SUMMARY:

• A well detailed individual as an Information Security Analyst/Security Assessor, Privacy and Data Security Management & Operations, Vulnerability Scanning, Certification and Accreditation (A&A), Project Management, NIST 800 - 53 Rev1 and rev4 and NIST SP 800-37 rev 1, 800-18, 800-53 rev3 and 800-34,FIPS, FISMA Security Content Automation Protocol, NIST Family of Security Control, FedRAMP Security Assessment Framework, POA&M, Incident and Contingency Planning. Used Splunk for monitoring logs, alerts and aggregations.

TECHNICAL SKILLS:

• NESSUS
• TAF
• Xacta
• CFACTS and CSAM
• VMWARE. SPLUNK

WORK EXPERIENCE:

Confidential, Washington Dc

Information Systems Security Officer (ISSO)

• Risk Management Framework (RMF) Using NIST 800-37 as a guide, assessments and Continuous Monitoring: Performed RMF assessment included initiating meetings with various System Owners and Information System Security Officers (ISSO), providing guidance of evidence needed for security controls, and documenting findings of assessment.
• Knowledge of Several Computer Environments: Performed Update, Install, Configure, evaluation and guidance on security control implementation on multiple environments include Windows server, Windows 7, Windows XP, Red Hat 6/7 and Centos 6/7.
• Perform FedRAMP Government-wide program that provides a standardized approach for security assessment, authorization, and continuous monitoring for cloud products
• Security Documentation: Perform updates to System Security Plans (SSP) Using NIST 800-18 as a guide to develop SSP, Risk Assessments, and Incident Response Plans, create Change Control procedures, and draft, review, update Plans of Action and Milestones (POAMs).
• POA&M Remediation: Performed evaluation of policies, procedures, security scan results, and system settings in order to address controls that were deemed insufficient during Certification and Accreditation (C&A), RMF, continuous monitoring, and FISCAM audits.
• Communicate and enforce security policies, procedures and safeguards for all systems and staff, based upon NIST and/or DIACAP.
• Work with the client, SaaS providers and internal development team to identify security gaps and resolve them to protect client data responsible for assessing compliance to established data protection controls and standards for client data protection and reduce business risk
• Expertise in National Institute of Standards and Technology Special Publication (NIST SP) documentation: Performed assessments, POAM Remediation, and document creation using NIST SP 800-53 Rev.1 and NIST SP 800-53 rev.4.
• Work directly with GSA-appointed ISSP to create documentation with the level of detail required by FedRAMP Program Management Office (PMO): SSP, CP, CMP, IRP, Policies & Procedures, PTA/PIA, FedRAMP User Guide, CIS Template, and Control Tailoring Worksheet
• Create Project Plan for FedRAMP Documentation,
• Developed Solution to Security weaknesses: Developed solutions to security weaknesses in the Requirement Traceable Matrix (RTM) and SAR, while working on POA&M remediation and Corrective Action Plan (CAP. Assisted ISSOs create solutions to weaknesses based on system functionality and pre-existing architecture and an Audit liaison officer with respect to respond to auditor.
• Communications between multiple clients to perform POA&M remediation for CAP remediation. Handled internal communications within Office of Information Security and external communications with several different divisions on a daily basis. Maintain excellent working relationships with both internal and external customers using communication skills.
• Provided services as security controls assessors (SCAs) and perform as an integral part of the Assessments and Authorizations process to include A&A scanning, documentation, reporting and analysis requirements. Analyzed current threats to information security and systems. Analyze security findings and data. Published reports and keeps metrics for client systems.
• Worked with Security Operation Center Analyst in making sure Intrusion detection and prevention systems (IDS/IPS) such as SNORT to analyze and detect Worms, Vulnerabilities exploits attempts and IDS monitoring and management using Security Information and event management (SIEM-SECURITYCENTER BY TENABLE), to collect and Analyze large volumes of logs and network traffic and alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms. Identified trends and root causes of system failures or vulnerabilities using NESSUS Vulnerability Scanner, Nmap to scan ports, weak configuration and missing patches. Assured that the Information Systems Security department's policies, procedures, and practices as well as other systems user groups are in compliance with FISMA, NIST, and general agency standards.
• Worked with ISSO and Security team to Access Security Controls selected, in Updating SAP, ROE where Vulnerability scanning and penetration testing procedures are included in the assessment, conduct assessment meeting kickoff and security Control meeting with ISSO and System Owner .Assessment finding result be reflexed on the (RTM) or Test case and all weakness noted be reported in our SAR report. Knowledge of SAN-20 and ISO 27001 Security controls and Mapping with NIST.
• Reviewed documentation to include System Security Plan NIST 800-18 as a guide, Authorization to Operate (ATO),Security Assessment report(SAR) using NIST800-30 as a guide, FIPPS 199 System Categorization using NIST 800-60 Vol1/Vol2 based on confidentiality, integrity and availability (CIA), policy and procedures, e-authentication, privacy threshold analysis (PTA), privacy impact analysis (PIA), contingency plan (CP) and interconnection security agreement as per NIST 800-47, certification and accreditation (C&A) packages and system standard operating procedures.

