Profiles search
George Lunden
Information Security Analyst at Mildeeng Systems
South Laurel, MD, United States
Details
Education:
Bachelor of Science - BS
Computer Science
University of Ghana
2010 : 2014
Computer Science
University of Ghana
2010 : 2014
Experience:
• Reviewed, maintained, and ensured all assessment and authorization (A&A) documentation is included in the system security package. Performed information security risk assessments and assist with the internal auditing of information security processes
• IT security policy and procedure development, update and review and response to audit request or audit support/coordination.
• Work effectively with other team members to complete required tasks.
• Performing security assessments and providing consulting support to assist clients in meeting FISMA and FedRAMP requirements. The ideal candidate will have a firm understanding of how to apply the principles of Information Security in a variety of circumstances and expertise translating the NIST 800-53 guidelines into common technical implementations.
• Develop Security Authorization Packages that are compliant with FISMA/FedRAMP requirements. Package components include : System Security Plans, Contingency Plans, Configuration Management Plans, Incident Response Plans, Privacy Impact Assessments, and Plan of Action and Milestones (POA&M)
• Assist in the review and analysis of Security Authorization Packages for completeness and compliance with FISMA/FedRAMP requirements
2017 : Present
Mildeeng Systems
Information Security Analyst
• Conduct comprehensive assessment of the management, operational, technical and privacy security employed within or inherited by an Information System to determine the overall effectiveness of the control.
• Provide assessment of the severity of weakness or deficiencies discovered in the Information System and its environment of operation and recommend corrective actions to address identified vulnerabilities.
• Assess security and privacy controls using the NIST SP 800-53A Rev4 publication guideline.
• Advice the Agency on any assessment and authorization issues.
• Review security policy documents and make recommendations on documentation compliant.
• Review and approve the SSP
• Prepare final Security Assessment Report (SAR) containing the results and findings from the assessment.
• Review the Plan of Action and Milestone (POA&M) with identified weaknesses, timelines, milestones and point of contacts for each IS based on findings and recommendations from the SAR
• Monitor all information Assurance policies and enforce compliance to all network security policies
• Identified new business opportunity, developed relationships with client's leadership
2016 : 2017
Fusion INC
Information Technology Security Analyst
• Drive large scale transformation projects across the enterprise, including process transformations and organization change initiatives, supporting Maximus' refreshed strategy.
• Facilitate the Business Technology Steering Committee, partnering with executives and technology leadership to govern the technology portfolio requiring capital investments.
• Partner with stakeholders and diverse cross-functional teams to prioritize and integrate process enhancements to achieve sustainable business outcomes.
• Maintain/Create process SOP, data flow diagram and other program specific documentation.
• Review control evidence for adherence to accuracy, completeness, and precision of control execution.
• Provide technical support in the assessment, design & implementation of IT requirement.
• Validate & update documentation as needed to ensure scope, testing & remediation activities are accurate.
• Review test findings, facilitate the remediation of control gaps, and escalate possible critical issues to Senior management within IT.
• Support the review of IT tools, control designs and control remediation planning effort.
• Collaborate & build long term relationship with key stakeholders in a fast paced & matrixed work environment.
2015 : 2016
Tobin Transport
Security Analyst
• IT security policy and procedure development, update and review and response to audit request or audit support/coordination.
• Work effectively with other team members to complete required tasks.
• Performing security assessments and providing consulting support to assist clients in meeting FISMA and FedRAMP requirements. The ideal candidate will have a firm understanding of how to apply the principles of Information Security in a variety of circumstances and expertise translating the NIST 800-53 guidelines into common technical implementations.
• Develop Security Authorization Packages that are compliant with FISMA/FedRAMP requirements. Package components include : System Security Plans, Contingency Plans, Configuration Management Plans, Incident Response Plans, Privacy Impact Assessments, and Plan of Action and Milestones (POA&M)
• Assist in the review and analysis of Security Authorization Packages for completeness and compliance with FISMA/FedRAMP requirements
2017 : Present
Mildeeng Systems
Information Security Analyst
• Conduct comprehensive assessment of the management, operational, technical and privacy security employed within or inherited by an Information System to determine the overall effectiveness of the control.
• Provide assessment of the severity of weakness or deficiencies discovered in the Information System and its environment of operation and recommend corrective actions to address identified vulnerabilities.
• Assess security and privacy controls using the NIST SP 800-53A Rev4 publication guideline.
• Advice the Agency on any assessment and authorization issues.
• Review security policy documents and make recommendations on documentation compliant.
• Review and approve the SSP
• Prepare final Security Assessment Report (SAR) containing the results and findings from the assessment.
• Review the Plan of Action and Milestone (POA&M) with identified weaknesses, timelines, milestones and point of contacts for each IS based on findings and recommendations from the SAR
• Monitor all information Assurance policies and enforce compliance to all network security policies
• Identified new business opportunity, developed relationships with client's leadership
2016 : 2017
Fusion INC
Information Technology Security Analyst
• Drive large scale transformation projects across the enterprise, including process transformations and organization change initiatives, supporting Maximus' refreshed strategy.
• Facilitate the Business Technology Steering Committee, partnering with executives and technology leadership to govern the technology portfolio requiring capital investments.
• Partner with stakeholders and diverse cross-functional teams to prioritize and integrate process enhancements to achieve sustainable business outcomes.
• Maintain/Create process SOP, data flow diagram and other program specific documentation.
• Review control evidence for adherence to accuracy, completeness, and precision of control execution.
• Provide technical support in the assessment, design & implementation of IT requirement.
• Validate & update documentation as needed to ensure scope, testing & remediation activities are accurate.
• Review test findings, facilitate the remediation of control gaps, and escalate possible critical issues to Senior management within IT.
• Support the review of IT tools, control designs and control remediation planning effort.
• Collaborate & build long term relationship with key stakeholders in a fast paced & matrixed work environment.
2015 : 2016
Tobin Transport
Security Analyst
Company:
Mildeeng Systems
Years of Experience:
8
Skills
FISMA, Information Technology, Risk Management Framework, Security, Security Control Assessor
About
Information Security Specialist with over 5 years of experience providing subject matter expertise in Information Technology services with experience in Risk Management Framework, Information Assurance,Cyber Security and Compliance Management and supporting security initiatives for government and commercial customers.
Profile Photo
