We provide IT Staff Augmentation Services!

It Security Analyst Resume

3.00/5 (Submit Your Rating)
Hire Now

TECHNICAL SKILLS:

  • FISMA Compliance
  • Assessment and Authorization (A&A)
  • Risk Assessment & Risk Management
  • MS Suite (Word
  • Excel
  • Power point)
  • Operating Systems (Windows
  • Linux
  • VMWare)
  • FIPS Standards
  • Contingency Plans
  • Privacy Impact Assessments
  • Security Operating Procedures
  • Vulnerability Assessment
  • FISMA Audit & Metrics
  • Security Control Testing

PROFESSIONAL EXPERIENCE:

Confidential

IT Security Analyst

Responsibilities:

  • Managing System Security Plans(SSP), Plan of Action & Milestones(POA&M), Contingency Plans(CP), Contingency Plan Tests (CPT), continuous monitoring of systems, Privacy Impact Assessments (PIA), and Risk Assessments (RA) documents per NIST 800 guidelines
  • Providing input to management on appropriate FIPS 199 impact level designations and identifying appropriate security controls based on characterization of the general support system or major applications
  • Developing and conducting ST&E (Security Test and Evaluation), Security Assessment plan (SAP) according to NIST SP 800 - 53A
  • Managing and coordinating a team of information security professionals to conduct Security Authorization packages based on NIST standards for general support systems and major applications
  • Managing POAM Remediation, performing evaluation of policies, procedures, and system settings in order to address controls that were deemed insufficient during Certification and Accreditation (C&A), RMF, and continuous monitoring.
  • Conducting gap analysis to make sure correct controls were in POA&M
  • Assisting the ISSOs to create solutions to weaknesses based on system functionality and pre-existing architecture
  • Conducting meetings with the IT team to gather documentations and evidences (Kick-off meeting) about their control environment
  • Performing Security Categorization (FIPS 199), Privacy Threshold Analysis (PTA), e-Authentication with business owners and selected stakeholders
  • Developing, maintaining, and communicating a consolidated risk management activities and deliverables calendar
  • Conducting IT controls risk assessments that included reviewing organizational policies, standards and procedures and provided advice on their adequacy, accuracy and compliance with the Payment Card Industry Data Security Standard (PCI-DSS).
  • Performing on-site security testing using vulnerability scanning with tools such as Nessus and interpreted results
  • Creating documents for FEDRAMP A&A process to retrieve ATO through GSA
  • Working Knowledge with ISO, SSAE 18 (SOC Attestation Standard) and HIPAA Compliance Assessment

Hire Now
Report an issue

We'd love your feedback!

Privacy Policy
Resume Categories
Client Services
Job Seekers
Visa Sponsorship