Information assurance analyst Resume

PROFESSIONAL EXPERIENCE:

Confidential

Information assurance analyst

Supported agencies by conducting assessment to ensure FISMA compliancy
Supports the Security Assessment and Authorization process of the clients’ systems as a Security Analyst
Experience in cloud system assessments, primarily with AWS (Amazon Web Services) by utilizing FedRAMP and NIST guidelines
Experience in executing Step 4 (Security Assessment) of the NIST Risk Management Framework (RMF).
Experience in developing and disseminating Security Assessment Plans.
Experience in interpreting and evaluating implementations of NIST 800 - 53 rev 4 security controls.
Documenting findings within Requirements Traceability Matrixes (RTMs) and Security Assessment Reports (SARs).
Reviewed technical security controls and provide implementation responses to meet requirements
Meet with client to discuss findings and process of remediation

Confidential

IT security analyst,

Assessed systems to ensure FISMA compliancy
Experience in executing Step 4 (Security Assessment) of the NIST Risk Management Framework (RMF).
Experience in developing and disseminating Security Assessment Plans.
Experience in interpreting and evaluating implementations of NIST 800-53 rev 4 security control
Documenting findings within Requirements Traceability Matrixes (RTMs) and Security Assessment Reports (SARs).
Experience reviewing and interpreting Nessus Vulnerability and Compliance scans, WebInspect scans,
Ability to execute Security Assessments and develop and deliver supporting documentation within aggressive timelines.
Assessing systems of varying scope and complexity and comprised of various technologies.
Work on multiple assessments simultaneously.
Attend client meetings as necessary
Provide weekly status reports

Confidential

assistant IT security analyst

Helped in developing, reviewing and updating Information Security System Policies.
Assisted team in performing vulnerability scanning with the support of Nessus scanning tool to detect potential risks on a single or multiple asset across the enterprise network.
Updated IT security policies, procedures, standards, and guidelines per the respective department and federal requirements.
Performed risk assessments, help review and update, Plans of Action and Milestones (POA&M), Security Control Assessments, and specific security documentation. (SA&A) Security Assessment and Authorization using NIST SP 800-53 rev4/FIPS 200 (Security Controls), NIST SP 800-53A rev4 (Assessing Security Controls).
Assisted in monitoring controls post authorization to ensure constant compliance with the security requirements

Confidential

Entry level information assurance analyst

Utilized NIST 800-53a and 800-30 to identify the level of risk as well as help the assessment team with the vulnerabilities identified and assessing them.
Assisted ISSO with utilizing 800-53 rev4 to identify any compensating controls that can be utilized to assist in securing a system
Assisted the SOC team in documenting and reporting vulnerabilities by utilizing tools such as Splunk and SNORT.
Assisted team with the policy and procedure writing by applying NIST
Performed the duties of a SOC Operator for the Federal Protective Service (FPS) at the Federal Bureau of Prisons (FBOP). My scope of duties includes supervision, training and first responder. I am the liaison between the client (FBOP) and the FPS Mega Center.
I manage a high volume of emails and calls from the government and client and offer rapid solutions to ensure excellent customer service.
My primary duties include monitoring three facilities interior and exterior and maintaining an electronic log of all events. I provide supervision to three locations with a total of 47 employees. Using CCTV’s and other government issued equipment to ensure the safety and security of all individuals on site.