Cyber Security Analyst Resume
4.00/5 (Submit Your Rating)
Upper Marlboro, MarylanD
SUMMARY:
Skilled and detail oriented Information Security Analyst with over 4years of expertise in information Security with focus on Federal Information Security Management Act (FISMA), NIST Cyber Security Risk Management Framework (RMF), System Security Monitoring and Auditing, Risk Assessments, Security Control Assessment (SCA) and Developing Security Policies and Procedures with accordance to NIST Standards and guidelines, deeper knowledge of the NIST Special Publications. Also possess a degree in psychology which has equipped me with critical thinking, communication and people skills. Able to thrive in fast - paced and challenging environments where accuracy and efficiency matter.
TECHNICAL SKILLS:
- Strong analytical skills
- Strong oral and written communication skills
- Creativity (forward thinking with the rise of cyber-attacks)
- Detail oriented
- Deep understanding of the RMF
- Familiar with security regulations and standards
- Self-motivated
- Stays one step ahead of cyber attacks
- Team player mentality
- Project evaluation
- Analysis and reporting
- Strong leadership skills
PROFESSIONAL EXPERIENCE:
Confidential, Upper Marlboro, Maryland
Cyber Security Analyst
- Ensures that systems are compliant with departmental rules, OMB mandates and FISMA (NIST guidance).
- Develop C & A (certification and accreditation) documents (System Security Plans, Security Test & Evaluation Plans, Risk Assessments, Contingency Plans) on major systems using NIST guidelines (NIST 800-18, NIST 800-30, 800-53, and more).
- Manage the continuous Monitoring phase which includes monitoring & mitigating POAM and conducting self-assessments.
- Develop IT security policies, guidelines, baselines and procedures for various organizations (government, banking, commercial and more) to reflect their respected IT governance adherence (e.g. FISMA (NIST/DIACA) and more).
- Assist in the writing and review of organizational security policies to support internal control (access management, contingency planning & testing, Security Awareness, intrusion detection, Patch Management, Anti-Virus, etc.)
- Classification and categorization of information Systems using the RMF processes to ensure system Confidentiality, Integrity and Availability.
- Provide audit briefings to agency and Information Systems Security Officer’s (ISSO), to assist in the preparation of independent audit assessments with the agency's goal of improving their operational effectiveness and ensuring that all findings are documented as Plan of Action & Milestones within their Trusted Agent FISMA (TAF), CSAM tool.
- Create, update and revise System Security Plans, FISMA & FISCAM audits, Contingency Plans, Incident Reports and Plan of Action & Milestone.
- Participate in ST&E Kick-off Meeting and populate the Requirements Traceability Matrix (RTM) per NIST SP 800-53A.
- Perform Privacy Threshold Analysis (PTA), E-Authentication with business owners and selected stakeholders.
- Review Privacy Impact Assessment (PIA) document after a positive PTA is created and ensure PII findings are recorded in the System of Record Notice (SORN).
- Document and finalize security Assessment Report (SAR) and Performing security assessment and continuous monitoring of cloud computing services on multi-agency systems in accordance with FedRAMP security control baselines.
- Develop and conduct ST&E (Security Test and Evaluation), Security Assessment plan (SAP) per NIST SP 800-53A.
- Hold kick-off meeting with CISO and systems stakeholders prior to assessment engagement.
- Apply current computer science technologies and Information Assurance (IA) requirements to the analysis, design, development, evaluation and integration of computer/communication systems and networks to maintain an acceptable system security posture throughout the lifecycle of multiple national level mission system.
- Develop, maintain, and communicate a consolidated risk management activities and deliverables calendar.
- Develop and update SAR, SSP, CP & POA&M.
- Work with business process owners to ensure timely identification and remediation of jointly owned risk related issues and action plans (POA&M).
- Perform comprehensive Security Control Assessments (SCA) and write reviews of management, operational and technical security controls for audited applications and information systems.
- Manually review logs and provide documentation guidelines to business process owners and management.
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
