Benjamin Asare-Bediako
Columbus, OH
614-***-**** **********@*****.***
Professional Summary
Experience in Cybersecurity which focus on Government Risk and Compliance and information security assessment and Assessment & Authorization process (A&A) process. Concentrate on enterprise security risk management with in-depth knowledge in assessing information systems for risks, implementing appropriate controls, identifying and mitigation vulnerabilities via POA&M and vulnerability management and ensuring appropriate configuration management for all software and hardware using industrial standards frameworks.
Knowledge of and experience with federal security policies, standards, and guidelines including NIST 800 SPs such as 800-37, 800-53/53A rev 4, FIPS 199/200, FISMA, HIPAA, & FedRAMP.
Working knowledge of Risk Assessment, Risk Management Framework (RMF), Systems Development Life Cycle (SDLC) and Security Assessment and Authorization process (SA&A).
Experience in the development of ATO package documents such as SSPs, SARs, POA&Ms, Contingency Plans, Incident Response Plans, PIA and Configuration Management Plans.
Proficient in explaining technical information, resolutions, documentations, and presentations to clients and non-technical personnel at all levels of the organization or enterprise.
Cybersecurity Asset Management (CSAM) and Vulnerability Management Detection and Response (VMDR), PCI Compliance and Policy Compliance.
Work Experience
Cybersecurity Analyst
NBN Systems. Ashburn, VA 9/2021 to present
A Team Member of the Assessment & Authorization (A&A) team that helps with systems categorization, selection, implementation, assessment and monitoring of security controls; developing and maintaining ATO packages and supporting artifacts, information system policies, SOPs as well as vulnerability management in accordance with NIST, FIPS, FISMA, RMF, FedRAMP and industry best security practices.
Work with Information System Security Officers to prepare Assessment and Authorization (A&A) package for reviews using the six steps Risk Management Framework Process (RMF).
Create and track for corrective actions the Plan of Action and Milestones (POA&M) of all accepted risks upon completion of Security Control Assessment (SCA) exercises and documented in system security plan (SSP).
Develop and review system security artifacts such as contingency plans (CP), incident response plans (IRP), privacy impact assessments (PIA), MOUs/ISAs and risk assessment (RA) documents for compliance with NIST 800 guidelines and agency’s security requirements.
Monitor controls post authorization to ensure continuous compliance with the security requirements by evaluating threats and vulnerabilities through Nessus scan results and work with the IT staff for mitigation actions.
Develop and update Authorization to Operate (ATO) packages such as the SSPs, SAR and POA&Ms for information systems to ensure they are in compliance with organization’s information security requirements.
Conduct the ST&E Kick-off Meeting and populate the Requirements Traceability Matrix (RTM) according to NIST SP 800-53A.
Review implementation statements and supporting evidence of security controls as to determine if the systems are currently meeting the requirements and provide findings/suggested mitigations to stakeholders.
Merchandise Clerical
Victoria’s Secret & Co. Reynoldsburg, OH 9/2014 to Present
An associate member of merchandise team specifically planning and developing merchandising strategies that balance customers’ expectations and company’s objectives. Analyzing sales figures, customers reactions and market trends to anticipate product needs and plan product ranges/stock.
Organize, arrange and process merchandise according to procedures.
Process invoice of merchandise returned by customers for refund or exchanges.
Quality Control Officer.
Inspect merchandise items to ensure proper quality and brand specification.
Track information to facilitate the flow of merchandise through the distribution center.
Audit international merchandise with requisite documentation.
Tax Professional
H&R Block. Columbus, OH 11/2012 -5/2014
Worked with a team of Tax Professionals by assisting clients file their taxes and ensuring the accuracy of various tax forms. Conducted tax procedures and ensured that all tax documents are filed timely and accurately and reviewed financial statements, verifying adjustments, and resolving account discrepancies.
Prepared simple to complex tax returns for individuals or small businesses.
Assisted taxpayers by using their federal, state and local codes and ensured that clients received the maximum benefit permitted under the law of government.
Reviewed financial records such as income statements and supporting documentation.
Reviewed past returns for accuracy and continuity.
Resolved customer complaints.
Recommended additional products and services.
Prepared tax returns using electronic filing software.
Ensured a copy of the completed return is provided to the customer.
Calculated tax payments, estimating tax returns, deductibles, liabilities and expenses.
Education
Ohio Dominican University. Columbus, OH
Master of Business Administration (Accounting)
University of Education. Ghana
Bachelor of Science (Accounting)
Professional Certifications
Qualys Certified Specialist
Certified Governance, Risk and Compliance (CGRC)-Exam in View
Certified Information Systems Auditor (CISA) – Exam in View