Profiles search
Mohammed K.
Cybersec Consultant and Salesforce Business Analyst at NUNYA LLC
Ft. Washington, MD, United States
Details
Experience:
2022 : Present
NUNYA LLC
Cybersecurity Consultant and Salesforce Business Analyst
- Developed training phishing flowcharts, workflows, and visuals for a parent, national US health department
- Audited two separate Centers for Medicare & Medicaid Services (CMS) MACs on system network boundaries periodic review, FISMA assessment, change control management procedures and testing, and Section 508 control selections and testing
- Identified gaps for remediation of MAC information security program components in accordance with CMS ARS, FISMA, and NIST guidelines
- Engaged directly with the client on findings, follow-ups, and remediation for assigned controls; developed HHS/OIG workpapers for the same
- Developed detailed outline on key differences between FedRAMP’s Rev. 4 and 5 for a moderate baseline commercial client to begin a gap analysis and migration plan to Rev. 5
- Led a cross-functional capstone team in providing targeted recommendations to sector leadership for averting cyber threats faced by MSPs and customers
- Trained incoming full-time consultant on change control selection and testing hand-off
2022 : 2023
Guidehouse
Cybersecurity Consulting Intern - Public Health Sector
- Established a Qualtrics survey on cybersecurity awareness and practices of 1,000 Maryland residents via MTurk through customized random, embedded survey IDs and integrated workflows
- Certified in CITI Program's social & behavioral research, human subjects research training
- Hosted the 8th Annual Cybersecurity Conference for Executives as a Zoom manager
2022 : 2022
Johns Hopkins University Information Security Institute
Research Assistant
- Oversaw day-to-day operations of The Macksey Journal, a journal of conference proceedings for the Richard Macksey National Undergraduate Humanities Research Symposium, which hosted students from across the nation interested in presenting their scholarship
- Managed all aspects of the Editorial Board including but not limited to supervising assistant editors, resulting in the reviewing, editing, and publishing of 400 articles on the Scholastica platform : https : //mackseyjournal.scholasticahq.com/
2021 : 2022
The Johns Hopkins University
Managing Editor
- Served as a consultant for a Fortune 50 organization on a SailPoint IIQ implementation project, with multiple dev workstreams in parallel : successfully implemented invisibility of display name collisions on two access forms using a combo of BeanShell, Java, and SQL queries and performed BA requirements, testing, and health check analyses
- Self-developed, coordinated, and presented a business plan as a team for a state workforce client to assist client drive business-led and technology-enabled transformation. Plan recommendations adopted by the client engagement team as a Capstone project finalist. Other responsibilities included understanding clients’ cultures and operations to influence important decisions on cyber risks, documenting clients’ technology processes and requirements, and performing root cause analyses
2021 : 2021
EY
Cybersecurity Consulting Intern
NUNYA LLC
Cybersecurity Consultant and Salesforce Business Analyst
- Developed training phishing flowcharts, workflows, and visuals for a parent, national US health department
- Audited two separate Centers for Medicare & Medicaid Services (CMS) MACs on system network boundaries periodic review, FISMA assessment, change control management procedures and testing, and Section 508 control selections and testing
- Identified gaps for remediation of MAC information security program components in accordance with CMS ARS, FISMA, and NIST guidelines
- Engaged directly with the client on findings, follow-ups, and remediation for assigned controls; developed HHS/OIG workpapers for the same
- Developed detailed outline on key differences between FedRAMP’s Rev. 4 and 5 for a moderate baseline commercial client to begin a gap analysis and migration plan to Rev. 5
- Led a cross-functional capstone team in providing targeted recommendations to sector leadership for averting cyber threats faced by MSPs and customers
- Trained incoming full-time consultant on change control selection and testing hand-off
2022 : 2023
Guidehouse
Cybersecurity Consulting Intern - Public Health Sector
- Established a Qualtrics survey on cybersecurity awareness and practices of 1,000 Maryland residents via MTurk through customized random, embedded survey IDs and integrated workflows
- Certified in CITI Program's social & behavioral research, human subjects research training
- Hosted the 8th Annual Cybersecurity Conference for Executives as a Zoom manager
2022 : 2022
Johns Hopkins University Information Security Institute
Research Assistant
- Oversaw day-to-day operations of The Macksey Journal, a journal of conference proceedings for the Richard Macksey National Undergraduate Humanities Research Symposium, which hosted students from across the nation interested in presenting their scholarship
- Managed all aspects of the Editorial Board including but not limited to supervising assistant editors, resulting in the reviewing, editing, and publishing of 400 articles on the Scholastica platform : https : //mackseyjournal.scholasticahq.com/
2021 : 2022
The Johns Hopkins University
Managing Editor
- Served as a consultant for a Fortune 50 organization on a SailPoint IIQ implementation project, with multiple dev workstreams in parallel : successfully implemented invisibility of display name collisions on two access forms using a combo of BeanShell, Java, and SQL queries and performed BA requirements, testing, and health check analyses
- Self-developed, coordinated, and presented a business plan as a team for a state workforce client to assist client drive business-led and technology-enabled transformation. Plan recommendations adopted by the client engagement team as a Capstone project finalist. Other responsibilities included understanding clients’ cultures and operations to influence important decisions on cyber risks, documenting clients’ technology processes and requirements, and performing root cause analyses
2021 : 2021
EY
Cybersecurity Consulting Intern
Company:
NUNYA LLC
Spoken Language:
Arabic, English, Punjabi, Spanish, Urdu
About
Lifelong learner, cybersecurity consultant, business analyst, author and public speaker.
Believe in integrity, humility and results.
Current interests: Salesforce, IT security compliance assessments for federal entities' contractors.
Profile Photo
