SUMMARY:

• Information Technology Security professional who assumes responsibility and ownership for assigned actions and tasks, easily learns new systems and processes, has strong attention to detail, and has worked in several Confidential government agencies learning more about IT in government and the culture and agencies.
• Focused on processes, systems, and technology and applied governance and communications to implement IT security policies.
• Applied information security and assurance policies, principles, and standards to make timely decisions and advise management.
• Assessed IT security policies and procedures, and recommended solutions for supporting assigned systems included in the Local Area Network (LAN) or Wide Area Network (WAN) to improve system performance, capacity, and serviceability.
• Installed and configured hardware and software and protected enterprise resources and sensitive information.
• Explained and communicated complex technical concepts in non - technical terms to users with varying levels of technical knowledge.
• Established/maintained computer accounts, profiles, file sharing, access privileges and security.
• Applied operating system updates, patches, and configuration changes to protect against vulnerabilities and threats.
• Prioritized requests, organized, scheduled, coordinated, trouble, and implemented a variety of support system and network activities.
• Maintained awareness and understanding of client/server technology, networking systems and solutions, IT security, emerging trends and best practices, and government contracting practices.

TECHNOLOGY SKILLS:

Monitoring Software: WhatsUp Gold, Zenprise Security Software Gold Disk, Retina

VPN Remote Access: Cisco, Juniper, Microsoft Office Suite

Virus Scan Software: HBSS McAfee Enterprise Operating Systems Windows XP, Exchange 2003, TrendMicro, Remedy, Magic Ticketing Systems

PROFESSIONAL EXPERIENCE:

Confidential

Responsibilities:

• Interpreted scan results from various vulnerability tools to remediate vulnerabilities.
• Provided security artifacts for assessments and represented system personnel during audits.
• Made recommendations to improve security posture for assigned systems with approved software.
• Created and tracked POA&M’s from start to remediation using CSAM tool.
• Worked on special projects for USPTO personnel as assigned.

Information Security Engineer

Confidential, McLean, VA

Responsibilities:

• Assessed and reported potential security risks and vulnerability opportunities, conducted penetration testing to discover vulnerabilities in systems, and developed testing scripts and procedures.
• Worked collaboratively with Systems Administration team members to deploy technical controls to meet security requirements and recommended improvements and upgrades to security of environment.
• Ensured tasks completed within schedule and level of quality adhering to established Information Security Policies and Procedures.
• Performed audit activities to report on security compliance and configurations of systems.
• Worked on technical aspects of implementation and maintenance of Information Systems Security Program.
• Supported systems security certification and accreditation (C&A), including tracking of Plan of Action and Milestones (POAM) items.
• Coordinated information security inspections and incident responses, performed Continuous Monitoring activities, and researched latest information technology security trends.
• Conducted security impact assessments for Change Requests and participated in TRB and CCB sessions.
• Created DISA compliance policy in Nessus for remediation activities.

Information Assurance Security Analyst

Confidential

Responsibilities:

• Reviewed system-level security controls and ensured all security deficiencies were mitigated or obtained a risk acceptance and tracked through Plan of Action & Milestones (POA&M).
• Conducted assessment of systems to reevaluate sensitivity of systems, risks, and mitigation strategies and advised security owner of any security considerations before the creation of the Security Authorization package.
• Provided consistent updates on the development and maintenance of system security and contingency plans, FIPS 199, Risk Assessment Reports (RAR), System Assessment Plans, and Security Assessment Reports (SAR) to senior leadership.

Desktop Engineer

Confidential

Responsibilities:

• Performed baseline testing for Windows OS releases and prepared training for testers.
• Responded to potential phishing emails.
• Determined whether there was abnormal behavior in log files and entries that might signal an attack or infection.
• Performed vulnerability remediation and patching.
• Employed centralized anti-virus and host intrusion detection system solution for blocking and reacting to potentially harmful websites and malware.

Senior Deskside Support Technician

Confidential

Responsibilities:

• Diagnosed and resolved problems by gathering and applying information from a variety of sources to address and mitigate technical, policy, and security issues.
• Created, updated and closed trouble tickets using ticket management software.
• Expressed sensitive and technical information to customer and colleagues taking into account audience.

LAN Deskside Technician

Confidential

Responsibilities:

• Reviewed and tested IT equipment and software, including software updates and patches, to meet user needs.
• Diagnosed and resolved problems by gathering and applying information from a variety of materials and sources to address and mitigate technical, policy, and security issues.
• Expressed information to individuals or groups effectively taking into account the audience and nature of the information (i.e., technical, sensitive, controversial) by providing daily and weekly reports to management.
• Initiated, planned, and scheduled installation of new or modified IT equipment, operating systems, and software applications, including test environments.