Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Hi, I’m

GAMELI LUMOR

Bradford,ONTARIO

Summary

Over 6 years experienced System Security Analyst seeking a position in a growth-oriented organization with focus on FISMA, System Security Monitoring, Risk Assessments, Audit Engagements, Testing Information Technology Controls and developing Security Policies, Procedures and Guidelines. Passionate about new technology and learning new concepts.

Overview

14
years of professional experience
1
Certification

Work History

Cyber Elites

IT Security Analyst
08.2020 - Current

Job overview

  • Develops Plan of Action & Milestones (POA&M) document to remedy systems vulnerabilities resulting from System Test & Evaluation (ST&E)
  • Develops the audit plan and performs the General Computer Controls testing of Information Security
  • Formulates test plans, and documented gaps, test results, exceptions and developed remediation plans for each area with vulnerabilities
  • Develops Security Assessment Report (SAR) detailing the result of the assessment along with Plan of Action & Milestones (POAM.)
  • Assists in the identification of risks as part of the risk management process, including business continuity and disaster recovery planning
  • Performs Bi-annual security policy review to ensure all information is current with the laws, directives and regulations
  • Performs Security Categorization (FIPS 199), Privacy Threshold Analysis (PTA), E-Authentication with business owners selected stakeholders
  • Develops and conducts Security Test and Evaluation (ST&E) according to NIST SP 800-53A Rev 3 and Rev 4
  • Carries continuous monitoring after authorization (ATO) to ensure continuous compliance with the security requirements
  • Develops Security Assessment Plan (SAP) to initiate Security Assessment for low, moderate and high control information systems
  • Updates IT security policies, procedures, standards and guidelines according to department and federal requirements
  • Reviews and updates some of the system categorization using FIPS 199
  • Conducts Security Control Assessment on General Support Systems (GSS), Major Applications and Systems to ensure that such Information Systems are operating within strong security posture
  • Develops policy and procedural controls relating to Management, Operational and Technical Controls for the Organization

Cornerstone Global Technologies

Security Control Assessor
05.2017 - 06.2020

Job overview

  • Administered company information security testing and protection plans by analyzing and updating System Security Plan (SSP), Risk Assessment (RA), Privacy Impact Assessment (PIA), System Security test and (ST&E) and the Plan of Actions and Milestones (POA&M)
  • Assisted System Owners and ISSO in preparing certification and Accreditation package for companies IT systems, making sure that management, operational and technical security controls adhere to a formal and well-established security requirement authorized by NIST SP 800-53 R4
  • Designated systems and categorize its C.I.A using FIPS 199 and NIST SP 800-60
  • Conducted Self-Annual Assessment (NIST SP 800-53A)
  • Performed Vulnerability Assessment after identifying potential threats by making sure that risks are assessed, evaluated and a proper action have been taken to limit their impact on the Information and Information Systems to ensure mitigating the identified risks
  • Created standard templates for required security assessment and authorization documents, including risk assessments, security plans, security assessment plans and reports, contingency plans, and security authorization PA
  • Conducted I.T controls risk assessments that included reviewing organizational policies, standards and procedures and provided advice on their adequacy, accuracy and compliance with the Payment Card Industry Data Security Standard
  • Provided reports on projects scheduled to the project manager as well as supported other team members to ensure project success
  • Independently interacted regularly with clients of varying associate, management levels to gather and analyzed business requirements and interpreted solutions, business needs and issues in order to design solutions that would solve technical and business issues
  • Developed new process for employee evaluation which resulted in marked performance improvements

Engineered Air

Lead Technician
09.2010 - 03.2015

Job overview

  • Built capacity through working with teams on investigating issues, roots cause analysis documenting and recording in OPL’ Job Aides
  • Creating KPI’s among teams and driving improvement where necessary
  • Review and updated, outdated SOP’s and training certification materials
  • Lead a team of 15 technicians, conducted interviews and follow up assessment
  • QA products before shipment
  • Cascaded organizational goals across units
  • Independently interacted regularly with clients of varying associate, management levels to gather and analyzed Business requirements and interpreted solutions, business needs and issues in order to design solutions that would solve technical and business issues

Education

Georgian College-Continuing Education
Barrie, ON

HVAC
02.2025

University Overview

Ghana Institute of Languages
ACCRA

Spanish
02.2025

University Overview

Skills

  • Security Assess
  • Risk Management Framework
  • RMF
  • NIST
  • GRC tools
  • FISMA com
  • Windows
  • MS Office
  • MS-Outlook
  • FEDRAMP
  • ISO 27001 Auditor
  • COBIT
  • COSO
  • SARBANE-OXLEY404 ACT
  • PCIDSS
  • AWS
  • LINUX Shared Assessment
  • Enterprise Risk Management
  • Cloud Computing compliance
  • Developing security policies
  • Procedures
  • Guidelines
  • Vulnerability assessment
  • Business continuity planning
  • Data analysis
  • Patch management
  • Cybersecurity frameworks
  • Risk management
  • Security protocols
  • Risk assessment
  • Intrusion test oversight
  • Intrusion detection
  • Firewall configuration
  • Incident response management
  • Cloud security
  • Incident response
  • Firewall management
  • Analytical thinking
  • Security monitoring
  • Network security management
  • Intrusion detection and prevention

Certification

  • CompTIA Security+
  • CISA: Certified System Information Auditor.
  • Actively Working towards Certified Information System Manager.

Languages

Spanish
Native or Bilingual

Timeline

IT Security Analyst
Cyber Elites
08.2020 - Current
Security Control Assessor
Cornerstone Global Technologies
05.2017 - 06.2020
Lead Technician
Engineered Air
09.2010 - 03.2015
  • CompTIA Security+
  • CISA: Certified System Information Auditor.
  • Actively Working towards Certified Information System Manager.
Georgian College-Continuing Education
HVAC
Ghana Institute of Languages
Spanish

Similar Profiles

  • Adelaide ubilluz

    Adelaide ubilluzAdelaide ubilluz

    Notary Public at The Elites NotaryNotary Public at The Elites Notary

    View Profile
  • NGEMERA RABISON CHRIZESTOMU

    NGEMERA RABISON CHRIZESTOMUNGEMERA RABISON CHRIZESTOMU

    Certified Nursing Assistant at Shamilas Gentle Care And Elites Nurse AgencyCertified Nursing Assistant at Shamilas Gentle Care And Elites Nurse Agency

    View Profile
  • ROBENSON SAINT-JEAN

    ROBENSON SAINT-JEANROBENSON SAINT-JEAN

    Sales Associate/License Real Estate Agent at KW ElitesSales Associate/License Real Estate Agent at KW Elites

    View Profile
GAMELI LUMOR