Profiles search

jeff nana tuffour

Technology Lead - Infosys LLC | Former General Dynamics IT | Former AWS| Master in Digital Forensics - Champlain College | AWS Security Specialty, Certified Ethical Hacker (CEH), Qualys Certified Specialist
Ft. Washington, MD, United States

Details

Education: Master's degree

Digital forensics

Champlain College

2021 : 2023

BA publishing studies

Publishing

Kwame Nkrumah' University of Science and Technology, Kumasi

2009 : 2013

Pro CERT

Information Technology

George Mason University

2017 : 2018

OSHA ACADEMY

2015 : 2015



Information Technology

George Mason University
Experience: • Act as a triage lead for several application risk assessments at Microsoft and analyze 5+ threat models, privacy assessments, and data flow diagrams during Microsoft's application risk evaluations.

• Engage with IAM managers with a SOX testing project and perform a security risk assessment for a specific application at Truist Bank, portraying strong communication skills.

• Orchestrate control processes and compliance assessments to identify deviations from permissible configurations, policies, and standards.

• Involve in risk identification and mitigation of information systems' confidentiality, integrity, and availability.

• Formulate 3+ security artefacts, including action plans and milestones to track vulnerability remediation and compliance.

• Incorporate appropriate visualization approaches to collect and present information security metrics to various management levels.

• Utilize technical knowledge of computer systems and networks with cyber threat information to assess security posture.

2020 : Present

Infosys

Senior cybersecurity Analyst

• Performed 20+ audits and risk assessments, including reviews and inspections by third parties, and drafted relevant policy, standard, and operational process documents.

• Applied NIST 800 Special Publications for risk assessments, security requirement analysis, and security testing of information systems.

• Recognized various security dangers, attack methodologies, security principles, recommended practices, and evasion strategies.

• Evaluated vulnerability scans and penetration test reports as part of the system assessment.

• Devised a remedial strategy with a 4+ member team and achieved desired remedial efforts to meet the company's minimum risk goal, showcasing strong leadership skills.

• Organized employee security awareness and training programs and designed new information security risk assessment methodologies by revising the company's security policies and practices through identifying, analyzing and mitigating threats.

2019 : 2021

General Dynamics Information Technology

Cyber Security Analyst

• Devised Threat Modeling standards and conducted a review of existing brokerage applications.

• Collaborated with 4+ Network Engineers to convert live BFC (T1) devices to new ACCTON 7772 data encryption devices offering AES encryption to the core in exchange.

• Formed a cost-effective and functioning enterprise cloud strategy and roadmap and developed 2+ cloud solutions and an Enterprise Cloud Strategy with enterprise and domain architects.

• Developed cloud center of excellence comprising security, infrastructure, and domain architects.

• Advised internal and external project partners about design standards and coordinated with third parties to review plans and drawings, demonstrating efficient management skills.

• Spearheaded secure asset transfers for all BFC 2.0 upgrades and lever devices across all AWS availability zones.

• Analyzed application portfolio regularly to spot cloud migration potential and maintained a proactive cloud security posture by ensuring ongoing risk monitoring.

• Conducted 5+ weekly network vulnerability scans, assessed and validated before being conveyed to the team and clients through reporting and results-review sessions.

• Monitored remedial work for improvements in vulnerability closing and oversaw a physical security audit of systems, including servers and networks, to ensure no unwanted physical intervention.

• Addressed lever issues (e.g., L2 LLDP, BITW A, BITW Z and CLIENT tests and tracked blade runner workflow) after the Mobius test.

2018 : 2019

Amazon

NETWORK SCALING AND INTEGRATION

• Introduced 4+ feasible designs to provide the system's end-to-end technical solution following business strategy and technological objectives.

• Employed Qualys for vulnerability scans, continuous monitoring, and generated reports based on vulnerability scan results, portraying strong analytical skills.

• Directed 6+ support groups to enhance their understanding of vulnerability data, guided on remediation strategies, and analyzed false positives.

• Installed Cisco Layer 2 networking equipment and configured provisioning for Intel and Advanced Micro Devices (AMD) servers, such as connecting and debugging networks, server placement and cloud infrastructure.

• Configured server racks for server orders and resolved cloud provisioning difficulties through trouble tickets by employing expertise related to Windows, Linux, or Unix Operating Systems.

• Provided 3+ detailed logs inside the ticketing and messaging systems for callouts, system alerts, and communication and escalation of SIEM alerts and activities to ensure fast resolution of supported equipment, processes, and teams.

• Initiated troubleshooting of servers, utilizing RDP and KVM, PuTTY Win Admin, SSH (Secure Shell), and Nano on the partition drive of MDC as a data centre technician, displaying key attention to detail.

2018 : 2018

IBM

SBT 1

2017 : 2018

Sheehy Auto Stores

Sales Consultant
Company: Infosys
Years of Experience: 6

Skills

Amazon Web Services (AWS), Analytical Skills, Application Security, Business Strategy, Cloud Computing, Computer Forensics, Control Testing, Customer Support, Cybersecurity, Cyber Threat Intelligence (CTI), Data Privacy, Document Review, Ethical Hacking, Identity & Access Management (IAM), Incident Response, Information Assurance, Information Security, Intrusion Detection, ISO 27001, IT Security Assessments, IT Security Policies, Malware Analysis, Management, Memory Forensics, Mitigation Strategies, Mobile Devices, Networking, NIST, Payment Card Industry Data Security Standard (PCI DSS), Python (Programming Language), Risk Assessment, Security, Security Controls, Security Incident Response, SQL, U.S. Department of Defense Information Assurance Certification and Accreditation Process (DIACAP), U.S. Federal Information Security Management Act (FISMA), Vulnerability Assessment, Vulnerability Management

About

I am professionally experienced in analyzing security vulnerabilities, exploitation techniques, and malware behaviors and implementing information security. Furthermore, I can coordinate the investigation and reporting of security incidents and assess newly published vulnerabilities to identify possible defensive measures to locate and stop threat actors.



My career highlights:

My most recent role has been as a Technology Lead at Infosys LLC. Performing my duties as a Technology Lead, I employed appropriate visualization approaches to collect and present information security metrics to various management levels. I have utilized technical knowledge of computer systems and networks with cyber threat information to assess security posture.



My academic highlights:

I am currently a Master in Digital Forensics at Champlain College.



My goal and skillset:

I have demonstrated the capability to use new technologies and quickly adapt to new software applications. I am skilled in applying highly technical principles, concepts, and techniques central to solving issues. In addition, I am adept in information management, digital transformation, and cybersecurity operations management, team training & leadership to achieve shared visions and goals of the organization.



Looking forward to connecting with other ambitious professionals!