Cynthia O.
Details
Information Technology Management
Grand Canyon University
2020 : 2021
Bachelor's degree
Sociology and Anthropology
University of Buea
2010 : 2013
Top Group Technologies, LLC, LARGO
• Designed and implemented information security requirements for IT Systems through System Life Cycle from requirement definition phased through disposition.
• Assisted in conducting the Risk Management Framework using NIST SP 800-37 as a guide to identify and mitigate potential risk, and to ensure the right security controls are put in place as requirement for the A&A Process.
• Documented and Reviewed security plans (SP), contingency plans (CP), contingency plan tests (CPT), and privacy impact assessments (PIA), per NIST 800 guidelines for our corporation.
• Reviewed and tracked open and closed POA&M documents to ensure the task involved was completed on time.
• Conducted Risk assessments & management periodically using NIST SP 800-30&39 as a guide to identify threats and vulnerabilities, and to mitigate their impacts
• Analyzed the results of risk assessments and implemented appropriate security countermeasures.
• Performed Vulnerability scans using the tool Nessus, and Nmap to check for open/unused ports that could make our systems vulnerable.
• Assisted and maintained the Corporation's ISO 27001 certification as well as GDPR regulatory and compliance needs.
• Maintained the ISMS document processes and policies, controlled their enforcement and performance.
• Assisted in implementation of SANS 20 Critical Security Controls to prevent known threats.
2020 : Present
Top Group Technologies
Information Security Analyst
• Developed, updated, and implemented security policies, standards, and procedures for the organization in compliance with TPRM, PCI DSS, ISO Frameworks.
• Conducted security assessments, audits, and risk analyses to identify vulnerabilities and recommend appropriate security controls to mitigate risks.
• Coordinated with cross-functional teams to ensure compliance with various security frameworks, including PCI DSS, ISO, and NIST.
• Collaborated with IT and security teams to develop and implement security awareness and training programs for employees.
• Monitored security-related events and incidents, investigated and resolved security violations, and developed mitigation plans.
• Conducted security research to stay up-to-date with emerging threats, vulnerabilities, and security technologies.
• Developed and maintained effective working relationships with key stakeholders and regulatory bodies.
2018 : 2020
Capital One
Third Party Risk Analyst
Worked with SQL developers to optimize the SQL queries and stored procedures.
• Implemented switchovers on primary and standby databases as a part of planned maintenance activities.
• Implemented table partitioning, Rebuilding Indexes, tuning SQL using SQL Trace, TKPROF, Explain Plan, ASM, AWR, ADDM, SQL* Plus, PL/SQL, SQL*
• Upgraded the RAC and standalone databases from 11g to 19c. as part of performance improvement by
• utilizing the new features.
• Participates on project teams as database administration support to ensure that databases are appropriately modified to support new business applications and requirements.
• Supporting databases for production, development, test, and staging purposes on, Linux/Unix, Windows, AIX, environments.
• Able to fix gap Resolution in Data guard environment.
• Implemented switchovers on primary and standby databases as a part of planned maintenance activities.
• Ensured that oracle database systems operate securely and efficiently.
• Managing databases from planning and testing stages through implementation and support.
• Performed day to day activities like resolving Tickets for multiple environments, provided Development Support, coordination with development for Application Tuning 24 X 7 Production & Development database support and administration.
• Documented the Standard Processes for peers to follow.
2016 : 2018
Verizon
Oracle Database Administrator
Skills
Citrix Products, Cloud Security, Database Management System (DBMS), Database Security, Data Guard, GoldenGate, ISO Standards, IT Audit, NIST, Oracle RAC, OS X, Payment Card Industry Data Security Standard (PCI DSS), Penetration Testing, PTA, Risk Assessment, Risk Management, sans, Security Operations, Third Party Risk Management (TPRM), Visio, Vulnerability Management
About
💻 🔐 Solution-focused and dedicated Information Security | Third Party Risk | Vulnerability Management with Database Administration background and years of experience in developing and implementing effective security policies, procedures, and controls to protect organizations from cyber threats. Proven ability to work collaboratively with cross-functional teams to ensure compliance with various security frameworks such as HIPAA, PCI-DSS, TPRM, ISO 27001, SOX, SOC. Skilled in conducting security assessments, risk analyses, and audits to identify vulnerabilities and recommend appropriate controls using National Institutes of Standards and Technology (NIST) Special Publications 800 series.
💻 🔐 Technical Expertise:
Cybersecurity Analysis| Information Security | Federal & State Legal Security Policies | Security Compliance | Security Testing Security Planning| Risk Control & Mitigation | Security Authorization Packages | IT Security | Network Security Network Vulnerability Scanning | Data Security | Cloud Security | Data Encryption | Penetration Testing Incident Response Intrusion Detection Malware Analysis | Risk Analysis | Risk Assessments | Risk Management | Security Breaches | Security Life Cycle Systems Development Life Cycle Threat Vulnerability Assessments | Threat Reports Contingency Planning | Technical Project Management Program Management | Systems Security
💻 Technical Skills:
Microsoft 365 | Excel | Power Point | Teams | Amazon Web Services | Nessus | Wireshark | App Scan
Tenable | Neap | Nmap | Allen Vault | Snort | Web Inspect | Metasploit | SharePoint
Profile Photo
