It Security Analyst Resume
2.00/5 (Submit Your Rating)
Laurel, MD
PROFESSIONAL SUMMARY:
- IT Security Analyst, Security Assessment and Authorization professional, Insightful, results - driven with notable success directing a broad range of corporate IT security initiatives while participating in planning, analyzing, security control assessments and implementing solutions in support of business objectives.
- Analyzing, developing, reviewing, and updating Information Security System Policies, System Security Plans, and Security baselines in accordance with NIST, FISMA, OMB App.
- III A-130 and industry best security practices.
- A proven project and team lead with aptitude for good customer service, leadership, excellent communication (both oral and written), and presentation skills.
- Analyzed software hardware and network systems for various transmission systems.
- Configured and installed routers switch and wireless controllers.
- Evaluated complex computer systems to assess vulnerability and risk.
- Worked with outside vendors and teams to develop voice and data wiring infrastructure.
- Maintained all network documentation for hardware configuration and licensing.
- Install wide range of network equipment.
- Keep network infrastructure up-to-date and secured.
- Write and maintain network security policies and monitor compliance.
- Policy writing.
SKILL:
- Speak, write and read French fluently
- Strong communication (verbal & written) and presentation skills
- Ability to establish and maintain effective working relationships with clients and co-workers
- Skills in interviewing users to help analyze and resolve issues
- Strong organizational, analytical and planning skills
- Ability to read and interpret system security policies, rules and regulations
- Ability to communicate security and risk-related concepts to both non-technical and technical audiences
FUNCTIONAL AREAS OF EXPERTISE INCLUDE:
- Assessment and Authorization (A&A)
- IT Security Compliance
- Vulnerability Assessment
- Network Vulnerability Scanning
- Security Test and Evaluation (ST&E)
- Information Assurance and Accreditation (C&A)
- System Risk Assessment
- Systems Development Life Cycle
- Technical Writing
- Project Management and Support
- Information Gathering
TECHNICAL EXPERTISE:
Nessus Vulnerability Scanner, Mac, Microsoft Windows, Excel, Word, PowerPoint, Access, MS Project, MS Visio, Oracle virtual box, CSAM, Accellion/WatchDox secure file solution.
PROFESSIONAL EXPERIENCE:
IT Security Analyst
Confidential, Laurel, MD
Responsibilities:
- Developed, reviewed, and updated Information Security System Policies, System Security Plans, and Security baselines
- Provided security expertise and guidance in support of security assessments
- Supported A&A (C&A) activities according to the A&A project plan
- Reviewed authorization documentation for completeness and accuracy for compliance
- Facilitated Security Control Assessment (SCA) and Continuous Monitoring Activities
- Executed examine, interview, and test procedures in accordance with NIST SP A Revision 4
- Validated information system security plans to ensure NIST control requirements are met
- Developed resultant SCA documentation, including but not limited to the Security Assessment Report (SAR)
- Authored recommendations associated with findings on how to improve the customer’s security posture in accordance with NIST controls
- Updated and reviewed A&A Packages to include Core Docs, Policy & Procedures, Operations and Maintenance Artifacts, SSP, SAR, FIPS 200, FIPS 199, POA&M, CPTPR, BIA, PTA, PIA, and more
- Collected Operation and Maintenance artifacts on an ongoing basis so that Security Control Assessment (SCA) is seamless
- Uploaded supporting docs in the System’s Artifact Libraries, Google Docs, and CSAM
- Updated, reviewed, and aligned SSP to the requirements in NIST, rev4; so that assessments can be done against the actual requirements and not ambiguous statements
- Managed vulnerabilities with the aid of Nessus vulnerability Scanners to detect potential risks on a single or multiple assets across the enterprise network
- Reviewed SAR post assessment; created and completed POAM’s milestones to remediate findings and vulnerabilities
- Monitored security controls post authorization to ensure continuous compliance with the security requirements
- Experience in Vulnerability Scanning tools (IBM AppScan, IBM AppScan Source, HP Fortify, HP WebInspect, BurpSuite, ZAP, Kali Linux).
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
