System Security Analyst/ Security Operations Center Analyst Resume
3.00/5 (Submit Your Rating)
Arlington, VA
SUMMARY:
- Results - driven Cyber Security specialist with 5+ years of experience in Information Assurance (IA).
- Superb working knowledge of Accreditation and Authorization in a wide range of computer related disciplines, with concentration in Confidential based Information Technology (IT) Accreditation, Network Security enforcement, Threat Detection and Response, Ticketing Systems (ServiceNow), Government IA Policy, Security Operations Center ( Confidential ) Management and Managed Services.
TECHNICAL SKILLS:
- Proficient in Arcsight, Splunk;Bit9, Carbon Black, AirDefense, CiscoPrime, Triton(websense), FireEye (Ex,Nx,Ax,Hx), MacAfee ePO, ServiceNOW ticketing system, HPE, Wireshark, ThreatStream, PGP, Marimba, TripWire, Nessus, RSA security analysis(NetWitness), Exchange365, Lync, DLP(Titus/Symantec), TCP / IP; Microsoft Office Suite (Excel / PowerPoint / Word), Citrix. Blue coat reporter. Azure cloud, Windows Defender, Cloud App Security.
- Working experience using Nessus vulnerability Scanner, FireEye IDS (HX, NX, EX, etc.), Microsoft Azure /Advanced Threat Protection(ATA), Log Analytics, Wireshark, Solarwinds, Dumpsec, CSAM v3, BMC Remedy 8.1 Database, Citrix, ServiceNow and OsTicket,
- Possess strong problem-solving skills, with the ability to make well thought out decisions in a detail orientated and organized professional matter.
AREAS OF EXPERTISE AND ACCOMPLISHMENT ENCOMPASS:
- Risk Assessment Risk Management Auditing
- Project Management Accreditations Analysis
- Continuous Monitoring Tools Procedure Development
PROFESSIONAL EXPERIENCE:
Confidential, Arlington, VA
System Security Analyst/ Security Operations Center Analyst
Responsibilities:
- Perform continuous IDS monitoring and analysis, network traffic and log analysis, prioritization and differentiation between potential intrusion attempts, determination of false alarms, insider threat and APT detection, and malware analysis/forensics using tools such as FireEye, Microsoft Azure Security Center, Cloud App Security (CAS), Splunk, FortiGate IPS etc.
- Responsible for investigating and tracking potential or actual security violations using Service Now
- Compose security alert notifications reporting to US-Cert, Microsoft, Department of Homeland Security ( Confidential ) and organizational Program Offices.
- Advise incident responders on the steps to investigate and resolve computer security incident.
- Designs, develops, and implements information security and disaster recovery programs in accordance with organizational information security standards.
- Directly responsible for creating Standard Operating Procedure document (SOP’s) for different Confidential tools including but not limited to Microsoft Cloud App Security, Trustwave DbProtect, Fortinet IDS, and FireEye.
- Conduct continuous host and network based scans using Nessus and DbProtect. Compile all reports and findings and deliver them to their respective program offices.
- Manage and maintain System Security Plans (SSPs) from inception through decommissioning following the Risk Management Framework process within CSAM.
- Perform risk assessments on three (3) systems and document the assessment results in CSAM.
- Ensure timely POA&M updates to the CSAM database.
- Prepare Security Assessment Report (SAR), Risk Assessment Report (RAR), Confidential and POA&M for authorization recommendation to AO to ensure that risks and corrective actions are acceptable to the Commission.
- Analyze quarterly security scans, and map resulting findings to security controls as part of ongoing assessment.
- Maintain up-to-date baselines for the secure configuration and operations of all devices.
- Ensure security logs and audit trails are reviewed in accordance with established schedules and procedures.
Confidential, Laurel, Maryland
Security Analyst/ Contingency Plan Coordinator (lead)
Responsibilities:
- Monitors the effectiveness of controls deployed as a result of the agency-wide risk assessment.
- Responsible for creating, certifying and accrediting major Confidential Applications: security policies and System Security Plans ( Confidential ); utilizing guidance provided by the National Institute of Standards and Technology ( Confidential ).
- Responsible for conducting comprehensive assessments of the management, operational, and technical security controls to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system
- Co-ordinate and track the patching and remediation of security weaknesses as they are discovered, via a "Plan of Actions and Milestones" ( Confidential ).
- Maintain inventory (software/hardware & version control)
- Lead role for supporting Contingency Planning and annual Tabletop testing in accordance with Confidential Special Publication 800-34 Rev. 1 Contingency Planning Guide for Confidential Information Systems
Confidential, Rockville, Maryland
Cyber Security Analyst/ IA Support
Responsibilities:
- Support the ISSM in creating, certifying and accrediting major Confidential Applications; security policies and System Security Plans ( Confidential ); utilizing guidance provided by the National Institute of Standards and Technology ( Confidential ) Special Publication Confidential 800-37, Guide for Applying the Risk Management Framework to Confidential Information Systems, Confidential 800-53, Recommended Security Controls for Confidential Information Systems and Organizations, Confidential SP 800-53A.
- Assisted in the development of the Security Requirements Traceability Matrix ( Confidential )
- Responsible for conducting comprehensive assessments of the management, operational, and technical security controls to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system
- Initiate, co-ordinate and track the patching and remediation of security weaknesses as they are discovered, via a "Plan of Actions and Milestones" ( Confidential ).
- Maintain inventory (software/hardware & version control)
- Worked as technical support staff for cameras and computers and trouble-shooting.