- 6 years of experience in Cyber Security Technology.
- With a broad knowledge of various information security concepts, standards, guides, and methodologies is familiar with information assurance principles, security controls assessment, NIST security standards, risks mitigation techniques, and security certification and accreditation process.
- Confidential possess the skills set and knowledge required not only to implement the processes, but also to maintain the Confidentiality, Integrity, and Availability (CIA) of the information and information systems processing, transmitting, and storing the information.
Confidential, Bethesda, MD
Information System Security Analyst
- Implement and enforce information system security policies, standards and methodologies in accordance with NIST security standards.
- Prepare and maintain C&A documentations.
- Develop and update system security plan and other IA documentation.
- Monitor operational security posture and compliance measures for information system to ensure that policies, standards, and procedures are established and followed through continuous monitoring program.
- Review information system documents including; System Security Plan (SSP), Risk Assessment Report, Accreditation and Authorization (A&A) packages, and System Requirements Traceability Matrices (SRTM).
- Review systems to identify potential security weaknesses, recommend improvements, and document upgrades.
- Perform continuous monitoring, and assist in the management of plan of action and milestone (POA&M).
- Support with user account management according to agency’s policies and procedures.
- Assist in creating new documents and updating existing ones as needed during continuous monitoring program to ensure compliance with Agency’s and NIST security standards.
- Enforce and track the proper implementation and functioning of security controls of the system
CYBER SECURITY ANALYST
Confidential, Silver Spring, MD
- Evaluated security controls using Risk Management Framework (RMF).
- Ensured system security plans are in compliance with NIST security standards.
- Analyzed, evaluated, and reported security compliance using different effective communication methods.
- Monitored, Identified, and recommended security controls to safe - guard information assets.
- Performed system evaluation and identified possible security vulnerabilities.
- Remediated non- compliance security controls by following-up with Plan of Action and Milestone (POA&M) process
- Involved with development, documentation and maintenance of log files of the information system.
- Participated in generating reports after assessment of the information system and the compliance level in accordance to NIST security standards.