Festus A. A. Email & Phone Number
Who is Festus A. A.? Overview
A concise factual answer block for searchers comparing this professional profile.
Festus A. A. is listed as Risk Management Framework | Assessment & Authorization | Certification & Accreditation | Plan of Action & Milestone | Vulnerability Management | Security Control Assessments | ATO | FISMA | NIST | FedRamp at ECS, based in Dallas-Fort Worth Metroplex, United States. AeroLeads shows a matched LinkedIn profile for Festus A. A..
Festus A. A. previously worked as Cybersecurity Quality Assurance Lead at Ecs and Cybersecurity Quality Assurance Lead at Iron Vine Security. Festus A. A. holds Master Of Science - Ms, Information Technology/ Information Assurance from University Of Maryland Global Campus.
Email format at ECS
This section adds company-level context without repeating Festus A. A.'s masked contact details.
Review company-level records connected to Festus A. A. before choosing the right outreach path.
About Festus A. A.
Knowledgeable Cyber Security Analyst with over 6 years’ experience in Risk Management Framework (RMF), Assessment and Authorization (A&A), Certification and Accreditation (C&A) of Information Systems, Plan of Action & Milestone (POA&M), Vulnerability Management as well as conducting Security Control Assessments (SCAs). Experienced in preparing & reviewing complete Authorization-to-Operate (ATO) packages for information systems and Applications as defined by the Federal Information Security Modernization Act of 2002 (FISMA) and implemented by the guidance of the National Institute of Standards and Technology (NIST) Special Publication 800-53 series. Assessment of FedRamp Cloud environments & documentation.► Strong leadership and communication skills as well as excellent time management skills. Executing deliverables effectively in a timely manner and building strong relationships with internal/external customers. ► Ensure proper system categorization using NIST 800-60 and FIPS 199, selection of controls NIST 800-53 and FIPS 200, implementation of security controls NIST 800-61 and assessment of controls using NIST 800-53A ► Providing valuable feedback to System Owners and ISSOs to address System Security Plans (SSP) implementation and Disaster Recovery Plans objective. ► Proficient and skilled in identifying, implementing and improving IT policies & processes, Healthcare Fraud detection/prevention and EMR/EHR records. IT Healthcare Business Analyst with years of experience in Healthcare IT support, EMR/EHR and Vendor project management, vendor relationship management.
Festus A. A.'s current company
Company context helps verify the profile and gives searchers a useful next step.
Festus A. A. work experience
A career timeline built from the work history available for this profile.
Cybersecurity Quality Assurance Lead
Iron Vine Security (IVS) has been acquired by ASGN Inc. (parent company of ECS), effective 01/01/2023.
Sr. Cyber Security & Compliance Analyst
• Review System Security Plans using NIST 800-18 as a guide, perform updates on Security Assessment Report (SAR), Plans of Action and Milestones (POAMs), Risk Assessments, Create change control procedures, drafts, reviews etc.• Conduct FedRAMP Readiness Assessments and review ATO Packages for FedRAMP Cloud environments.• Perform initial assessment review and continuous monitoring of assigned systems and make recommendation based on vulnerability; high, moderate, or low.• Develop solutions to security weaknesses in the Requirement Traceable Matrix (RTM) and SAR, while working on POA&M remediation.• Perform evaluation of policies, procedures, security scan results, and system settings in order to address controls that were deemed insufficient during Certification and Accreditation (C&A), RMF, and continuous monitoring step.• Perform Step 5 assessment of the RMF using NIST 800-53a as guide and coordinate final decisions by initiating meetings with System Owner (SO).• Ensure that the Information Systems Security department's policies, procedures, and practices as well as other systems user groups are compliant with FISMA, NIST, FedRamp and general agency standards.• General Review of documentation; System Security Plan NIST 800-18 as a guide, Authorization to Operate (ATO), Security Assessment Report (SAR), FIPS 199 System Categorization using NIST 800-60 Vol1/Vol2 based on confidentiality, integrity and availability (CIA), policy and procedures, e-authentication, Privacy Threshold Analysis, Privacy Impact Analysis (PIA), Contingency Planning (CP) and interconnection security agreement as per NIST 800-47, certification and accreditation (C&A) packages and system standard operating procedures.
Sr. Information System Security Analyst
• Served as the Subject Matter Expertise (SME) on issues surrounding Information Security and Information Technology compliance standards. Review and update security documentation governed by NIST 800 series and organizational policies. • Developed the Standard Operating Procedures (SOPs) to create the A&A process, coordinate, track and remediate security weaknesses as discovered in the Plan of Actions and Milestones (POA&M) tracking tool. • Developed System Assessment and Authorization (SA&A) packages for compliance with NIST guidance, including System Security Plans, System Categorization documents POA&M, Contingency Plans, and PIA.• Conducted RMF briefings to the client explaining the life development cycle of the system and provide continuous security monitoring of assigned systems and made decisions either in critical or marginal risk situations. • Maintained an understanding of operations throughout the organization to proactively enhance the user experience of new security policies and procedures. • Collaborated with other security personnel on security assessment activities and reviewed results of vulnerability scans to ensure client system is devoid of critical and high vulnerabilities.• Assessed the information technology systems, security regulatory risk management and security vulnerabilities. • Supervised and performed system vulnerability scanning and administration of system security configuration using Tenable Nessus vulnerability scanner.
Audit & Assurance Associate
• Acted as lead staff auditor and helped coordinate multiple engagements, gaining valuable hands-on integrated audit experience with publicly traded and private clients• Assisted in the planning/development and finalization of engagement scope and the development of audit strategy• Assisted in the preparation of full disclosure financial statements from client records for both publicly traded and private clients• Reviewed detailed audit programs and coordinated the request for client documents and other checklists to perform the audits• Worked on accounting projects where familiarity with pertinent Internal Revenue Code (IRC) sections and regulations was required• Analyzed clients' financial statement variances and effectively communicated those variances to client management• Analyzed potential deviations from Generally Accepted Accounting Principles (GAAP), within clients' financial statements• Enforced Internal Control processes and communicated weaknesses on clients' financial statements.• Identified Sarbanes-Oxley (SOX) control operating deficiencies and provided remediation guidance for applicable deficiencies• Provided coaching and mentoring for subordinate team members/interns• Developed and maintained a productive working relationship with client personnel and firm staff while identifying, communicating, and resolving issues
Festus A. A. education
Master Of Science - Ms, Information Technology/ Information Assurance
Bachelor Of Science - Bs, Accounting
Frequently asked questions about Festus A. A.
Quick answers generated from the profile data available on this page.
What company does Festus A. A. work for?
Festus A. A. works for ECS.
What is Festus A. A.'s role at ECS?
Festus A. A. is listed as Risk Management Framework | Assessment & Authorization | Certification & Accreditation | Plan of Action & Milestone | Vulnerability Management | Security Control Assessments | ATO | FISMA | NIST | FedRamp at ECS.
Where is Festus A. A. based?
Festus A. A. is based in Dallas-Fort Worth Metroplex, United States while working with ECS.
What companies has Festus A. A. worked for?
Festus A. A. has worked for Ecs, Iron Vine Security, Avaya, Citrin Cooperman, and Ernst & Young.
How can I contact Festus A. A.?
You can use AeroLeads to view verified contact signals for Festus A. A. at ECS, including work email, phone, and LinkedIn data when available.
What schools did Festus A. A. attend?
Festus A. A. holds Master Of Science - Ms, Information Technology/ Information Assurance from University Of Maryland Global Campus.
Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.
Start free trial