SUMMARY:

• An Information Security Professional with proven experience in Risk Management Framework (RMF), Systems Development Life Cycle (SDLC), and Risk Assessment using industry frameworks Confidential, Confidential, and applicable Confidential special publications. Other areas of proficiencies include Customer Relation Management, Emotional Intelligent competencies and Team Building capabilities.
• Adequate understanding of Federal and international regulatory bodies such as Office of Management Budget (OMB), Confidential Reports, FedRAMP, PCI DSS and ISO.
• In - depth knowledge of Risk Management Framework (RMF), Risk Assessment and Security Assessment and Authorization process (SA&A).
• Experience reviewing and interpreting vulnerability scanning reports from Nessus etc.
• Experience in the development of Confidential Package Documents such as System Security Plans (SSP), SAR, POAM, and security documents such Contingency Plans, Incident Response Plans, PIA and Configuration Management etc.

SPECIALIZED SKILLS:

• Leadership/Management
• Assessment and Authorization (A&A) of Information Systems
• System Security Artifacts Documentation
• POA&M Management
• Risk Assessment & Management
• Systems Development Life Cycle
• Information Assurance

PROFESSIONAL EXPERIENCE:

Confidential, Baltimore, MD

Cyber Security Analyst

Responsibilities:

• Use Risk Management Framework to help different system stakeholders to develop and maintain Authorization to Operate packages for their information systems such as SSPs, SARs & POA&Ms
• Monitor controls post authorization to ensure continuous compliance with the security requirements by regularly reviewing the Nessus scan results and collaborating with the IT team for mitigation actions.
• Troubleshooting functions, installation and checking of the firewalls.
• Documentation of attacks and contributing to mitigations for future attacks of a similar nature
• Follow Security Operations Center policies of different agencies and procedures for incident reporting and management
• Create and review detailed Incident Reports and contribute to lessons learned for continuous improvement
• Monitor open source and commercial threat intelligence, new vulnerabilities, software weaknesses, and other potential threats through continuous testing using SIEM software.
• Trained and guide clients using on the process of obtaining and maintaining Authorization to Operate ( Confidential ) and the required security documentation.
• Host and facilitate kick-off meetings and presentations with system stakeholders/clients on the operational security posture for the systems in their purview and on security related policies.

Confidential, Minneapolis, Minnesota

Cyber Security Analyst

Responsibilities:

• Worked with Assessment and Authorization team; to perform risk security control assessments, update System Security Plans (SSP), Contingency Plans (CP), and Plan of Actions and Milestones (POA&M).
• Reviewed and interpreted the vulnerability scanned reports, created, tracked and closed POA&M on the weaknesses.
• Employed applicable Confidential documents to develop Confidential package documents such as SSP, SAR and POA&M, RA, MOUs/ISAs for information systems to ensure they are in compliance with organization’s information security requirements.
• Conducted in-house Security Control Assessment using Confidential 800. 53A rev4 with system engineers and stakeholders for the continuous monitoring of the system security controls in order comply with post Confidential requirements.
• Troubleshooting functions, installation and checking of the firewalls.
• Documentation of attacks and contributing to mitigations for future attacks of a similar nature
• Follow Security Operations Center policies of different agencies and procedures for incident
• Primarily responsible for researching and evaluating relevant information security policies, guidance, and best practices, including Confidential, Confidential, and OMB circulars for applicability to IT systems security.

Confidential, Canoga Park, CA

Information Security Associate

Responsibilities:

• Performed Software/Hardware installation, Maintenance, repair, Update and testing.
• Performed routine troubleshooting of connectivity, authentication, Password reset issues etc., for the organization.
• Scheduled, conducted and attended security briefings for the organization in consultation with the IT supervisor, IT Manager, Information System Security Manager (ISSM).
• Scheduled and attended weekly meetings for audits, (Plan Of Action & Milestone) POA&M findings and after action review
• Created, tracked and updated relevant security documents such as Contingency Plans (CP), Incident Reports (IR) and POA&M, based on the organization handbook.
• Resolved and updated IPS and IDS reports in a timely manner but in consultation with the IT supervisor and managers.
• Reviewed and recommended Confidential and Confidential documents for adoption as organization’s security documents in addition to that International Organization for Standardization (ISO).

Confidential

Media/IT Director

Responsibilities:

• Handled all aspects of technical production for services at Confidential i.e., Video, media, lighting.
• Monthly scanning of the church system using Nessus and conducting troubleshooting for password and other authentication problems
• Performed Software/Hardware installation, Maintenance, repair, Update and testing.
• Resolved Confidential / Confidential connectivity issues and installation of Network Securities on multiple machines in the Church
• Developed and managed web content, using best practices and creative ideas, making weekly updates.
• Managed all the social media functions for the church such as Blogging, Podcasting, Managing a forum, Picture editing, Graphic design, Designing and website hosting.
• Provided technical advice and guidance on design and technical graphics issues to other departments.
• Provided related IT support and training to the church and the staff.