Confidential

Hands on Linux

• Hands on experience installing and maintaining Linux on x86 platform and applications.
• 5 years’ Demonstrable aptitude to learn new technologies and processes.
• I possess ability to work as a team member and independently with minimal supervision. 3 years with various Linux Distributions Installation, Configuration and Maintenance
• Experience in building, configuring and troubleshooting in Red hat Enterprise Linux (RHEL) 5/6/7, Oracle Enterprise Linux(OEL), 5/6/ with UEK kernels Experience with Oracle and MySQL Database deployed in a Linux environment.
• Experience in Installation, Configuration, Implementation, Maintenance & Troubleshooting Apache Web Server.
• 5 years on Enterprise computing including Linux, Software and Hardware
• Experienced in Package and patch management using YUM, RPM, Red Hat Satellite and Unbreakable Linux Network (ULN)
• Experienced in implementing and supporting high availability and fail over configuration for applications.
• Experience with VMWare ESXI environment, VSphere Client,Vcenter …
• Experience with disk partitioning and Logical Volume Manager (LVM) and Multipath
• Experience with Linux User and File System Management
• Experience on installing, configuring and troubleshooting DNS, FTP, NFS, DHCP, SSH, servers
• Worked on protocols like HTTP, TCP, UDP, LDAP, Switches.
• Experienced in using monitoring tools like Nagios and Xymon for monitoring and analyzing issues.
• Knowledge with memory and swap space management
• Support with deployment management configuration automated tool like Puppet and Docker
• Support on Windows server builds and patching
• Remote support with Putty, MobaXterm and secureCRT 7

Confidential, Beltsville MD

System Administrator/ Information Assurance

Linux Systems Administrator

• Performed installation using methods: kickstart, Flash Archive, Live upgrade, Executed Installation of Virtual Interfaces In VMWARE, Performed Security Administration on LINUX systems, Acquired Field Experience in Virtualization and Cloud Computing, Installed multiple sparse and whole root zones within one physical instance of Solaris 10, Performance Monitoring and capacity planning, User Security, System Security and patching, Experience in installation and configuration of RHEL 5/6 and CentOS 6, Experience installing and configuration of kickstart servers, Experience building Red Hat from the ground up, physical and virtual, Experience working in a large enterprise environment of 500+ servers, Experience installing Logical Volume Manager (LVM),Experience with network protocols such as HTTP, DHCP, DNS and FTP, NTP, RDP, Experience with RPM and Yum package installation. System hardening, patching and upgrades on standalone servers and on production servers using 10-Recommended patch package, Experience booting into recovery mode to resolve OS issues.
• Developing a detailed project schedule, including SA&A/SCA task and milestones, task dependencies, and personnel resources
• Conduct SA&A activities sand tasks and obtain Authorization to Operate (ATO) in line with NIST and client guidance and directives.
• Determining the baseline IT Security requirements for IT Systems, identifying system boundaries, determining information categories, assisting with FIPS-199.
• Ensure that IT Systems are operated, used, maintained, and disposed of in accordance with internal security policies and practices.
• Enforce security policies and safeguards on all personnel having access to the IT System for which the ISSO has responsibility.
• Ensure users and system support personnel have the required authorization and need-to-know; have been indoctrinated; and are familiar with internal security practices before access to the IT System.
• Review and generate SA&A and system documentation as needed.
• Selecting baseline controls for the IT System using RSA Archer and tailor security controls as appropriate.
• Implement security controls based on IT System FIPS categorization.
• Documenting security control implementation in the system’s Security Plan using the Library’s Information Assurance (IA) tool (RSA Archer).
• Conduct SCA for IT systems, when required.
• Document system’s risk assessment per client directives and requirements.
• Develop and document all required artifacts for the SA&A package.
• Conduct Contingency Plan Test (CPT) for systems.
• Review and monitoring system security and audit logs.
• Develop and maintain Plan of Actions and Milestones (POA&Ms) for IT systems.
• Update SA&A documentation and artifacts on a regular basis