Hello!
My Name is
Asoro Aizeyosabo

Skilled Information Security Analyst, knowledgeable in risk management framework (RMF), systems development life cycle (SDLC), security life cycle, and vulnerabilities management using FISMA, FedRAMP, HIPAA, and applicable NIST standards. Organized, Solutions-focused, deadline-focused, team oriented, work well independently, or in team providing all facets of computer supports with in-depth knowledge and understanding of numerous software packages and operating systems. A proven project and team lead with aptitude for good customer service, leadership, excellent communication (both oral and written), and presentation skills. Specialized in providing IT security expertise and guidance in support of security assessments and continues monitoring for government and commercial clients.

My

SKILLS

Tenable Nessus Vulnerability Scan

Tenable Nessus Vulnerability Scan is a comprehensive security tool for identifying and assessing vulnerabilities across networks, providing actionable insights for risk mitigation.

Web Designer 100%

MS office suite (Visio, Excel, Word, PowerPoint)

Microsoft Office suite includes Visio for diagrams, Excel for spreadsheets, Word for documents, and PowerPoint for presentations, facilitating diverse productivity needs.

Web Designer 95%

GRC Tool: CSAM, eMASS, CSET, and more

CSAM, eMASS, and CSET are Governance, Risk, and Compliance (GRC) tools used for managing cybersecurity frameworks, risk assessments, and compliance requirements.

Web Designer 95%

Splunk SIEM/Tripwire/ ServiceNow/Remedy

Splunk SIEM collects and analyzes data for security insights. Tripwire monitors and detects changes in files and systems. ServiceNow and Remedy are IT service management platforms.

Web Designer 95%

AD, SQL, Linux, Python, Arduino, Debugging

AD: Advertising; SQL: Database querying language; Linux: Open-source operating system; Python: Versatile programming language; Arduino: Microcontroller platform; Debugging: Identifying and fixing errors in software or hardware.

Web Designer 95%

AWS services such as EC2, S3, RDS, VPC, Lambda, IAM, and CloudFormation.

EC2: Virtual servers. S3: Scalable storage. RDS: Managed databases. VPC: Isolated networks. Lambda: Serverless compute. IAM: Access control. CloudFormation: Infrastructure as code.

Web Designer 95%

Plan of Actions & Milestones (POA&M)

A Plan of Actions & Milestones (POA&M) outlines tasks, timelines, and responsibilities to achieve goals, ensuring accountability and progress tracking.

Web Designer 95%

Risk Mitigation

Risk mitigation involves identifying, assessing, and reducing potential risks to minimize their impact on objectives or projects, enhancing resilience and sustainability.

Web Designer 95%

HIPAA compliance

HIPAA compliance ensures protection of individuals' medical records and personal health information, regulating their confidentiality, security, and accessibility within healthcare settings.

Web Designer 95%

Project Management

Project management involves planning, organizing, executing, and controlling resources to achieve specific goals within constraints like time, budget, and scope effectively.

Web Designer 95%

Incident Reponses & Tracking

Incident Response & Tracking involves swiftly addressing security breaches and system failures while meticulously documenting and analyzing events for improved future prevention and mitigation strategies.

Web Designer 95%

Functional

areas of expertise

Assessment and Authorization (A&A)

– A&A ensures compliance, security, and risk mitigation.
– It evaluates system readiness through thorough assessment processes.
– Authorization grants system access based on assessment results.

IT Security Compliance

– Ensures adherence to industry regulations and legal requirements.
– Mitigates risks of data breaches and cyber threats.
– Safeguards sensitive information and preserves business continuity.

Vulnerability Assessment

– Identifies weaknesses in systems, networks, and applications.
– Evaluates potential risks to information security infrastructure.
– Guides remediation efforts to enhance overall cybersecurity posture.

Vulnerability Scanning

– Identifies system weaknesses to prevent potential security breaches.
– Scans networks and applications for known vulnerabilities.
– Provides insights for patching and strengthening cybersecurity defenses.

Security Test and Evaluation (ST&E)

– ST&E validates security measures through rigorous testing protocols.
– Identifies vulnerabilities and assesses system resilience effectively.
– Ensures systems meet security standards and regulatory requirements.

