Ahmad - Security Analyst & Operations Associate at Williams Adley

Lake Arbor, Maryland, United Statesen

Implemented security controls aligned with NIST 800-53, CMMC, ISO 27001, and SOC 2 frameworks, enhancing organizational security posture.

Conducted comprehensive threat and vulnerability scans using industry-standard tools, providing actionable remediation strategies.

Contact via CazVid

Published on CazVid

Summary

Dedicated Security Analyst with hands-on experience implementing security controls aligned with NIST, CMMC, ISO 27001, and SOC 2. Skilled in vulnerability management, IAM, and policy enforcement to enhance organizational cybersecurity posture.

Key Achievements

Configured and maintained IAM systems to strengthen access management and reduce security risks.
Developed and enforced security policies supporting compliance with FedRAMP and COBIT standards.

Skills

Security Frameworks & StandardsExpert

Extensive experience implementing and maintaining security controls based on NIST, CMMC, ISO 27001, and SOC 2 standards.

Vulnerability & Threat ManagementAdvanced

Proficient in conducting vulnerability scans and analyzing threats using Nessus, Rapid7, Qualys, and Tenable, with a focus on remediation.

Identity & Access Management (IAM)Advanced

Skilled in configuring and managing IAM systems to ensure secure access controls.

Risk & Incident ManagementIntermediate

Capable of managing risk assessments and incident response procedures to mitigate security incidents.

Experience

Security Analyst & Operations Associate

Williams Adley

Implemented and maintained security controls aligned with NIST 800-53, CMMC, ISO 27001, and SOC 2 frameworks, including endpoint hardening, application security, and identity access management (IAM), enhancing overall security posture. Automated Active Directory monitoring and compliance alerts, ensuring adherence to password policy, access control, and account lifecycle management best practices, which improved security compliance. Conducted comprehensive security monitoring and log analysis, identifying and resolving security events using SIEM (Splunk) to significantly enhance incident response.. Enhanced vulnerability management and insider threat programs by integrating IDS/IPS, endpoint detection and response (EDR), and network security tools, significantly boosting threat detection capabilities.. Managed IT asset lifecycle, device hardening, and secure software deployments to reduce attack surface and maintain regulatory compliance, enhancing overall security management. Enhanced network security by implementing secure components and firewalls with cross-functional teams and vendors, achieving full system compliance.. Developed and managed comprehensive audit readiness documentation with auditors, significantly boosting compliance by rigorously applying security controls throughout the enterprise.

Information Technology Audit Associate

Williams Adley

Conducted threat and vulnerability scans using Nessus, Rapid7, Qualys, and Tenable, providing actionable remediation plans to align with NIST RMF, FedRAMP, and COBIT requirements.. Configured and maintained firewalls, IDS/IPS, and SIEM solutions to support continuous monitoring and rapid incident response.. Performed compliance audits and risk assessments against NIST 800-53, ISO 27001, and other security frameworks, producing reports for both technical and executive audiences.. Supported GRC program initiatives by tracking remediation status, reviewing access management controls, and mapping system changes to security requirements.. Developed onboarding security standards, including IAM configuration, VPN setup, anti-malware installation, and secure baseline imaging.. Authored security policies, SOPs, and technical documents that enhanced audit readiness, streamlined compliance, and strengthened operational effectiveness.. Collaborated with IT teams, external auditors, and stakeholders to resolve audit findings, strengthen security posture, and maintain compliance certifications.