We provide IT Staff Augmentation Services!

Cyber Security Analyst Resume

Largo, MD

OBJECTIVE:

Result driven Cyber security analyst with 6years of experience in implementing and reviewing ATO Package documents and remediating POAMs as well as vulnerability scanning with extensive experience with network devices (switches, routers, hubs) and continuous monitoring (SIEM). I thrive under pressure in fast - paced environment while directing multiple projects from concept to implementation and working to prevent cyber-attacks especially in business and corporate settings. Willing to relocate if need be.

AREAS OF EXPERTISE:

  • Experienced in the development of System Security Plans (SSP), Contingency Plans, Business Impact Analysis, and Configuration Management Plans, System Security Checklists, Privacy Impact Assessments, POA&M,
  • Familiar with VMware and other Virtual Machine Applications.
  • Platforms: Windows server 2008, Windows server 2012. Win 7, 10 .Red Hat Enterprise Linux 6, 7, x86/64 platforms.
  • Experienced working with NIST SP 800-53 rev 4.
  • Experience in assessment of security control using NIST SP 800-53A.
  • Hardware: HP ProLiant DL980, DL580, Dell Power Edge M620, Power Edge M905, PowerEdge M910.
  • Software: Microsoft word, Excel, Outlook, Nessus, Wire Shark, Nexpose. CAT tool.
  • Networking: Firewalls(Cisco ASA firewall), Ethernet, Internet, HTTP,HTTPS, NIS, DNS, FTP, NFS, TCP/IP, SSH, SMTP,
  • A brief knowledge with scripting (Java script).
  • Good communication and writing skills.
  • Experience using SIEM to monitor adherence to corporate policy, track system changes and log user access.

PROFESSIONAL EXPERIENCE:

Cyber security Analyst

Confidential, Largo MD

  • Provide input to management on appropriate FIPS 199 impact level designations and identify appropriate security controls based on characterization of the general support system or major applications.
  • Review and submit Change Request documentation - Security Impact Analysis.
  • Develop and maintain artifacts supporting the Risk Profile SP, CP, CM, IR and POA&Ms and Maintain and organize SharePoint repository.
  • Provide IA Support and Risk Management Framework and Continuous Monitoring processes.
  • Comply with all previously stated requirements for HIPAA, Personnel Security, Electronic Security, and Physical Security.
  • Perform Comprehensive security control Assessment (SCA) and prepare reports on management, operations and technical controls for Audited application.
  • Reviewed and updated some of the system categorization using FIPS 199, Initial Risk Assessment, E-authentication, PTA, PIA, SAR, SSP, SAP& POA&M.
  • Review and document some Payment Card Industry Data Security Standards (PCI DSS).
  • Implementing and reviewing all ISO 27001-5 series and SAN 20 critical security controls.
  • Manage vulnerabilities with the aid of Nessus, Nexpose, Splunk, and Microsoft Baseline Security Analyzer (MBSA 2.3) Vulnerability Scanners to detect potential risks on a single or multiple assets across the enterprise network.
  • Conduct risk assessments regularly; ensure measures raised in assessments were implemented in accordance with risk profile, and root-causes of risks were fully addressed following NIST 800-30 and NIST 800-37.
  • Review audit logs and provide documentation guidelines to business process owners and management.
  • Monitor network intrusion detection systems ( Confidential ), intrusion prevention systems (IPS) and host based intrusion prevention / detection systems (HBIP/DS).
  • Develop and conducted ST&E (Security Test and Evaluation) according to NIST SP 800-53A and other Frameworks.

Cyber Security Analyst

Confidential, Vienna, VA

  • Risk Management Framework (RMF) assessments and Continuous Monitoring: Performed RMF assessment on several different environments using both scanning tools and manual assessment. Assessment included initiating meetings with various System Owners and Information System Security Officers (ISSO), providing guidance of evidence needed for security controls, and documenting findings of assessment.
  • POAM Remediation: Performed evaluation of policies, procedures, security scan results, and system settings in order to address controls that were deemed insufficient during Certification and Accreditation, RMF, continuous monitoring, and FISCAM audits.
  • Monitor controls post authorization to ensure continuous compliance with the security requirement.
  • Reviewed and updated some of the system categorization using FIPS 199, Initial Risk Assessment, E-authentication, PTA, PIA, SAR, SSP, SAP& POA&M.
  • Provided technical support in the evaluation of security products and developed information system security studies and reports that address areas of information system security concerns.
  • Comply with all previously stated requirements for HIPAA, Personnel Security, Electronic Security, and Physical Security.
  • Hold kick-off meeting with Confidential and systems stakeholders prior to assessment engagement.
  • Conduct meetings with the IT team to gather documentation and evidence about their control environment.
  • Worked with business process owners to ensure timely identification and remediation of jointly owned risk related issues and action plans (POA&M).
  • Contribute to initiating FISMA metrics such as Annual Testing, POA&M Management, and Program Management.
  • Develop and conducted ST&E (Security Test and Evaluation) according to NIST SP 800-53A.
  • Perform internal information security risk assessments and assist with the internal auditing of information security processes-- Assess threats, risks, and vulnerabilities from emerging security issues, and work with the system owner and common providers to remediate uncovered weaknesses before the external Security Control Assessment is done.
  • Perform on-site security testing using vulnerability scanning tools such as Nessus, Nexpose, Web inspect.

Security Operations Center Analyst

Confidential

  • Maintain proper functioning of hardware, software and network devices such as Switches, routers and hubs.
  • Monitor network intrusion detection systems ( Confidential ), intrusion prevention systems (IPS) and host based intrusion prevention / detection systems (HBIP/DS).
  • Continuously monitoring Security Incident & Event Management (SIEM) alert queue for intrusions & violations to the company's policy .
  • Reviewing anti-malware logs & produce dashboard reports of malware .
  • Provide technical issues on Windows systems & various network devices.
  • Real time triage and short team analysis of security alerts also prioritization and escalation of alerts and incidents that exceed the Confidential threshold.

Hire Now