Cyber security and Networks Risk Management Analyst Resume

SUMMARY:

5 years of It consulting experience with leadership experience and working in the federal environment. Experience utilizing Risk Management Framework (RMF) for and Accreditation (C&A) of systems within the federal environment. Excellent analytical and problem - solving skills as well as inter-personal skills in interacting with team members, clients, and top management.

TECHNICAL SKILLS:

Windows, PeopleSoft, CA SiteMinder, Microsoft Excel, LAN/WAN, TCP/IP, DMZ, IPS/IDS, Oracle Enterprise Manager, FIPS, SharePoint, CSAM.

PROFESSIONAL EXPERIENCE:

Confidential, MD

Cyber security and Networks Risk Management Analyst

Responsibilities:

Delivered high-quality client solutions to support the design, development, implementation, testing and continual monitoring Federal Government Client's systems security controls.
Reviewed Information Systems (IS) in order to identify potential security weaknesses, recommend improvements to mitigate vulnerabilities, implement security controls and document changes.
Delivered Risk Assessments (RAs), System Test and Evaluation (ST&E) Plans, Security Assessment Reports (SARs), and Authority To Operate (ATO) Letters.
Performed the Assessment and Authorization (A&A) lifecycle for all systems, including systems hosted applications at third-party locations and cloud services.
Performed inventory and FIPS 199 Standards for Security Categorization of Federal Information and IS, classification of IS.
Reviewed and updated System Security Plan (SSP) using NIST SP guidelines.
Participated in ST&E Kick-off Meeting and populate the Requirements Traceability Matrix (RTM) per NIST SP A.
Participated in Internal Audit kick-off meetings and ensure all issues identified by the internal audit were followed with remediation plans.
Collaborated with teams in providing deliverables for internal audits.
Managed a team of seven delivering reports on a monthly basis.
Monitor controls post authorization to ensure continuous compliance in accordance to FISMA guidelines.
Performed Plan of Action & Milestones (POA&M) tracking and reporting.
Updated POA&M and Risk Assessment based on findings assessed through monthly updates.
Assessed controls, as well as created and tracked remediation efforts (POEM) using a government trusted tool called Cyber Security Assessment and Management (CSAM)
Evaluated security assessment documentation and provide written recommendations for security authorization to the AO.
Advised the Information System Owner (ISO) concerning the impact levels for confidentiality, integrity, and availability for the information on a system.
Worked with Information Systems Security Officers (ISSO) to ensure FISMA documentation, ATO planning, and execution is completed in a timely manner.
Assisted with proposal writing.
Informed users about security measures, track A&A expirations, explain potential threats, perform software scans on networks and computers for vulnerabilities, review audit data for intrusions to protect information and prevent unauthorized access.
Conducted continuous monitoring on systems using IDS tools (SNORT).
Perform on-site security testing to detect potential risks using vulnerability scanning tools including Nessus and Splunk.
Assisted with the implementation of IPS, DLP and UTM features on firewalls for added security purposes.
Ensured that IT systems have all cyber security controls in place and that the all controls function properly in accordance with the latest NIST standards.

We provide IT Staff Augmentation Services!

We'd love your feedback!

Resume Categories

Client Services

Job Seekers

Visa Sponsorship