Eboh Ajeroh, CISSP
Details
2010 : 2010
Basic Communications Officer Course, United States Marine Corps
2002 : 2002
Bachelor of Science
Computer Science
North Carolina State University
1997 : 2001
-Cloud Security oversight
-Risk Assessment / Management
2019 : Present
LMI
Sr Cybersecurity Consultant at LMI
Description : Ensure assigned Systems/Enclaves/Networks meet required metrics to maintain audit/inspection readiness. Provide guidance and support to organization's ISSM and ISSOs to ensure client systems maintain Authority to Operate (ATO) with a security posture in accordance with ICD 503. Establish and maintain comprehensive processes for assessment of cybersecurity posture, evaluation, and recommendation of measures to achieve continual improvement of cyber readiness. Track compliance and completion of CTOs, FRAGOs, TASKORDs, and STIGs. Support reporting functions. Support Information System Security Engineering efforts. Utilize XACTA in managing cybersecurity risks and compliance.
2018 : 2019
DISYS
Cybersecurity Consultant
Description : Design Cyber Security strategies that address the vision, mission, and goals of senior Marine Corps Logistics Command (MARCORLOGCOM) leaders and organization. Assess organizational progress against existing security strategies, plans, or directives. Work with groups and utilize influence to bring them together to meet organizational goals. Coordinate with staff management to ensure compliance with all applicable requirements for engineering projects. Conduct security assessments of customer applications; validate security related findings. Perform in the Information Systems Security Officer (ISSO) role to ensure MARCORLOGCOM major applications obtain Authorization to Operate (ATO) certifications. Perform A&A package development utilizing the Marine Corps Certification and Accreditation Support Tool (MCCAST) web-based tool. Manage the continuous monitoring strategy implementation for major applications. Monitor, evaluate, and maintain systems and procedures to protect them from unauthorized users.
Outcomes, Accomplishments and Benefits : Authored security architecture design documentation, system security plan, security controls plans and standard operating procedures. Developed MARCORLOGCOM Data Center’s Vulnerability Management SOP. Lead the security assessment effort for multiple major applications hosted on MARCORLOGCOM Data Center. Prepared five A&A packages for major applications. Performed self-assessment of major applications and provided reports.
The Vulnerability Management Plan resulted in 95% reduction of critical and high vulnerabilities, and a proper documentation and reporting of Plan of Action and Milestones (POA&M). Implemented a continuous monitoring strategy that proved instrumental in the successful completion of a Federal Information System Controls Audit, and also streamlined the POA&M update process in MCCAST.
2017 : 2018
MetroStar Systems
Principal Cybersecurity Engineer
Description : Responsible for working with NIH Information Technology Acquisition and Assessment Center (NITAAC) customer and solutions teams for modernizing and migrating a major application to Amazon Web Services and developing security documentation required to successfully obtain authority to operate in a FedRAMP authorized Infrastructure as a Service (IaaS) environment. Analyzed the results of vulnerability scans and managed the implementation of mitigation and remediation.
Outcomes, Accomplishments and Benefits : Authored security architecture design documentation, security controls plans and standard operating procedures. Worked with development team in designing and implementing the System Security Plan (SSP). Consulted and engineered the design of security best practices and implementation of solid security principles, in order to meet business goals along with customer and regulatory requirements. Introduced use of security metrics to mitigate vulnerability by analyzing historical threats, addressing risks/gaps and implementing improved protocols.
Integrated technologies in a cloud environment, such as Tenable Nessus and Evident.io, that met business goals and also met agency regulatory requirements for continuous monitoring.
2016 : 2017
MetroStar Systems
Principal Cybersecurity Engineer
Description : Manage Risk Management Framework processes and experience using the Enterprise Mission Assurance Support Services (eMASS). Review DoD Cyber Security policies and procedures. Review Assured Compliance Assessment Solution (ACAS) scan data. Review and mitigate Information Assurance Vulnerabilities. Coordinate the update and validation of network security control artifacts for compliance.
Outcomes, Accomplishments and Benefits : Developed DMA’s vulnerability assessment process. Established secure baseline procedures for DMA’s servers and host machines. Prepared DMA Information System authorization packages, including System Security Plan, utilizing Enterprise Mission Assurance Support Service (eMASS). Managed systems authorization Plan of Action and Milestones (POA&M) process
Increased efficiency in vulnerability management process, which reduced the amount of existing Critical and High vulnerabilities by 98% within three months. Implemented a continuous monitoring strategy that established a process for patching vulnerabilities regularly, in accordance with US Cyber Command requirements.
2014 : 2015
MetroStar Systems
Sr Cybersecurity Engineer
Skills
Active DoD Secret Clearance, Analysis, C4ISR, Command, CompTIA Security+, Computer Security, COMSEC, Contingency Planning, Cyber-security, Defense, DIACAP, DoD, Government, Government Contracting, Information Assurance, Information Security, Information Security Management, Information Technology, Integration, Leadership, Management, Military, Military Experience, Military Operations, Military Training, National Security, Navy, Networking, Network Security, Operational Planning, Organizational Leadership, Policy, Program Management, Project Coordination, Project Management, Proposal Writing, Security, Security+, Security Clearance, Servers, Systems Engineering, Team Leadership, Top Secret, Training, Troubleshooting, Vulnerability Assessment
About
Senior Cybersecurity professional with 20+ years of experience in the DoD and Federal IT workspace, solving challenging technical problems, developing strategy, policies, plans and procedures. Understanding of information security policies, standards, industry best practices, and frameworks (DIACAP, DoD and NIST Risk Management Framework, FISMA, NIST Special Publications 800 Series, ISO 27001, FedRAMP, etc). Ability in developing, implementing and managing strategic, technical and operational information security plans that are aligned with mission objectives. Recognized subject matter expert in Cybersecurity technologies and architecture, network security, AWS and Azure Cloud Security Implementation, and Secure DevOps. US Marine Corps Veteran, proven leader with demonstrated ability to work effectively with individuals and groups at all levels and in all functional areas.
Profile Photo
