PROFESSIONAL SUMMARY:

• INFORMATION ASSURANCE ANALYST/ SECURITY CONTROL ASSESSOR
• Cyber Security Analyst with around 6 years extensive experience in Analyzing Security Incidents, Vulnerability and Penetration Testing, Network Monitoring, Information Security & Network Security functions. Experience with industry recognized SIEM (Security Information and Event Management) solutions
• Skilled in assembling security authorization package using NIST SP 800 - 60 Vol 2, FIPS 199, NIST SP 53 Rev 4, FIPS 200, NIST SP 800-18, NIST 53A, NIST SP 37 and NIST SP 137.
• Proficient in the preparation and updating of System Security Plan (SSP), Security Assessment Plan (SAP), Plan of Action & Milestone (POA&M) and Security Assessment Report (SAR).

TECHNOLOGY:

Firewall Products: Firewall Analyzer

Windows: Active Directory Audit

SIEM & IDS, IPS: AlienVault, Splunk

Operating System: Linux RHEL 6/Centos 6, Windows

Cyber Security Tools: Dark Trace, Barracuda, Symantec Messaging Gateway, Symantec Web Gateway, Carbone Black

Vulnerability Tools: Nessus

Risk Management Systems: SAP, PeopleSoft, Oracle Financial

Management and Mitigation Tool: CSAM

Network Management: Wireshark, TCPDUMP

WORK HISTORY:

SOC ENGINEER/ANALYST

Confidential, Sterling, VA

Responsibilities:

• Reporting daily Shift change report, Incident reports, security status reports. Monitor and analyze network traffic and alerts using Alien Vault, Active Directory Audits, Fire Wall Analyzer.
• Investigate intrusion attempts and perform in-depth analysis of exploits using AlienVault, Dark Trace, Active Directory Audit, Firewall Analyzer
• Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident.
• Conduct proactive threat research using Symantec Threat Intelligence.
• Review security events that are populated in a Security Information and Event Management (SIEM) system.
• Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.
• Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.
• Provide information regarding intrusion events, security incidents, and other threat indications and warning information to the client.
• Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC.
• Conduct analysis, cyber threats, the discovery of IT vulnerabilities, monitoring for cyber intrusions, troubleshoot and response to security incidents detected and other security applications.

INCIDENT RESPONSE ANALYST

Confidential, Sterling, VA

Responsibilities:

• Maintain the security services and technologies involving the SIEM configuration & planning, and incident response.
• Specialize in network centric analysis utilizing a variety of tools and techniques such as Network Security Monitoring, log analysis, and more.
• Technical leadership guiding the development and evolution of our security monitoring platform as well as detection and response procedures.
• Provides Training and Mentoring of junior and mid-career team members.
• Responsible for providing Security Architecture services during normal business hours.
• Utilizes digital forensic tools including to execute digital investigations and perform incident response activities.
• Perform hunting for malicious activity across the network and digital assets.
• Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network.
• Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity.
• Establishes links between suspects and other violators by piecing together evidence uncovered from a variety of sources.
• Establishes and maintains defensible evidentiary process for all investigations.

INFORMATION ASSURANCE ANALYST

Confidential, Greensboro NC

Responsibilities:

• Conducted Confidential -based security risk assessments for various contracting organizations and application systems - including interviews, tests and inspections; produced assessment reports and recommendations; conducted out-briefings.
• Documented and reviewed System Security Plan (SSP), Security Assessment Report (SAR), Security Plan of Action and Miles tones (POA&M), Authorization letter/memorandum (ATO).
• Sound understanding and experience with NIST Risk Management Framework (RMF) process.
• Perform Information Systems Security Audits and Certification and Accreditation (C&A) Test Team efforts.
• Generate, review and update System Security Plans (SSP) against NIST 800-18 and NIST 800-53 requirements.
• Review Technical Security Controls and provided implementation responses as to if/how the Systems are currently meeting the requirements.
• Provide continuous monitoring support for control systems in accordance to Confidential guidelines.
• Assist System Owners and ISSO with the development of SA&A documentation.
• Review and ensured Privacy Impact Assessment (PIA) document after a positive PTA is created.
• Document and finalize Security Assessment Report (SAR).
• Communicated effectively through written and verbal means to co-workers, subordinates and senior leadership.