Summary
Overview
Work History
Education
Skills
Certification
Professionalmemberships
Functionalareasofexpertise
Languages
Timeline
Generic

Innocent N Bisong

Sacramento

Summary

Skilled in information security assessment and analysis with extensive knowledge of risk management frameworks (RMF), systems development life cycle (SDLC), and vulnerability management using FISMA, FedRAMP, and applicable NIST standards. Well-versed in NCUA regulation, third-party vendor management, and FFIEC audit. Strong focus on organization and solutions, thriving under deadlines and excelling both independently and as a team player. In-depth understanding of various software packages and operating systems for comprehensive support. Proven project and team leader with excellent customer service skills, effective communication abilities (both oral and written), and the ability to translate regulatory requirements into operational processes. Specializing in IT security expertise and guidance, successfully supporting security assessments and continuous monitoring for both government and private sectors. Expertise lies in risk management, network security, threat mitigation, vulnerability assessment, incident response, and data protection. Reliable focus on team collaboration and delivering results while adapting to evolving security challenges and ensuring robust defenses and compliance with industry standards. Known for integrity, reliability, and effective communication within cross-functional teams.

Overview

9
9
years of professional experience
1
1
Certification

Work History

Information Security Specialist

Sierra Central Credit Union
10.2022 - Current
  • Monitor the network for proper security procedures, and software, and evaluate signs of compromise
  • Work and Communicate with the organization to ensure internal and external security
  • Perform daily security checks of the system environment
  • Conduct internal risk Assessment review of Network and Information Systems (IS)
  • Monitor and review Netwrix auditor for DLP, Failed logins, and Software installation/Updates
  • Review ArmorPoint IDS/IPS logs via advanced search features, Duo Failed authentication
  • Review Qualys security scan reports and remediation of vulnerabilities
  • Monitor and review daily SolarWinds SEM reports for failed user authentication logs
  • Review events overview, Network Overview, and Security on ManageEngine SIEM
  • Monitor and review the Quest/ Black Kite security ecosystem, Monitor AD for active, Inactive accounts and dormant accounts
  • Generate Monthly IT board reports for the board meeting
  • Review and generate daily Veeam backup and replication jobs for all successful and failed backups and replication jobs
  • Review Symantec Endpoint Protection Manager email notifications for critical alerts received on non-compliant systems
  • User change management review for new hire, status change request
  • Review MessageLabs email alerts, and monitor for any USB / External drive activity
  • Conduct Annual BIA, BCP, and Incident response plan
  • Vendor management

Cybersecurity Control Assessor

Accenture
01.2023 - 01.2024
  • Conducts independent comprehensive assessments of the management, operational, and technical security controls
  • Conduct Kickoff meetings and review assessment findings with stakeholders
  • Conduct assessment interviews with stakeholders, and request artifacts
  • Perform Information Technology (IT) systems assessments
  • Identify vulnerabilities and threats within the organization's environment

IT Security Analyst / Control Assessor

Panthergon IT & Cybersecurity Solutions (Formerly Xzentia IT & Cybersecurity Solutions)
09.2018 - 10.2022
  • Perform Control Audit & Assessment On a day-to-day basis
  • Support all Assessment and Authorization (A&A) phases and processes
  • Participate in kick-off meetings and follow-up meetings with the system team
  • Develop, review, and update Information Security System Policies, System Security Plans, and Security baselines following NIST, FISMA, RMF, and industry best security practices
  • Apply appropriate information security control for Federal Information Systems based on NIST 800-series, FIPS 199 and 200, and OMB A-130 Appendix III for the Security and Privacy Controls for Federal Information Systems and Organizations
  • Liaise with multiple stakeholders interviewing, planning, or participating in a team effort to bring multiple assessments to a close in a highly motivated and fast-paced environment
  • Prepare and present Authority to Operate (ATO) documents (SSP, SAR, and POAM)
  • Maintain and update standard operating procedures (SOP) to create or improve SA&A processes
  • Create and manage POAMs and provide quarterly POAM status to management
  • Initiate and verify the completeness of authorization or re-authorization of all systems (FISMA and FedRAMP)
  • Support client Security policies and activities for networks, systems, and applications including, Incident Reporting, Remediation, and Continuous Monitoring
  • Reviewing, analyzing, and documenting the secure implementation of logical controls, physical controls, environmental controls, personnel security, and incident handling
  • Updating and reviewing A&A Packages to include Core Docs, Policy & Procedures, Operations and Maintenance Artifacts, SSP, SAR, POA&M, PTA, PIA, and more
  • Upload supporting docs in the System’s Artifact Libraries, Google Docs, and GRC tool
  • Monitor security controls post-authorization to ensure continuous compliance with the security requirements
  • Perform internal audits of the systems before third-party audits

