Cyber Security Analyst Resume
4.00/5 (Submit Your Rating)
SUMMARY:
Cybersecurity Analyst with 5 years of experience managing and protecting enterprise information systems. Experienced in Risk Management Framework (RMF), Systems Development Life Cycle (SDLC), and vulnerability management of a wide range of System vulnerabilities and threats. Well versed in analyzing the security posture of information systems, strong critical thinking, communication and people skills.
SKILLS & COMPETENCIES:
- Nessus
- Windows Server
- Jira
- NIST 800 Series
- Splunk
- POAM
- FISMA
- Virtual box
- Kali Linux
- MS Office Suite
- FIPS 199
- SSP
WORK EXPERIENCE:
Confidential
Cyber Security Analyst
Responsibilities:
- Analyze the system functionality to determine systems categorization into Low, Moderate or High system categorization based on NIST .
- Perform security controls assessments in accordance with NIST A to determine and ensure systems security compliance.
- Document and Review the Security Assessment Plan (SAP) and Security Assessment Report (SAR) throughout the Assessment and Authorization (A&A) process.
- Create POA&Ms to enable appropriate teams to remediate, mitigate, and close Audit findings.
- Assist in drafting Authorization to Operate (ATO) packages for new and existing systems.
- Perform system vulnerability scanning using Nessus to reveal vulnerabilities that may be exploited on the system.
- Attach results of vulnerability scan obtained during security controls assessment into the SAR document for review.
- Assist in customizing the configuration of Nessus policies as a compliance security benchmark.
- Develop and maintain client's security policies and procedures using NIST as a guide.
- Assist in facilitating SCA meetings with relevant stakeholders to provide updates of progress and or status of the current security controls assessment exercise.
- Review and update the contingency plan (CP) document based on NIST to ensure system disaster recovery plan is current.
Confidential
IT Security Analyst
Responsibilities:
- Assisted in the Assessment and Authorization (A&A) process of the SCA team to ensure systems meet FISMA compliance.
- Selected and documented Security Controls of the system based on NIST Appendix D and relevant detailed Control requirements and supplemental guidance from NIST Appendix F as required in the RMF process.
- Developed the System Security Plan (SSP) based on NIST as a roadmap in preparing the systems for required security assessments.
- Developed the policies and procedures documentation to support the various security compliance and audit requirements.
- Conducted Nessus Vulnerability and Compliance scans to identify vulnerabilities in the system and refer solutions for remediation to assigned personnel.
- Documented the results of vulnerability scans and configuration compliance baseline standards such as DISA STIGs into the System Assessment Reports (SAR).
- Performed risk assessments for assigned application systems to determine risk levels and associated impact on the system and submitted results of findings in the assessment reports.
- Supported the SOC team to analyze log event on a SIEM tool Splunk to identify security issues for remediation.
- Participated in security controls assessment and documented weaknesses/findings in the Security Assessment Report (SAR).
- Documented the fail/pass controls results in the Requirement Traceability Matrix by using NIST SP A as a guide to determine assessment methodology Examine Interview Test procedure.
Confidential
Business/Requirements Analyst
Responsibilities:
- Developed System security requirements document showing casing read or write accesses.
- Translated high - level business requirements into functional and non-functional requirements.
- Developed System Use Case and User Story to demonstrate functionalities between user and the system.
- Planed software release schedule of new capabilities, features, and or functionalities to existing systems.
- Resolved escalated tickets in Jira ensuring clients had uninterrupted access to web applications.
- Developed Test Plans and Test Cases to provide a roadmap to testing applications.
- Conducted Manual Functional and Regression Testing to test bug fixes of application functionalities.
- Groomed Product Backlog to ensure products met client criteria.
- Prioritized User Stories for biweekly iterative to be delivered to client.
- Organized and Participated in Product Demo sessions to clients.