We provide IT Staff Augmentation Services!

Cyber Security Analyst Resume

Bethesda, MD

SUMMARY:

  • Passion oriented cyber security analyst with over 4 years of experience working with NIST, FIPS, FISMA, Nessus, Nmap, Splunk, IDS, IPS, Firewalls and other system security tools. I am familiar with network devices (switches, routers) and continuous monitoring (SIEM) tools. I thrive under pressure and in fast - paced environment. Additionally, I am efficient on projects development from concept to implementation.
  • Extensive knowledge on developing Contingency Plans, Business Impact Analysis, Configuration Management Plans, System Security Checklists, Privacy Impact Assessments, and POA&M (Plan of ACTION and Milestone)
  • Experience working with NIST 800-53 rev 4 to ensure that organization meet FISMA requirements
  • Experienced working with security assessment control using NIST SP 800-53A.
  • Efficient and knowledgeable on using Nessus, Splunk, Nmap, OpenVAS, Nexpose, Microsoft word, Excel, PowerPoint and Outlook.
  • Networking: Firewalls (Cisco ASA firewall), Ethernet, Internet, HTTP, HTTPS, NIS, DNS, FTP, NFS, TCP/IP, SSH, SMTP,
  • Good communication and writing skills.
  • Experience using security information and event management (SIEM) to manage adherence to corporate policy, track system changes and log user access.
  • Familiar with VMware version 5.5 and 6, Oracle virtual Box, Packet tracer and other Virtual Machine Applications.

    Platforms: Red Hat Enterprise Linux 7, CentOS, and Windows server 2008 and 2012

  • Microsoft Office (Word, Excel, PowerPoint, Outlook) knowledgeable on Switches and routers configuration
  • Efficient in Network troubleshooting
  • Implement cabling over a small network
  • Manage organization unit in an access control list
  • Bilingual (English and French)
  • Good Customer Service Kills

PROFESSIONAL EXPERIENCE:

Cyber Security Analyst

Confidential, Bethesda, MD

  • Risk Management Framework (RMF) assessments and Continuous Monitoring: Performed RMF assessment on several different environments using both scanning tools and manual assessment. Assessment included initiating meetings with various System Owners and Information System Security Officers (ISSO), providing guidance of evidence needed for security controls, and documenting findings of assessment.
  • POAM Remediation: Performed evaluation of policies, procedures, security scan results, and system settings to address controls that were deemed insufficient during Certification and Accreditation (A&A), RMF, continuous monitoring, and FISMA audits.
  • Monitor controls post authorization to ensure continuous compliance with the security requirement.
  • Reviewed and updated some of the system categorization using FIPS 199, Initial Risk Assessment, E-authentication, PTA, PIA, SAR, SSP, SAP& POA&M.
  • Perform vulnerability assessment over enterprise networks using Nessus.
  • Use SNORT version 2.9.11.1 to assist monitoring network intrusion detection systems (IDS), intrusion prevention systems (IPS) and host-based intrusion prevention / detection systems (HBIP/DS).
  • Use Splunk for continuous monitoring, oversee network intrusion and debug network traffic.
  • Use Nmap to perform port security scan purposely to identify illegitimate open ports on the enterprise Network
  • Configure Cisco firewall 4100 series and Juniper SRX5400 firewall series to allow and deny incoming and outgoing traffic over a network.
  • Real time triage and short team analysis of security alerts, prioritization and escalation of alerts and incidents that exceed the SOC threshold.
  • Provided technical support in the evaluation of security products and developed information system security studies and reports that address areas of information system security concerns.
  • Comply with all previously stated requirements for HIPAA, Personnel Security, Electronic Security, and Physical Security.
  • Hold kick-off meeting with CISO and systems stakeholders prior to assessment engagement.
  • Conduct meetings with the IT team to gather documentation and evidence about their control environment.
  • Reviewing anti-malware logs and produce dashboard reports of malware.
  • Worked with business process owners to ensure timely identification and remediation of jointly owned risk related issues and action plans (POA&M).
  • Contribute to initiate FISMA metrics such as identify, protect, detect, respond and recover.
  • Continuously monitoring Security Incident and Event Management (SIEM) alert queue for intrusions & violations to the company's policy.
  • Develop and conducted ST&E (Security Test and Evaluation) according to NIST SP 800-53A.
  • Perform internal information security risk assessments and assist with the internal auditing of information security processes-- Assess threats, risks, and vulnerabilities from emerging security issues, and work with the system owner and common providers to remediate uncovered weaknesses before the external Security Control Assessment is done.
  • Assist and manage security incidences by following the company’s security incidence emergency response chart and assisting the security incidence response team (SIRT) to contain and eradicate various attacks type.

Cyber Security Analyst -

Confidential -McLean, VA

  • Risk Management Framework (RMF) assessments and Continuous Monitoring: Performed RMF assessment on several different environments using both scanning tools and manual assessment. Assessment included initiating meetings with various System Owners and Information System Security Officers (ISSO), providing guidance of evidence needed for security controls, and documenting findings of assessment.
  • Provide input to management on appropriate FIPS 199 impact level designations and identify appropriate security controls based on characterization of the general support system or major applications.
  • Ensure proper management of Security Impact Analysis documentation.
  • Work with all ISO 27001-5 series and SAN 20 to Implement and review critical security controls.
  • Develop and maintain artifacts supporting the Risk Profile SP, CP, CM, IR and POA&Ms and Maintain and organize SharePoint repository.
  • Provide IA Support and Risk Management Framework and Continuous Monitoring processes.
  • Comply with all previously stated requirements for HIPAA, Personnel Security, Electronic Security, and Physical Security.
  • Perform Comprehensive security control Assessment (SCA) and prepare reports on management, operations and technical controls for Audited application.
  • Proficient on reviewing and updating system categorization using, Initial Risk Assessment, FIPS 199, E-authentication, PTA, PIA, SAR, SSP, SAP& POA&M.
  • Conduct vulnerabilities assessment check with Nessus and Nexpose on a single or multiple asset across the enterprise network.
  • Perform vulnerability assessment over enterprise networks using Nessus.
  • Use SNORT version 2.9.11.0 to assist monitoring network intrusion detection systems (IDS), intrusion prevention systems (IPS) and host-based intrusion prevention / detection systems (HBIP/DS).
  • Use Splunk for continuous monitoring, oversee network intrusion and debug network traffic.
  • Use Nmap to perform port security scan to identify illegitimate open ports on the enterprise Network
  • Configure Cisco firewall 4100 series and Juniper SRX5400 series firewall to allow and deny incoming and outgoing traffic over a network.
  • Conduct risk assessments regularly; ensure measures raised in assessments were implemented in accordance with risk profile, and root-causes of risks were fully addressed following NIST 800- 53
  • Review audit logs and provide documentation guidelines to business process owners and management.
  • Develop and conducted ST&E (Security Test and Evaluation) according to NIST SP 800-53A and other Frameworks
  • Use a wide range of tools like ArcSight, or McAfee Enterprise Security Manager to properly address challenges related to SIEM (Security information event management)

Computer student Assistant

Confidential, Takoma Park, MD

  • Assist students when having trouble using computers
  • Provided front desk support, welcoming students, assigning computers for use; used bilingual skills to serve operations
  • Scheduled appointments applied administrative skills
  • Troubleshoot equipment
  • Trained new employees about working procedures

Hire Now