Certification and Accreditation (C&A)

– Validates systems meet security and operational requirements.
– Ensures compliance with established standards and regulations.
– Grants authorization for system operation based on assessment.

Risk Assessment

– Identifies potential threats and vulnerabilities in organizational operations.
– Evaluates likelihood and potential impact of identified risks.
– Guides decision-making for implementing effective risk mitigation strategies.

Systems Development Life Cycle

– Initiation phase defines project scope, goals, and requirements.
– Development phase constructs, codes, and tests system components.
– Implementation phase deploys system and ensures user acceptance.

Technical Writing

– Technical writing communicates complex information clearly and effectively.
– It employs precise language and structured formats for clarity.
– Ensures documentation meets audience needs and project objectives.

Project Management and Support

– Coordinates tasks and resources to achieve project objectives.
– Provides guidance and assistance to project team members.
– Ensures timely delivery and adherence to project timelines.

IT SECURITY ANAYLST

Panthergon IT & Cyber Security Solutions (PITCSS), LLC, Laurel, MD

  • Facilitated and supported client’s security policies and compliance activities for vulnerability management, incident reporting, mitigation, and continuous monitoring for all clinical technologies, systems, components, networks, and applications; supported full life cycle of HIPAA compliance, and assessment & authorization (A&A) processes
  • Developed, reviewed, and updated Information Security System Policies, System Security Plans, and Security baselines in accordance with NIST, FedRAMP, FISMA, OMB App. III A-130 and industry best security practices
  • Direct experience with formatting, customizing, and providing feedback for documentation relating to Information Assurance & IT Security Vulnerability
  • Reviewed authorization documentation for completeness and accuracy for compliance
  • Facilitated Security Control Assessment (SCA) and Continuous Monitoring Activities 
  • Executed examine, interview, and test procedures in accordance with NIST SP 800-53A
  • Ensured cyber security policies are adhered to and that required controls are implemented
  • Assisted team members with proper artifact collection and provided guidance and examples of artifacts that will satisfy security control requirements during assessments
  • Updated and reviewed A&A Packages to include Core Docs, Policy & Procedures, Operations and Maintenance Artifacts, SSP, SAR, FIPS 200, FIPS 199, POA&M, CPTPR, BIA, PTA, PIA, and more
  • Collected Operation and Maintenance artifacts on an ongoing basis so that Security Control Assessment (SCA) is seamless
  • Uploaded supporting docs in the System’s Artifact Libraries, Google Docs, and CSAM
  • Updated, reviewed, and aligned SSP to the requirements in NIST 800-53; so that assessments can be done against the actual requirements and not ambiguous statements
  • Managed vulnerabilities with the aid of Nessus vulnerability Scanners to detect potential risks on a single, and multiple assets across the enterprise network
  • Reviewed SAR post assessment; created and completed POA&M’s milestones to remediate findings and vulnerabilities
  • Monitored security controls post authorization to ensure continuous compliance with the security requirements

t security engineer

Xzentia, LLC.

  • Facilitated implementation of security controls to protect hospital systems and data against unauthorized access, modification, or destruction
  • Conducted regular security controls assessments and audits to identify vulnerabilities within the hospital’s IT infrastructure
  • Coordinated with IT and administrative staff to ensure that security policies are understood and adhered to
  • Provided training and guidance to hospital staff on cybersecurity best practices
  • Prepared and maintained documentation related to security certifications and accreditations, ensuring all systems and software comply with established standards

Work History

2002-2008

Associate of Science (AS) in Computer Science

Santa Monica College, Los Angeles, CA

Education

Certifications

Other Skills & Competencies

  • Ability to establish and maintain effective working relationships with clients and co-workers.
  • Skills in interviewing users to help analyze and resolve issues.
  • Strong organizational, analytical and planning skills
  • Ability to read and interpret system security policies, rules and regulations.
  • Ability to communicate security and risk-related concepts to both non-technical and technical audiences.
  • Strong communication (verbal & written) and presentation skills.
  • In-depth knowledge of AWS security services, including AWS Identity and Access Management (IAM), AWS Key Management Service (KMS), and AWS Security Hub.

Excellent communication, leadership, and problem-solving skills.

Other Skills

Let's Talk

My

CONTACT