Information Security Compliance Analyst Resume
4.00/5 (Submit Your Rating)
SUMMARY:
- Perform Certification and Accreditation documentation in compliance with company standards
- Proven ability to author strategic security roadmaps and translate into execution plans to drive desired outcomes.
- Ability to communicate clearly and effectively with technical and business stakeholders.
- Excellent verbal and written communication skills including the ability to author and present materials ranging from detailed technical specifications to high - level presentations.
- Ability to multi-task, work independently and as part of a team
- Develop, review and evaluate System Security Plan based on NIST Special Publications
- Ability to identify deficiencies in accordance with OMB Circular A-123, Appendix A
TECHNICAL SKILLS:
Software/Platform/Artifacts: MS Office Suite, Word, Excel, Power Point, Visio, SharePoint, Data Analysis, FIPS 199, E-Authentication, SSP, ST&E, SAR, POAM, ATO, PIA, RA, CP
Standards: SOX, NIST800-53, FIPS, FISMA, SOX Testing, IT Audit support for financial statement review, Attestations engagements (SAS 70/SSAE 16), Audit readiness assignments, NIST 800-53 v4
WORK EXPERIENCE:
Confidential
Information Security Compliance Analyst
- Assist System owners and ISSO in preparing Certification and Accreditation package for companies’ IT systems making sure that management, operational and technical security controls adhere to a formal and well established security requirement authorized by NIST SP 800-53 R4.
- Analyze, review and update System Security Plan (SSP), Risk Assessment Report, Privacy Impact Assessment (PIA), System Security test and Evaluation (ST&E) and the Plan of Actions and Milestones (POA&M).
- Perform Vulnerability Assessment. Make sure that risks are assessed, evaluated and proper actions have been taken to limit their impact on the Information and Information Systems.
- Create standard templates for required security assessment and authorization documents, including risk assessments, security plans, security assessment plans and reports, contingency plans, and security authorization packages .
- Additional responsibilities include assurance of vulnerability mitigation, training on C&A tools, supporting System Test and Evaluation (ST&E) efforts and other support to the IT Security Office.
- Conduct Self Annual Assessment and test Security Controls (NIST SP 800-53A).
- Designate systems and categorize its C.I.A using FIPS 199 and NIST SP 800-60.
Confidential
SOX Compliance Testing Analyst
- Evaluated the adequacy of internal controls and compliance with company policies and procedures by conducting interviews with all levels of personnel, examining documents, records, reports and observing procedures.
- Performed application security assessment on both internal and external applications.
- Documented risks associated with internal and external applications.
- Worked with other departments within IT to obtain the required evidence, develop test plans, testing procedure for SOX testing and document test results and exceptions.
- Performed analysis on SOX control evidence to ensure all controls have been performed according to the requirements. Identify information system vulnerabilities through automatic and manual means.
- Write audit reports for distribution to management and senior management documenting the results of the audit.
- Followed up on remediation activities to ensure identified risks are mitigated.
- Responded to security escalations received from the Security Operations Center (SOC).
- Assisted with responses to cyber security incidents such as malware detections and malicious activities.
Confidential
Claims Officer
- Screened claim forms using the standard operating procedures.
- Vetted claims on time to determine validity by performing in-depth analysis on each claim and also reviewing evidence.
- Audited medical service providers to review their claims.
- Sorted and prepared reports on vetted claims to be processed for payment.
- Liaised with data entry team to ensure that accurate and quality data is processed.
KEY SKILLS
- Network & System Security
- Risk Assessment
- Authentication and Access Control
- IT Auditing
- System Monitoring & Regulatory Compliance
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
