We provide IT Staff Augmentation Services!

Information Security Analyst Resume

5.00/5 (Submit Your Rating)

Arlington, VA

Hire Now

SUMMARY:

  • Proven record of evaluating system vulnerabilities in order to recommend security improvements as well as improve overall business efficiency.
  • Superior knowledge of Federal Compliance and best practices governing web applications.
  • Natural technical and non - technical communicator with strong motivational skills; respected by managers colleagues and clients.

TECHNICAL SKILLS:

Systems: MS Windows Servers 2003,2008,2012, Windows XP, Windows 7, 8 and Unix.Applications: Microsoft Office Suite (Word, Excel, PowerPoint, Visio, Outlook), VMware, SNORT, Kali Linux, Sophos, SPLUNK, Nessus, ACSAT, STIG Viewer, eMASS .

Security/Penetration testing tools: Burp Suite, Fortify, Checkmarx, Appspider

PROFESSIONAL EXPERIENCE:

Confidential, Arlington, VA

Information Security Analyst

Duties and Responsibilities:

  • Utilize dynamic and static code analysis tools to in corporate security throughout the development lifecycle
  • Assess software code for weaknesses and evaluate mitigating risk reduction techniques.
  • Enforce application security best practices and DISA Security Technical Implementation Guides (STIGs) to identify and mitigate potential vulnerabilities throughout the SDLC.
  • Maintained software application documentation ie. Sub-System Design Document (SSDD), Software Implementation Plan (SIP), Configuration Management Plan(CMP), POA&M, etc.
  • Maintained Privacy Impact Assessment (PIA), SORN, Ports, Protocol and Services (PPS) for active systems.
  • Developed A&A security package to obtain an IATT and ATO following Risk Management Framework (RMF), NIST 800 publications as guidelines.
  • Conduct out-briefings during kick-off meetings; Assessments following Risk Management Framework (RMF), NIST 800 publications as guidelines.
  • Create, review and maintain Security Assessment Plan (SAP), Topologies, HW/SW baseline, System Security Plan (SSP)for migrating systems.
  • Developed internal IT policy to in corporate FISMA compliance safeguards.
Confidential, WASHINGTON, D.C

Information Security Analyst

Duties and Responsibilities:

  • Conduct FISMA-base security risk assessments (such as Security Assessment and Authorization (A&A)) for government contracting organizations and application systems, including interviews, tests and inspections; produce assessment reports and recommendations; conduct out-briefings during kick-off meetings; Assessments following Risk Management Framework (RMF), NIST 800 publications as guidelines.
  • Document and review Security Plans (SP), Contingency Plans (CP), Contingency Plan Tests (CPT), Privacy Impact Assessments (PIA), and Risk Assessment (RA) documents per NIST 800 guidelines for various government agencies.
  • Assist with review of policy, security alerts, guidance, regulations and technical advances in IT Security Management
  • Utiliz processes within the Security Assessment and Authorization environment such as (system security categorization), development of security and contingency plans, security testing and evaluation, system accreditation and continuous monitoring.
  • Contribute to initiating FISMA metrics such as Annual Testing, POA&M Management, and Program Management.
  • Conduct research on new IT products and systems; support management with technical parts/product procurement and wireless equipment changes and updates.
  • Maintain records of daily data communication transactions, problems and remedial actions taken, or installation activities.

Hire Now
Report an issue

We'd love your feedback!

Privacy Policy
Resume Categories
Client Services
Job Seekers
Visa Sponsorship