Post Job Free
Sign in

Cloud Security Vulnerability Management

Location:
Hyattsville, MD
Posted:
August 01, 2024

Contact this candidate

Resume:

TCHINDA F. MBUNA

***** ****** ****, ****** ******, MD PHONE: 301-***-****

EMAIL: ad7pen@r.postjobfree.com

Summary

Accomplished cybersecurity leader with 8+ years of experience driving security initiatives across diverse environments. Proven success in vulnerability management, cloud security (AWS ), compliance (FISMA & FedRAMP), DevSecOps, and Threat Hunting. Expertise in architecting and implementing robust security controls, leading incident response efforts, and proactively mitigating threats. Strong collaborator with a passion for fostering a security-first culture within organizations.

Certifications/Technical Experience

Certifications: AWS Solutions Architect, AWS Certified Security Specialty, CompTIA CompTIA Sec+, CompTIA CASP+, EC-COUNCIL CEH ISACA CISA

Vulnerability Management: Qualys, Nessus, Scanner. Tenable.sc, AWS Inspector, SSM, OWASP, OVAL, CVSS, CVE, SCAP, etc.

Cloud Security: AWS – AWS (CloudWatch, CloudTrail, Config, GuardDuty, Inspector, Trusted Advisor, VPC Flow Logs, etc.),

Compliance: FISMA/FedRAMP ATO

Security Operations: SIEM -Splunk, AlienVault, Fire Eye HX, NX, Barracuda, FireEye, Cisco IronPort, IDS/IPS, Darktrace, Symantec, Wireshark, McAfee ePO etc.

DevSecOps: DAST, SAST, Snyk, Aqua Security, etc.

SIEM - Splunk, AlienVault, Fire Eye HX, NX, Barracuda, FireEye, Cisco IronPort, IDS/IPS, Darktrace, Symantec, Wireshark, McAfee ePO etc.

Operating Systems: Windows, Linux

GRC Tools: (e.g., eMASS, Xacta, CSAM, Asset Manager) to track, manage, and report on security controls, compliance, and risks.

Experience

FedRAMP Cyber Engineer/Vulnerability Management Noblis (GSA) April 2023 - Present

●Conducted in-depth reviews of Cloud Service Provider (CSP) packages on Max.gov, meticulously verifying technical and network diagrams for alignment with FedRAMP ATO requirements, ensuring a secure and compliant Cloud foundation.

●Evaluated high and moderate risk vulnerabilities in CSP packages, contributing to successful FedRAMP authorization of various Cloud service providers, demonstrating expertise in Cloud security assessment

●Lead comprehensive vulnerability management programs for diverse environments, encompassing on-premises systems and cloud infrastructure, ensuring a holistic approach to risk mitigation.

●Executed vulnerability assessments and remediation planning utilizing Nessus Scanner and Nessus Security Center, identifying critical weaknesses and orchestrating timely patch deployment and configuration adjustments.

●Leveraged AWS Inspector and Systems Manager (SSM) to proactively identify vulnerabilities and automate patching for both EC2 instances and container registries, enhancing the security posture of AWS environments.

●Conducted in-depth reviews of Cloud Service Provider (CSP) packages on Max.gov, meticulously verifying technical and network diagrams for alignment with FedRAMP ATO requirements, ensuring a secure and compliant cloud foundation.

●Evaluated high and moderate risk vulnerabilities in CSP packages, contributing to the successful FedRAMP authorization of various cloud service providers, demonstrating expertise in cloud security assessment.

●Maintained expertise in industry-standard vulnerability frameworks, including OWASP, OVAL, CVSS, CVE, and SCAP, applying this knowledge to assess and prioritize security risks effectively.

FedRAMP/ Cloud Security Engineer Penguin Computing Feb 2021 – April 2023.

●Led the design and implementation of robust identity and access management (IAM) policies, roles, and permissions to ensure least privilege access and minimize security risks across AWS environments.

●Developed comprehensive incident response strategies for AWS services and on-premises systems, encompassing threat detection, containment, eradication, recovery, and post-incident analysis, ensuring swift and effective responses to security incidents.

