Profiles search

Abdul Rahman Anifowoshe

Information Security Analyst | GRC | Vulnerability Management | Third Party Risk Management
Newark, NJ, United States

Details

Education: Bachelor's degree

Computer Science with Accounting

AL Hikmah university
Experience: • Conducted analysis and updated the System Security Plan (SSP), Risk Assessment for various information systems.

• Ensured ongoing compliance with regulatory requirements and IT policy, by delivering relevant documents and reports.

• Conduct vulnerability scans using Tenable Nessus and Qualys on a regular basis to identify vulnerabilities in the network and systems.

• Provide coordination, and execution of system patching and vulnerability management using InsightVm Rapid7

• Collate report on vulnerability Analysis by prioritizing their risk levels and facilitate with the IT team to remediate them in a timely manner.

• Participate in the Effective transformation of traditional Security Assessment and Authorization programs into a six-step life cycle process consisting, Categorization of information systems, Selection of security controls, Implementation systems, Monitoring of security controls.

• Documented control weaknesses and testing results relating to controls in relevant templates and presented them to senior management for review.

• Facilitated clear and fundamental awareness training to new and existing employees on information security best practices.

• Review and monitor the company's SIEM (Splunk) to help in remediating and resolving incident

• Assisted in Developing and implementing best security standards and provided resources on the latest information security trends

• Collaborate with the security operations team to ensure that security logs are properly analyzed, and potential security incidents are identified and mitigated using (SIEM)

2021 : Present

Top Group Technologies

Information Security Analyst

• Conduct comprehensive vendor assessments to identify and mitigate security risks, including security controls, policies, and procedures.

• Conduct applicable due diligence and contract reviews to onboard new vendors into the vendor management system and set appropriate review requirements based on the vendor risk rating and program guidelines.

• Perform and evaluate vendor risk assessments to determine specific security and compliance requirements.

• Maintain collaborative relationships with internal vendor relationship managers to ensure and promote effective communication, vendor performance, service delivery, and ongoing relationships.

• Review and analyze all relevant third-party documentation received, perform required financial and regulatory checks

• Review policies, procedures, standards, and guidelines in accordance with applicable regulations, such as ISO 27001, PCI-DSS, and SOC 2.

• Schedule, coordinate and review the end-to-end assessment process for new and existing third-parties.

• Assisted in Creation and improvement of a framework for information security based on the NIST Cybersecurity Framework (CSF) and TPRM

2019 : 2021

Allied Universal

Third Party Risk Analyst

• Diagnose and troubleshoot Windows processing problems and apply solutions to increase company efficiency.

• Used remote access to perform troubleshooting when needed. Install and configure routers and modems.

• Walk customers through a step-by-step process for troubleshooting hardware issues.

• Assist customers with anti-virus program installations and virus removals.

• Install and maintain the company's computer systems and network. Perform upgrades and installed updates.

• Provided assistance with printer and copier software installation and hardware troubleshooting.

Skills : Network Administration · Computer Network Operations · Interpersonal Communication · Service Desk · Server Administration · Critical thinking · Troubleshooting

2015 : 2019

Diamond Bank Plc

IT Support Specialist
Company: Top Group Technologies
Years of Experience: 9

Skills

Analytical Skills, Collaborative Problem Solving, Communication, Compliance Management, Creative Problem Solving, Critical Thinking, Cybersecurity, Due Diligence, Governance, Risk Management, and Compliance (GRC), Information Security Management System (ISMS), Information Technology, Interpersonal Communication, Interpersonal Skills, Leadership, NIST, Regulatory Compliance, Risk Compliance, Subject Matter Experts, Teamwork, Third-Party Vendor Management, Time Management, Vendor Management, Vulnerability, Vulnerability Management

About

Information Security Analyst with years of experience in developing and implementing effective security policies, procedures, and controls to protect organizations from cyber threats. Proven ability to work collaboratively with cross-functional teams to ensure compliance with various security frameworks such as NIST and ISO 27001.



Technical Skills & Tools

Assessment and Authorization (A&A) | NIST 800 Series | Plan of Actions and Milestone (POAM) | System Security Plan (SSP) | System Assessment Report (SAR) | Risk Analysis | Risk Assessment | Contingency Planning | Wireshark | Nmap | Implementing security controls | Nessus Software | SIEM Monitoring | JIRA | Vulnerability assessment





💻 GRC Tools and Microsoft Tools:

Microsoft 365 | Excel | Power Point | Teams | Nessus | Wireshark | GRC Archer | Rapid7

| Nmap | SharePoint | ServiceNow