PROFESSIONAL SUMMARY:

• Dedicated and result oriented Cyber Security Professional with over 7+ years of successful IT Security and Linux System Administrator.
• Seeking opportunity to obtain a position within business where my unique experience and education can enhance company growth.

TECHNICAL SKILLS:

Operating Systems knowledge: Windows XP/2000/98/Vista, Windows7 & 8.1, OpenSUSE Linux OS, Red Hat, UNIX

Applications proficiency and tools: TAF, Firewalls, DMZ, Wireshark, MS Excel, Pivot tables, chats MS Words, PeopleSoft, Oracle financials, Client/ Server, VPN, Linux/Unix .PO&AM; CSAM, XACTA IA Manager, RISK VISION (GRC), CFACTS, NESSUS

PROFESSIONAL EXPERIENCE:

IT Cyber Security Analyst

Confidential, Bowie, MD

Responsibilities:

• Conduct Security Assessments and Authorization (SA&A), Vulnerability Scanning, reviewing Plan of Action and Milestone proposing recommendations post - Authorization to Operate (ATO).
• Monitor controls post-authorization to ensure continuous compliance with the FISMA compliance standards.
• Continuously monitor system changes to determine if some controls have impacted the system after remediation action.
• Conduct systems and network vulnerability scans, web application assessment in order to identify and remediate potential risks.
• Overhauled Information Cyber Security Plans and Policies, Incident Response plans customized to business risk profile.
• Assist the Information System Security Officer (ISSO) in maintaining the security posture of the organization and making sure the organization remains FISMA compliant.
• Assist in developing Security Control Assessment Plans for systems owners, review work preppers.
• Categorize, and applied appropriate cyber security/information security controls for Federal Information Systems based on NIST 800 and FIPS Series.
• Support security tests, evaluate and generate security documentation including Security Assessment Report
• Conduct kick off meetings for the Security Assessment and Authorization process
• Excellent in putting together Traceability Matrix, Contingency; Disaster Recovery and Privacy Impact Assessment.
• Examine and test Security Controls (Technical, Operational and Management) so that they meet compliance and adequacy as required by federal regulations.
• Perform evaluation of policies, procedures, security scan results, and system settings in order to address controls that were deemed insufficient during Assessment and Authorization (A&A) process, RMF, continuous monitoring.
• Identify vulnerabilities, recommend corrective measures and ensure the adequacy of existing cyber security/information security controls.
• Analyzed security incidents and presented a quarterly report to the ISSO. Monitored events respond to incidents and reported findings.
• Assist in networks safeguard tools like Intrusion Detection & Prevention (IDS / IPS), Firewalls, and malware analysis tools.
• Assist in maintaining all security deliverables of the IT systems and IT security program including the System Security Plan (SSP), Security Assessment Report (SAR), PLAN OF Action and Milestone(PO&AM)
• Participate in security audits meetings with the auditors and gathering of evidential material to support audit inquiries.
• Familiar with FEDRAMP Compliance and cloud services providers such as Amazon Webserver, Verizon Satellite, drop box FEDRAMPs 3POA, JAB.
• Perform Information Security continuous monitoring based on NIST 800-137

Cyber Security Analyst

Confidential, MD

Responsibilities:

• Assisted in coordinating team Information Security duties to conduct Security authorization and NIST compliance standards for general support systems and major applications.
• Performed evaluation of policies and procedures, security scan results, and system settings in order to address controls, Accreditation, and FISCAM audits.
• Provided Solutions to Security weaknesses while working on POAM remediation and Corrective Action Plan
• Provide input to management on appropriate FIPS 199 Security impact level designations and identify appropriate security controls.
• Maintained Plan of Action and Milestones (POA&MS) of all accepted risks upon completion of system (A&A) package.
• Provided Audit briefings to agency and cyber security/Information Systems Security Officer’s (ISSO), to assist in the preparation of independent audit assessments with the agency’s goals.
• Document and Review System Security Plans (SSP), contingency plans (CP), contingency plan tests (CPT), privacy impact assessments (PIA), and risk assessment (RA) documents per NIST 800-53 guidelines for various government agencies.
• Monitored controls post authorization to ensure continuous compliance with the FISMA compliance standards

Linux System Administrator

Confidential

Responsibilities:

• Installing and configuring RHEL6(Red hat Enterprise Linux 6)
• Creating User Accounts
• Managing Linux installations and file systems
• Maintaining good firewall Policies
• Keeping system updates with the latest Security patches
• Assisting in meeting with clients, team members and vendors
• Configuring and installing the Apache Web Server
• Had and understanding of the GUI and Linux Commands
• Perfect understanding of the Linux Architecture
• Understanding of the Network tools like TCP/IP,
• Understanding of Common Ports
• Disabled unwanted services from the server
• Keeping good password Policies.
• Checking permissions across file systems
• Using SUDO to limit ROOT access.