Profiles search
Aurelien Yovogan
Information Security Analyst at ACCENTURE FEDERAL SERVICES, Arlington, VA
Silver Spring, MD, United States
Details
Experience:
SECURE FLIGHT, DEPARTMENT OF HOMELAND SECURITY (DHS)
• Participated at Accenture Artificial Intelligence Q3 Hackathon.
• Reviewing and validating the remediation of Plan of Action and Milestones (POA&M) weaknesses.
• Providing expert technical advice, guidance, and recommendations to management and other technical specialists on critical IT issues.
• Performed risk assessments, Security Tests and Evaluations (ST&Es), contingency plan testing and other related activities in accordance with NIST Special Publications 800 30 Rev 1, 800 37 Rev 1, 800 60 (Vols. 1&2 Rev 1), 800 53 Rev 4, 800 53A Rev 4, FIPS 199 and related OMB guidance.
• Developed, debugged, tested and troubleshot executable application; checked exceptions logs, playlogs, and non-archive audit logs using Unix / Linux commands.
• Troubleshot applications on command line (git bash, windows command line) by running unit, integration, and functional tests with Pasty, IBM automated test application libraries.
• Updated existing applications JUnit tests and documented results of test analysis results using JUnit 4 libraries.
2019 : Present
ACCENTURE FEDERAL SERVICES, Arlington, VA
Information Security Analyst
Evaluated threats and vulnerabilities based on Tenable reports and implement Risk Management Framework (RMF) in accordance with NIST SP 800-37R2.
• Provided input to management on appropriate FIPS 199 impact level designations and identify appropriate security controls
based on characterization of the general support system or major applications.
• Reviewed and updated Plan of Action and Milestones (POA&MS) of all accepted risks upon completion of system (C&A).
• Assisted in establishing an Ongoing Authorization (OA) program design to review the security posture of designated systems on a continual basis.
• Collaborated with team members and client, applying knowledge of multiple design principles, open source frameworks, and tools to desired project outcomes.
• Provided audit briefings to agency and Information Systems Security Officer’s (ISSO), to assist in the preparation of independent audit assessments with the agency’s goal of improving their operational effectiveness and ensuring that all findings are documented as Plan Of Action & Milestones within their Trusted Agent FISMA (TAF) tool.
2018 : 2018
Credence Management Solutions, LLC
Cyber Security Analyst
• Prepared, presented, and evaluated budget execution quarterly.
• Provide audit briefings to agency and Information Systems Security Officer’s (ISSO), to assist in the preparation of independent audit assessments with the agency’s goal of improving their operational effectiveness and ensuring that all findings are documented as Plan Of Action & Milestones within their Trusted Agent FISMA (TAF) tool.
• Participate in DHS Critical Control Reviews (CCRs) and assist the DHS CCR team with agency personnel interviews and document requests. Also assisted external auditors with OMB A-123 Audits, OIG and Financial Statements Audits.
• Establishes relationship with other OCISO Divisions executives to develop strong foothold into reviews of programs and portfolios in critical need of security control improvements.
• Conducted FISMA-based security risk assessments for government contracting organizations and application systems, including interviews, tests and inspections; produced assessment reports and recommendations; conducted out-briefings.
• Assessments conducted following NIST 800 processes and controls.
2015 : 2017
Department of Navy (CNIC-HQ)
Security Analyst
Provide IA Support and Risk Management Framework and Continuous Monitoring processes
• Reviewed and updated artifacts supporting the Risk Profile SSP, ATO, SAR and POA&Ms
• Provided guidance and training to all system components Engineers. Provide POA&M.
Maintained hardware and software inventory for components
• Maintained and organized SharePoint repository.
Evaluate threats and vulnerabilities based on Nessus tenable reports
• Tested manual websites to assure they match the markups and the client requirements.
• Worked in Agile Software Development Life Cycle environment with bi-weekly Sprint meetings.
2011 : 2015
American Institutes for Research
Information Assurance Analyst & Tester
MILITARY SERVICE DEPARTMENT OF THE NAVY, ANDREWS AFB, MD
• Analyzed high-risk data points and performed visual needs assessment to identify and mitigate bottlenecks based on current and historical intelligence. More accurate threat assessment by 30% from previous engagements, reduced suspicious activities and criminal acts by 98%, and prevented 100% passage of prohibited articles into restricted area.
2007 : 2014
US Navy
Military Service, US NAVY (Seabee)
• Participated at Accenture Artificial Intelligence Q3 Hackathon.
• Reviewing and validating the remediation of Plan of Action and Milestones (POA&M) weaknesses.
