Information Systems Security Officer Resume
2.00/5 (Submit Your Rating)
Herndon, VirginiA
TECHNICAL SKILLS:
Information security policies, procedures and control techniques as directed under FISMA, RMF & SP 800 series
FedRAMP
Sarbanes - Oxley Act
ISO 27001/27002
HIPAACOBIT
PCI-DSS
ITIL
PROFESSIONAL EXPERIENCE:
Confidential, Herndon, Virginia
Information Systems Security Officer
Responsibilities:
- Develop and implement security controls and documentation to obtain ATO (for systems). utlining system operating environment, overall mission, physical diagrams, hardware and software inventories, configuration management, type of data processed, user organizations, security classifications, operating modes, interconnections to other systems/networks, security personnel, and other associated responsibilities.
- Oversee, develop, improve and maintain the overall security posture of the systems that includes Information System Security Plans, Risk Ratings, Contingency Plans, Security Assessments, Contingency Plan Tests and other associated documentation according to FedRAMP, ITIL and other government and industry standards/frameworks.
- Participate in the development and revision of security controls of the system and local operating procedures that are based upon regulatory, policy and industry requirements.
- Act as a consultant to system owners for the security of the system and system documentation.
- For example, security incident reports, equipment/software inventories, operating instructions, technical vulnerability reports, and contingency plans.
- Work closely with technical teams for successful Certification & Accreditation of the system that leads to ATO.
- Perform monthly vulnerability remediation based on monthly scan results of assigned systems.
Confidential, Richmond, Virginia
Information Compliance Analyst
Responsibilities:
- Conduct risk assessments of internally and externally hosted applications to maintain protection of company assets.
- Conduct risk assessments that align with ISO 27000 and PCI Standards and report on findings to the system owners and management.
- Ensured that personnel accessing systems complied with the ISO 27000 and PCI Standards.
- Assess risks within information security architecture.
- Use defined audit or risk methodologies and best practices to plan, scope, and execute information Security risk assessments.
- Responsible for ensuring that Information Security policy, standards, and processes are routinely assessed for all systems.
- Conduct ongoing analysis of data received from both external and internal sources and advises security leadership on recommended risk mitigation strategies and remediation priorities as appropriate.
Confidential
Risk and Compliance Analyst
Responsibilities:
- Worked closely with the Information Security Officer and Information Technology department staff to assess and reduce information security risks and ensure compliance with established financial institution regulations as part of the GRC process
- Assisted in daily security alert monitoring and reporting, security information and event management, annual risk assessment assistance, quarterly logical access reviews, audit response assistance, and security policy maintenance.
- Verified that new and existing clients are not on the OFAC list, minimized money-laundering activities, prevented and detected fraud incidents and tracked key performance indicators.
- Identified areas that required increased security controls to protect the organization and its end users from future fraud, and coordinate with outside authorities and law enforcement on fraud case inquiries.
Confidential, New York, NY
Information Security Risk and Compliance Analyst
Responsibilities:
- Provided written reports detailing all security events relative to network security matters and submit these reports to establish procedures and reporting requirements.
- Assisted in the execution of process necessary to maintain FISMA compliance, including SSP and POA&M maintenance, in a manner that is effective, efficient, and timely.
- Documented case findings in Archer and SharePoint and work with additional teams to mitigate incidents that have occurred.
- Performed a range of IT audit, internal audit, and other related information system services including Confidential 800-53 and FedRAMP security control assessment.
- Assisted in process improvement, policy/procedure development, network architecture assessments, IT risk assessments, application control reviews, systems implementation assistance, and a wide variety of other technology related services.
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