IT Control Assessor

Vinds Inc.
05.2017 - 07.2018
  • Assessment of management, operational, assurance, and technical security controls implemented on an information system
  • Demonstrate the detailed ability to analyze implemented controls and evaluate their effectiveness and compliance with policy, standards, and guidelines
  • Assess the effectiveness of the patch and vulnerability management processes
  • Evaluate the performance and correctness of applied security controls per standards, procedures, directives, policies, and regulations and recommend corrective action as needed
  • Document Assessment findings in a Security Assessment Report (SAR) and recommend remediation actions for controls that failed and vulnerabilities
  • Implemented the Risk Management Framework (RMF) in accordance with NIST SP 800-37

IT Support Specialist

The Good Shepherd International
02.2016 - 05.2017
  • Provided timely resolution of problems or escalation on behalf of the internal customer to appropriate IT technical staff
  • Served as the first point of contact for customers seeking technical assistance over the phone, email, or instant message
  • Determined and documents the best solution based on the issue and details provided by the customer
  • Followed standard help desk procedures

Education

Bachelor of Science - Cybersecurity & Information Assurance

Western Governors University
Salt Lake City, UT
12-2025

Bachelor of Science - Banking/ Finance

University of Uyo- Nigeria
06-1997

Skills

  • Cybersecurity strategy
  • Vulnerability assessment
  • Threat intelligence
  • Security awareness training
  • Risk assessment
  • IT security
  • Threat management
  • Security audits
  • Risk management
  • Incident response
  • Cybersecurity
  • Business continuity planning

Certification

  • CISA, Certified information system auditor
  • CISSP, In view

Professionalmemberships

ISACA, Information System Audit and Control Association

Functionalareasofexpertise

  • Assessment and Authorization (A&A)
  • IT Security Compliance
  • Vulnerability Assessment
  • Vulnerability Scanning (TraceSecurity, TraceInsight, Qualys etc.)
  • Audit log monitoring
  • Third Party vendor management - Due diligence & Risk Assessment
  • Risk Assessment
  • Systems Development Life Cycle
  • IT Controls Testing
  • NIST Standards, PCI-DSS, HIPPA ETC
  • External Penetration Testing
  • Netwrix Auditor
  • Conduct Business Impact Analysis

Languages

English
Full Professional

Timeline

Cybersecurity Control Assessor

Accenture
01.2023 - 01.2024

Information Security Specialist

Sierra Central Credit Union
10.2022 - Current

IT Security Analyst / Control Assessor

Panthergon IT & Cybersecurity Solutions (Formerly Xzentia IT & Cybersecurity Solutions)
09.2018 - 10.2022

IT Control Assessor

Vinds Inc.
05.2017 - 07.2018

IT Support Specialist

The Good Shepherd International
02.2016 - 05.2017

Bachelor of Science - Cybersecurity & Information Assurance

Western Governors University

Bachelor of Science - Banking/ Finance

University of Uyo- Nigeria

Similar Profiles

  • Alida Miller

    Alida MillerAlida Miller

    Operations Manager at Sierra Central Credit UnionOperations Manager at Sierra Central Credit Union

    View Profile
  • Nathan Jackson

    Nathan JacksonNathan Jackson

    Financial Services Associate at Sierra Central Credit UnionFinancial Services Associate at Sierra Central Credit Union

    View Profile
  • Maegan Sanchez

    Maegan SanchezMaegan Sanchez

    Commercial Lending Assistant at Sierra Central Credit UnionCommercial Lending Assistant at Sierra Central Credit Union

    View Profile
Innocent N Bisong