Cyber Security Analyst Resume
5.00/5 (Submit Your Rating)
Washington, DC
SUMMARY:
An Information Security Analyst with over 5 years of experience in information assurance, strong in performing Assessment and Authorization(A&A) following NIST/ FISMA standards and guidelines. Experienced in POA&M management. A very effective team player with exceptional written and verbal communication skills.
SKILLS:
Vulnerability Assessment, Risk Assessment, SSP, SAR/RAR, POA&M FISMA, NIST SP 800 - Series, System Security, FedRAMP, HIPPA, Risk Management, Cloud Computing, System Monitoring, CSAM and Nessus, Oracle Database, SQL, Visio.
PROFESSIONAL EXPERIENCE:
Cyber Security Analyst
Confidential, Washington, DC
Responsibilities:
- Knowledgeable in all six phases of Risk Management Framework (RMF) following NIST, FISMA standards and guidelines.
- Review scans with engineers to identify vulnerabilities and make recommendations on how to fix weaknesses.
- Knowledgeable in categorizing information system using special publications, NIST 800-60 and FIPS 199.
- Knowledgeable in creating, reviewing and updating System Security Plans (SSP) against NIST 800-18 and NIST 800-53 requirements.
- Knowledgeable in selecting security controls using NIST 800-53 Rev 4 as guide.
- Knowledgeable on creating of implementation plan for the information system, identify system Specific, Hybrid and Common controls.
- Review System Security Plan(SSP) to verify NIST requirements.
- Collect and validate artifacts from the system owner and assigned Points of Contacts to support information system audit and review.
- Assess security controls effectiveness (i.e., controls implemented correctly, operating as intended, and meeting security requirements).
- Develop Security Assessment Plans (SAPs) and Security Assessment Reports (SARs).
- Assist in the continuous monitoring phase using NIST 800-137 as a guide and Nessus vulnerability scanners to detect potential risk on a single or multiple asset across the enterprise network.
Information Security Analyst
Confidential, Washington, DC
Responsibilities:
- Supported the POA&M identification, tracking, remediation, closure, and reporting process enterprise wide.
- Reviewed POA&M creation template and provided timely response with recommended changes to ISSO.
- Processed, monitored and tracked POA&Ms using CSAM.
- Analyzed results from vulnerability scanning tools such as Nessus.
- Reviewed vulnerability scans to identify new weaknesses and determine false positives along with mitigation strategies.
- Collaborated with ISSOs and other stakeholders to remediate POA&Ms.
- Managed and escalated outstanding remediation items to ensure timely completion.
- Updated and reported on POA&M activities as required.
- Reported and responded to security incidence.
- Evaluated known vulnerabilities to determine if additional safeguards were needed, ensuring systems were patched and security hardened.
- Evaluated monthly Nessus vulnerability scans to support continuous monitoring strategies developed by client.
- Ensured risks were mitigated efficiently in accordance to the organization.
- Performed other POA&M IV&V functions as needed.
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