• Providing expert technical advice, guidance, and recommendations to management and other technical specialists on critical IT issues.
• Performed risk assessments, Security Tests and Evaluations (ST&Es), contingency plan testing and other related activities in accordance with NIST Special Publications 800 30 Rev 1, 800 37 Rev 1, 800 60 (Vols. 1&2 Rev 1), 800 53 Rev 4, 800 53A Rev 4, FIPS 199 and related OMB guidance.
• Developed, debugged, tested and troubleshot executable application; checked exceptions logs, playlogs, and non-archive audit logs using Unix / Linux commands.
• Troubleshot applications on command line (git bash, windows command line) by running unit, integration, and functional tests with Pasty, IBM automated test application libraries.
• Updated existing applications JUnit tests and documented results of test analysis results using JUnit 4 libraries.
2019 : Present
ACCENTURE FEDERAL SERVICES, Arlington, VA
Information Security Analyst
Evaluated threats and vulnerabilities based on Tenable reports and implement Risk Management Framework (RMF) in accordance with NIST SP 800-37R2.
• Provided input to management on appropriate FIPS 199 impact level designations and identify appropriate security controls
based on characterization of the general support system or major applications.
• Reviewed and updated Plan of Action and Milestones (POA&MS) of all accepted risks upon completion of system (C&A).
• Assisted in establishing an Ongoing Authorization (OA) program design to review the security posture of designated systems on a continual basis.
• Collaborated with team members and client, applying knowledge of multiple design principles, open source frameworks, and tools to desired project outcomes.
• Provided audit briefings to agency and Information Systems Security Officer’s (ISSO), to assist in the preparation of independent audit assessments with the agency’s goal of improving their operational effectiveness and ensuring that all findings are documented as Plan Of Action & Milestones within their Trusted Agent FISMA (TAF) tool.
2018 : 2018
Credence Management Solutions, LLC
Cyber Security Analyst
• Prepared, presented, and evaluated budget execution quarterly.
• Provide audit briefings to agency and Information Systems Security Officer’s (ISSO), to assist in the preparation of independent audit assessments with the agency’s goal of improving their operational effectiveness and ensuring that all findings are documented as Plan Of Action & Milestones within their Trusted Agent FISMA (TAF) tool.
• Participate in DHS Critical Control Reviews (CCRs) and assist the DHS CCR team with agency personnel interviews and document requests. Also assisted external auditors with OMB A-123 Audits, OIG and Financial Statements Audits.
• Establishes relationship with other OCISO Divisions executives to develop strong foothold into reviews of programs and portfolios in critical need of security control improvements.
• Conducted FISMA-based security risk assessments for government contracting organizations and application systems, including interviews, tests and inspections; produced assessment reports and recommendations; conducted out-briefings.
• Assessments conducted following NIST 800 processes and controls.
2015 : 2017
Department of Navy (CNIC-HQ)
Security Analyst
Provide IA Support and Risk Management Framework and Continuous Monitoring processes
• Reviewed and updated artifacts supporting the Risk Profile SSP, ATO, SAR and POA&Ms
• Provided guidance and training to all system components Engineers. Provide POA&M.
Maintained hardware and software inventory for components
• Maintained and organized SharePoint repository.
Evaluate threats and vulnerabilities based on Nessus tenable reports
• Tested manual websites to assure they match the markups and the client requirements.
• Worked in Agile Software Development Life Cycle environment with bi-weekly Sprint meetings.
2011 : 2015
American Institutes for Research
Information Assurance Analyst & Tester
MILITARY SERVICE DEPARTMENT OF THE NAVY, ANDREWS AFB, MD
• Analyzed high-risk data points and performed visual needs assessment to identify and mitigate bottlenecks based on current and historical intelligence. More accurate threat assessment by 30% from previous engagements, reduced suspicious activities and criminal acts by 98%, and prevented 100% passage of prohibited articles into restricted area.
2007 : 2014
US Navy
Military Service, US NAVY (Seabee)
Company:
ACCENTURE FEDERAL SERVICES, Arlington, VA
Spoken Language:
English, French
About
CYBER SECURITY ANALYST
Master’s Degree in in Information Systems Engineering (Cyber security)/Conferred Master’s Degree in Financial Economics. More than 8 years of experience in Information Technology (IT), software development, program analysis, security intelligence analysis. Seeking a position as a Cyber Security Analyst to utilize my professional skills in assembling security authorization package using NIST Special Publications 800-53 Rev-4, 800-53A, 800-60, 800-30, 800-37, 800-137, 800-18, FIPS 200 and FIPS 199. Proficient in preparation and updating of System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action & Milestone (POA&M), routers and switches.
Profile Photo