●Collaborated with 3PAOs to compile FedRAMP authorization artifacts (SSP, SAR, POA&M) for both agency and JAB paths, ensuring template adherence and addressing deficiencies.

●Engineered holistic data security strategies for cloud-hosted and on-premises systems, implementing encryption, tokenization, access controls, and data loss prevention mechanisms to protect sensitive information and maintain compliance with regulatory requirements.

●Architected secure infrastructure designs for cloud and on-premises systems, adhering to security best practices outlined in NIST 800-53, CIS Benchmarks, and NIST CSF, implementing measures like network segmentation, intrusion detection/prevention systems, and web application firewalls.

●Established proactive continuous monitoring frameworks for AWS environments, leveraging native tools like CloudWatch, CloudTrail, Config, GuardDuty, Inspector, Trusted Advisor, and VPC Flow Logs, in conjunction with third-party solutions like Splunk, to detect and respond to security events in real-time.

●Designed and implemented robust data loss prevention (DLP) strategies for both cloud and on-premises systems, employing content filtering, access controls, encryption, and real-time monitoring to prevent unauthorized data exfiltration.

●Led FedRAMP readiness assessments for Cloud Service Providers (CSPs), identifying security gaps, developing remediation roadmaps, and facilitating successful authorizations.

●Conducted comprehensive gap analyses against FedRAMP Security Assessment Framework (SAF) and NIST SP 800-53 controls, providing detailed documentation and actionable recommendations.

Senior Cloud Security Engineer (ISSO) Perspecta (DHS) March 2020 - Feb 2021

●Led FedRAMP readiness assessments for multiple Cloud Service Providers (CSPs), identifying security gaps, developing remediation roadmaps, and facilitating successful authorizations.

●Conducted comprehensive gap analyses against FedRAMP Security Assessment Framework (SAF) and NIST SP 800-53 controls, providing detailed documentation and actionable recommendations.

● Collaboration with 3PAOs: Collaborated with 3PAOs to compile FedRAMP authorization artifacts (SSP, SAR, POA&M) for both agency and JAB paths, ensuring adherence to templates and addressing deficiencies.

●Authorization Package Review: Reviewed and validated FedRAMP authorization packages, assessing the completeness, accuracy, and compliance of security documentation for high-impact systems.

●SSP Development: Developed and maintained System Security Plans (SSPs) per FedRAMP requirements, detailing system architectures, security controls, and risk mitigation strategies.

●Served as a subject matter expert in FISMA/FedRAMP compliance, guiding internal teams and external stakeholders on security control implementation and documentation.

●Participated in FedRAMP continuous monitoring activities, conducting regular assessments, tracking POA&M items, and ensuring ongoing compliance with federal security standards.

●Presented FedRAMP compliance findings and recommendations to senior management, effectively communicating complex security concepts and driving remediation efforts.

●Utilized Xacta/CSAM to streamline security control assessment, documentation, and reporting processes, facilitating efficient risk management and compliance tracking.

SOC/Threat Hunting Engineer GDH ( Food and Drugs Administration) Sep 2019 - Mar 2020.

●CI/CD Pipeline Security Integration: Successfully integrated Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) tools into CI/CD pipelines, enabling automated vulnerability scanning and security testing throughout the development process.

●Snyk Implementation: Led the implementation of Snyk into the CI/CD pipeline to perform comprehensive vulnerability scanning of code dependencies and open-source libraries, proactively identifying and addressing security risks.

●Aqua Security: Leveraged Aqua Security to enhance container security, performing vulnerability scanning and runtime protection for containerized applications, ensuring the integrity and security of containerized environments.

●Data Loss Prevention (DLP) Strategist: Designed and executed comprehensive DLP strategies for both cloud and on-premise systems, safeguarding sensitive data through classification, access controls, and real-time monitoring.

●DevSecOps Champion: Fostered a shift-left security culture, collaborating closely with DevOps teams to integrate security practices and tools throughout the software development lifecycle (SDLC).

●Vulnerability Management Automation Architect: Established automated vulnerability management processes, ensuring regular scanning of cloud and on-premise systems, prompt remediation, and continuous risk reduction.

