Kukie Annan-Mensah - Cybersecurity Analyst, KPMG

Keep in touch with meI'm using Intch to connect with new people. Use this link to open chat with me via Intch app

Work Background

KPMG USInformation security governance and strategy

Jun. 2021Washington DC-Baltimore Area•Lead engagement teams in the completion of NIST(CSF),(CMA),(CMMI)assessment. Deliverables included development of short and long term remediation strategies for identified issues. •Lead the team to help clients in creating IT policies and procedures. Leveraging the SANS and NIST templates and tailored it to clients scope and specification. •Lead in risk assessment, maturity assessment and investigations of compliance practices, including performing research, collection and review evidence, analysis, documentation of results and corrective measures implementation.

KPMG USCyber Security Specialist

Jun. 2021Washington DC-Baltimore Area

Booz Allen HamiltonCompliance & Risk Management Analyst

Sep. 2018 - Jul. 2021McLean, Virginia, United StatesCyber Compliance & Risk Management • As a lead assessor, I possess a deep understating of the Risk Management Framework, and I am familiar with the Security Regulations and Standards of DoD and currently with CMS on the NQIIC project. • Reviews, updates or creates and maintains Information system security documentation, including System Security Plan (SSP), Contingency Plan, Security Assessment Plan, Security Controls Matrix and Assessment, POA&M and Security Configuration Guide (controlled changes to the system) to support a system’s authority to operate (ATO). • Leads in obtaining PIA and PTA since CMS deals with PII and PHI. • Support A&A activities for systems to obtain an Authorization to Operate (ATO) and track FISMA compliance information. • Provides cybersecurity and IT consulting services to DoD, VA, and currently HHA clients, assisting stakeholders with package validation through the Risk Management Framework (RMF) process. • Examines, tests, and interviews system owners to validate compliance with the National Institute of Standards and Technology (NIST) controls, including NIST SP 800-53. • Writes and edits RMF control family templates, implementation plans, and plans of action and milestones (POA&M) to assess security controls and obtain ATO. • Manages and maintains the health of Vulnerability Assessment/Security Posture infrastructure manager/clients. • Gathers data and research through the deployment and implementation of DoD Cybersecurity tools such as eMASS.

Booz Allen HamiltonClassroom Co-facilitator (Learning & Development Onboarding)

Sep. 2018 - Jul. 2021McLean, Virginia, United States• Facilitating new hires onboarding experience through demonstrative education and effective communication. • In collaboration with L&D Manager/Learning Designer, contribute to the design of responsive training resources. • Provide regular feedback to L&D Manager and local management teams, flagging any issues to be addressed. • As a Co-facilitator, I have regular contact with senior leadership, to ascertain the needs of the organization. • Consults well with managers to identify training needs and then delivers responsive training or facilitated learning.