1. TEBO NDAGHA;127 East Mill Ave. Capitol Heights 20743, Email:tebofrank@gmail.com,
Tel:3014549935
EDUCATIONAL QUALIFICATION:
Oracle Database Administration Certified (OCA 11G) 2015
Computer Science Certification for Software and Hardware Maintenance 2003-2004
University of Buea Cameroon 2004-2007
Bachelor of Science in Computer Science and Information Security
SUMMARY: Over 6 years of Cyber Security, RMF, five to six-year experience as Security
Analyst, Privacy and Data. Protection, Security Management & Operations, Vulnerability
scanning, Security testing, Penetration testing, checkpoints and cisco ASA,Certification and
Accreditation (A&A), Project Management, Change Management, NIST 800-53 rev1 and rev4
and NIST SP 800-37 rev 1, 800-18, 800-53 rev 3 and 800-34, FIPS, FISMA, PCI DSS,
Security Content Automation Protocol, NIST family of security controls, POA&M, A&A
Package, Incident and Contingency planning, Knowledge of ISO 27001 and ISO
2702 Security Standards and Controls, Knowledge of the System Development Life Cycle
(SDLC), ,PMBOK Project Management Knowledge Areas, Research Analysis, Risk management,
Costs planning and, Project scheduling and Planning, General Management, Communication,
Negotiation, Mediation Facilitation, Leaderships and Organization.
Technology: Internet Applications, Words, Excel, MS Project and PowerPoint, MS Visio, Access,
SharePoint and DOVICO, Nessus, Foundstone, Webinspect TAF, Xacta, CFACTS, and CSAM
WORK EXPEREINCE:
Washington Tech Solutions Information Security Analyst
Upper Marlboro February 2012 to Present
Performed Security Categorization (FIPS 199), Privacy Threshold Analysis (PTA),
E-Authentication with business owners selected stakeholders.
Developed and conducted Security Test and Evaluation according to NIST SP 800-53A.
Worked with business process owners to ensure timely identification and remediation of
jointly owned risk related issues and action plans.
Managed the development of System Security Authorization Agreements and performed threat
vulnerability assessments and provided security test and evaluation support.
Developed security policies and provided technical support in the evaluation of security
products and developed information system security studies and reports that address areas
of information system security concerns.
Assisted with review of policy, security alerts, guidance, regulations and technical
advances in IT Security Management
Utilized processes within the Security Assessment and Authorization environment such as
system security categorization, development of security and contingency plans, security
testing and evaluation, system accreditation and continuous monitoring.
Contributed to initiating FISMA metrics such as Annual Testing, POA&M Management,
and Program Management
Develop and maintain policy and procedures includes SSP, CP, ISCAM and
RAR
Configuration Management activities including CCB participation
2. Development and maintenance of Plan of Action & Milestones (POA&M)
Provided input to management on appropriate FIPS 199 impact level designations and
identify appropriate security controls based on characterization of the general support
system or major applications.
Oversaw the preparation of a Comprehensive and Executive Certification & Accreditation
(C&A) packages for submission to the Information Assurance Program Office for approval
of an Authorization to Operate (ATO).
Reviewed security controls and provided implementation responses as to if/how the
systems are currently meeting the requirements.
Ensure customers are in compliance with security policies and procedures following NIST
800-53 and NIST 800-53A.
Perform specific quality control for packages validation on the SP, RA, RTM, PIA, SORN,
E-authentication assessment and FIPS-199 categorization
Planed, assigned and performed security validation review for C&A documentation, and
supervised team members. Developed NIST-compliant vulnerability assessments,
technical documentation, and Plans of Action and Milestone (POA&M), and address
system weaknesses.
Provided POA&M Quality and Management (review, update and validate on behalf of the
CISO. Reviewed and uploaded deliverables in C&A repositories TAF and RMS.
Reviewed and document System Security Plan (SSP), Security Assessment Report (SAR),
Security Plan of Action and Milestones (POA&M), Authorization letter/memorandum
(ATO).
Sky Consulting Oracle Database Admin
Beltsville MD May 2008 to November 2011
December
Installed, configured, and maintained Oracle 10g and 11 g R2 on Linux and also Upgraded
from Oracle 10g to 11g.
Involved in export and import of database objects in order to copy them from one database to
another & for backup the tables.
Responsible for continuous Monitoring of CPU usage, I/O contention, memory paging and
identify the resource and performance bottleneck and reorganization for ensuring performance.
Monitored queries with high response time and high disk read per execution (Top SQLs) and
tuning the same using Explain Plan, TKPROF and SQL tuning advisor.
Involved in De fragmenting data blocks of table spaces for optimized performance. Also
partitioned large tables to increase performance.
Responsible for all database activities such as User management, space management, database
security management.
Implemented the resizing the online redo logs in production and in standby database.
Automated Database refresh from the Host system to Oracle using, SQL and PL*SQL
procedures.
Implemented Logical and Physical Standby Databases for RAC cluster on Sun Solaris platform
using Data Guard feature of Oracle 10g R2.
Successfully performed data replication using Materialized views and Oracle Streams in
Oracle 10gR2.
3. Cloned/Migrated databases using RMAN and traditional Datapump export import utilities in
Oracle 10gR2.
Scheduling the Physical backups (hot & cold) in CRON tab using RMAN utility and
monitoring the scheduled jobs.
Collecting performance statistics using Stats pack/AWR (Automatic Workload Repository)
and analyzing by ADDM (Automatic Database Diagnostic Monitor)
Rebuilding indexes or analyzing the index as per the fragmentation level and minimize the
performance issues.
Monitoring the CPU usage, IO statistics, and CPU time to identify any OS level Performance
killers.