We provide IT Staff Augmentation Services!

Senior Cyber Security Specialist Resume

Bethesda, MD

SUMMARY:

Information Security Professional with broad experience in identifying, assessing and providing recommendations for mitigating organizational risk using Confidential Special Publication 800 - 30, 800-37. Skillful in preparing Authorization Package - SSP, SAR and POAM

PROFESSIONAL EXPERIENCE:

Confidential, Bethesda, MD

Senior Cyber Security Specialist

Responsibilities:

  • Developed Prep Fact Sheet
  • Preparation of the Controls selection lists and developing the RTM
  • Generate Draft RTM’s, CAT’s
  • IACS resolve any Discrepancies, Develop the Questionnaire & Artifacts, Develop SAP
  • Closed Out- Peer Review RTM & present to Fed leads, Assessment Interviews with Technical SME and ISSO.
  • Conducting Close Out Meetings
  • Create POAM Tables
  • Performing Kick off Meetings, sending invitation to all stakeholders, in preparation for upcoming System SCA.
  • Created Nessus Vulnerability and audit policies using appropriate plugins and Compliance benchmarks like Confidential .
  • Create and ran scans based on these policies.
  • Created and ran queries in Security Center in security Center to analyze vulnerabilities and compliance issues.
  • Conducted assets discovery scans and generated assets based off the scans
  • Generate Asset List
  • Updating Document Reviews, which vary from CP, CPT, Confidential -Auth, FIPS 199, PTA’s SP, ISA’s making correct recommendations and ensuring information Data is accurate and Updated.
  • Ensure Implementation of appropriate security control for Information System based on Confidential Special Publication 800-53 rev 4, FIPS 200, and System Categorization using Confidential 800-60, and FIPS 199
  • Review and update remediation on (POAMs), in organization's Cyber Security Assessment and Management (CSAM) IACS system. Work with system administrators to resolve POAMs, gathering artifacts and creating mitigation memos, residual risk memos and corrective action plans to assist in the closure of the POA&M. Reviewing (CRF) Closure Request Forms, remediating the weakness, and making profound recommendations, reviewing all artifacts as necessary.
  • Monitor controls post authorization to ensure continuous compliance with the security requirements
  • Develop and Update (STE) System Test Evaluation, RTM’s SAR, SAT, SAP - Requirement Traceable Matrix, Security Assessment Report, Security Assessment Plan
  • Vulnerability Scanning; Tools such as SC-5, Splunk, Web Inspect, HP Fortify & DB Protect
  • Monitoring Security Threats and Risks involving, client infrastructure
  • Work on Projects to improve the value of security monitoring for clients. Providing Security for 49 different systems for USCIS.
  • Analyze and develop reports and metrics that support findings.
  • Providing weekly status reports
  • Isolate and take appropriate action to mitigate security threats
  • Travel to perform Security Assessments and Decommissioning for Information Systems.

Confidential, Falls Church, VA

Information Security Analyst

Responsibilities:

  • Reviewing, maintaining, and ensuring all Assessments and Authorizations ( Confidential & Confidential ) documentation are included in system security package.
  • Ensure Implementation of appropriate security control for Information System based on Confidential Special Publication 800-53 rev 4, FIPS 200, and System Categorization using Confidential 800-60, and FIPS 199.
  • Review and update remediation on (POAMs), in organization's Cyber Security Assessment and Management (CSAM) system. Work with system administrators to resolve POAMs, gathering artifacts and creating mitigation memos, residual risk memos and corrective action plans to assist in the closure of the POA&M.
  • Create and ran scans based on these policies.
  • Created and ran queries in Security Center in security Center to analyze vulnerabilities and compliance issues.
  • Conducted assets discovery scans and generated assets based off the scans
  • Generate Asset List
  • Reviews scan results and document findings in POA&M.
  • Collaborate with system administrators to remediate (POA&Ms) findings. Ensure vulnerabilities and risks are efficiently mitigated in accordance with the organization continuous monitoring Plan.
  • Monitor controls post authorization to ensure continuous compliance with the security requirements.
  • Conducted security assessment interviews to determine the Security posture of the System and to develop Confidential Security Assessment Report (SAR) in the completion of the Security Test and Evaluation ( Confidential & Confidential ) questionnaire using Confidential SP 800-53A required to maintain Company Authorization To Operate (ATO), the Risk Assessment, System Security Plans, and System Categorization.
  • Performed information security risk assessments and assist with the internal auditing of information security processes. Assessed threats, risks, and vulnerabilities from emerging security issues and identified mitigation requirements.
  • Exposed to Vulnerability scanning and assessment tools such as Retina, Nessus and CSAM.

Confidential, Bethesda, MD

Information Security Analyst

Responsibilities:

  • Prepare and submit Security Assessment Plan (SAP) to Confidential for approval.
  • Support in the design and implementation of automation for manual procedures, the development of baseline security configurations, standards, and policy in accordance with industry best standards.
  • Develop and update security plan (SSP), Security Assessment Report (SAR), Plan of action and milestone (POA&M).
  • Monitored controls post authorization to ensure continuous compliance with the security requirements.
  • Create reports detailing the identified vulnerabilities and the steps taken to remediate them (POAM)
  • Participate in other Governance team initiatives, to include development of comprehensive security awareness program; and audit response activities.
  • Manage, develop, maintain and communicate company policies, standards ( Confidential, Confidential 800-18, 53, 53A, 53 Rev4, 30, 37, 60, 137) compliance, risk and business management, and configurations in accordance with industry standards and best practices.
  • Providing security configuration advice and guidance in implementing new technologies.
  • Assisting in the development of IT systems security Policies, procedures, and practices for all platforms.
  • Making recommendations for implementing and disseminating IT security Tools and solutions.
  • Reviewed scans reports from WebInspect and Nessus.

Confidential, Fairfax, VA

Technology Help Desk

Responsibilities:

  • Assigned issues to appropriate support group for thorough support and prompt resolution.
  • Responsible for identifying, troubleshooting, researching, supporting and researching customer IT issues.
  • Provided first point of contact for support issues.
  • Researched and resolved technical issues, maintain technical aptitude and support corporate initiatives and team department goals according to direction of management.
  • Interacted with users to provide and process information in response to problems, inquiries, concerns and/or requests, collaborate with customers to resolve application, phone, printer, or computer problems in real time.
  • Worked closely with clients and staffs to ensure smooth, uninterrupted operation of network client workstations, servers, and perform other assigned duties

Hire Now