle
0
1
PCI
0
1
Penetration Testing
0
1
Project Management
0
1
SIEM
0
1
TCP/IP
0
1
UNIX
0
1
Windows
0
1
Wireless Networks
0
1