Security Analyst Resume
5.00/5 (Submit Your Rating)
OBJECTIVE:
- Currently working for the DOC as a cyber security analyst. A Cyber Security Analyst, experience in supporting system control assessments/testing, risk assessment along with implementing Security Assessment and Authorization effort by using Confidential guidelines and publications.
- I am committed to maintaining and securing enterprise security posture in compliance with Confidential using applicable Confidential Special Publications e.g.
- FIPS 199, 200, SP 800 - 30, 800-37, … 800-60, and … Great analytical, observational, personal, communication, oral and written skills.
- Team work and helping those who need it is very important. Self-motivated, goal-oriented professional with a progressive track record, dedicated to surpassing mission objectives, visions and goals.
TECHNICAL SKILLS:
- Supported information gathering with regard to RISK MANAGEMENT FRAMEWORK (RMF)
- Conduct kick off meetings with System Owners, ISSO and Senior Executives to commence the security controls assessment
- Conduct IT Controls risk assessment to identify system threats, vulnerabilities and risk, and generate reports
- Review security baseline controls and develop test plan that was used to assess implemented security controls.
- Utilize CSAM for system security assessment and POA&M management
- Review System Security Plan (SSP) to provide an overview of the system security requirements and describe the controls in place.
- Create standard templates for required security assessment and authorization documents; Risk Assessment (RA), System Security Plan (SSP), Contingency Plan (CP) and Security Plan (SP)
- Assisted Information System Security Owner in developing System Security Plans
- Experienced in Confidential, FIPS and Confidential publications.
- Experienced in Systems monitoring.
WORK EXPERIENCE:
Security Analyst
Confidential
Responsibilities:
- Conduct meetings with the IT team to gather documentations and evidences (Kick - off meeting) about their control environment.
- Classification and categorization of information Systems using the RMF processes to ensure system Confidentiality, Integrity and Availability.
- Expertise in National Institute of Standards and Technology Special Publication ( Confidential SP) documentation: Performed assessments, POAM Remediation, and document creation using Confidential SP.
- Performed Security Categorization (FIPS 199), Privacy Threshold Analysis (PTA), E-Authentication with business owners and selected stakeholders.
- Hold kick-off meeting with CISO and systems stakeholders prior to assessment engagement.
- Confidential Reports, Standard Operating Procedures (SOP) in accordance with
- Conduct the ST&E Kick-off Meeting and populate the Requirements Traceability Matrix (RTM) according to Confidential SP 800-53A.
- Experience with Confidential standard on cyber security and incident handling (800-63, 800-61)
- Develop C & A (certification and accreditation) documents (System Security Plans, Security Test & Evaluation Plans, Risk Assessments, Contingency Plans) on major systems using Confidential guidelines ( Confidential 800-18, Confidential 800-30, 800-53, and more).
- Manage the continuous Monitoring phase which includes monitoring & mitigating POAM and conducting self-assessments.
Cyber Security Analyst
Confidential
Responsibilities:
- Assist in the creation of SA&A packages with the responsibility for gathering information from system owners, applying data to the appropriate templates, and attending meetings in support of the effort
- Provide audit briefings to agency and Information Systems Security Officer's (ISSO), to assist in the preparation of independent audit assessments with the agency's goal of improving their operational effectiveness and ensuring that all findings are documented as Plan of Action & Milestones within their Trusted Agent Confidential (TAF), CSAM tool.
- Create, update and revise System Security Plans, Confidential & FISCAM audits, Contingency Plans, Incident Reports and Plan of Action & Milestone.
- Participate in ST&E Kick-off Meeting and populate the Requirements Traceability Matrix (RTM) per Confidential SP 800-53A.
- Document and finalize security Assessment Report (SAR) and Performing security assessment and continuous monitoring of cloud computing services on multi-agency systems in accordance with FedRAMP security control baselines.
- Develop and conduct ST&E (Security Test and Evaluation), Security Assessment plan (SAP) per Confidential SP 800-53A.
- Hold kick-off meeting with CISO and systems stakeholders prior to assessment engagement.
- Develop, maintain, and communicate a consolidated risk management activities and deliverables calendar.
- Perform comprehensive Security Control Assessments (SCA) and write reviews of management, operational and technical security controls for audited applications and information systems
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