●Threat Hunter: Led proactive threat-hunting initiatives, utilizing in-depth knowledge of static and dynamic techniques to analyze logs, traffic, and telemetry, uncovering hidden threats and indicators of compromise (IOCs).

●Incident Response Specialist: Conducted comprehensive investigations across diverse environments (cloud, on-premise), leveraging SIEM, network forensics, and endpoint analysis tools to resolve security incidents efficiently.

●Security Advisor: Researched and disseminated weekly threat/vulnerability advisories, providing stakeholders with actionable insights and recommendations to enhance security posture.

●Phishing Mitigation Expert: Investigated phishing campaigns, analyzing email headers, malicious URLs, and IP addresses, and implemented blacklisting measures to protect the organization.

Vulnerability/Cyber Security Engineer, Serigor Jul 2018 - Sep 2019

●Spearheaded a comprehensive vulnerability management program encompassing on-premises, cloud (AWS), and containerized environments, significantly reducing mean time to remediate critical vulnerabilities.

●Leveraged Nessus Professional and Nessus Security Center to conduct in-depth vulnerability scans, ensuring accurate identification and prioritization of security weaknesses for efficient remediation planning.

●Implemented AWS Inspector and Systems Manager (SSM) to automate vulnerability scanning and patching processes for EC2 instances and container registries, enhancing the security posture of AWS cloud environments.

●Designed and implemented a scalable vulnerability management program, establishing robust processes for POAM (Plan of Action and Milestones) creation and management to track and drive remediation efforts effectively.

●Maintained in-depth knowledge of vulnerability management standards (OWASP, OVAL, CVSS, CVE, SCAP), ensuring accurate risk assessment and prioritization of vulnerabilities for remediation.

●Fostered collaboration with engineering and stakeholders to streamline remediation of vulnerabilities and missing patches, utilizing ad hoc scans to address emerging threats and maintain a strong security posture.

●Conducted weekly vulnerability scans to identify and prioritize emerging risks, ensuring continuous monitoring and timely remediation of vulnerabilities.

●Prepared and distributed comprehensive monthly vulnerability reports to stakeholders, providing actionable insights and facilitating informed decision-making to enhance overall security posture.

Security Operations Center (SOC) Analyst/Threat Hunter TruShield April 2015 - Jul 2018

●Led proactive threat-hunting initiatives applying in-depth knowledge of static and dynamic analysis techniques to identify and neutralize advanced threats across diverse IT environments.

●Leveraged extensive expertise in security tools including Splunk, Barracuda, FireEye, Cisco IronPort, IDS/IPS, DarkTrace, Symantec, RSA NetWitness, and others to conduct comprehensive incident response and threat investigations.

●Spearheaded threat hunting and incident response in cloud environments, utilizing AWS native tools like GuardDuty, CloudTrail, Inspector, Macie, and Security Hub to detect and mitigate threats specific to AWS infrastructure.

●Developed and disseminated weekly threat and vulnerability advisories to stakeholders, providing actionable intelligence on emerging threats and vulnerabilities to enhance organizational security awareness and preparedness.

●Conducted in-depth investigations of phishing campaigns, malicious URLs, and IP addresses, promptly blacklisting malicious entities to protect the organization from cyber threats.

●Mentored and trained junior SOC analysts on threat-hunting techniques, incident response procedures, and the effective use of security tools, fostering a culture of continuous learning and improvement.

●Collaborated effectively with cross-functional teams, including network engineers, system administrators, and security architects, to implement security controls, remediate vulnerabilities, and strengthen the overall security posture.

●Maintained up-to-date knowledge of the latest threat landscape, actively participated in security communities, and attended industry conferences to stay ahead of emerging threats and vulnerabilities.

●Investigated phishing campaigns, analyzing email headers, malicious URLs, and IP addresses, and implemented blacklisting measures to protect the organization.

Education

American Public University: Charles Town, WV

● Master of Science (M.S.) International Relations and Human Resource Man. - April 2017

● Master of Science (M.S.) Cyber Security (In progress)

University of Dschang: Cameroon

● Information Security: University of Dschang (Cameroon) - 2007



Contact this candidate