Cyber Security Control Assessor Resume

SUMMARY:

Cyber Security professional with 4 years of experience in Risk Management Framework (RMF), vulnerability management, security control implementation, assessment and authorization, POA&M management, continuous monitoring, Authentication & Access Control, System Monitoring and Regulatory Compliance in accordance with Confidential, OMB, FISMA and industry best security standards.
Outstanding proven experience in security control assessment, risk mitigation, security and privacy management
Ability to create and analyze threats and vulnerabilities scanning reports
Excellent problem - solving skills
Strong communications and analytical skills
Excellent multi-tasking skills; experience managing multiple project simultaneously
Team player; dynamic and professional with the ability to adapt well to changing environments and interact well at all levels
Proven ability to lead and direct, solve problems creatively, and make strategic decisions in any given environments.

PROFESSIONAL EXPERIENCE:

Cyber Security Control Assessor

Confidential

Responsibilities:

Work with a team of Information System Owners, Developers and System Engineers to select and Implement tailored security controls in safeguarding system information
Evaluate threats and vulnerabilities based on Tenable/nexus scans reports and also Implement Risk Management Framework (RMF) in accordance with Confidential SP revision one
Develop and update system categorization levels using FIPS 199/ Confidential, selecting the controls using Confidential /FIPS 200, implementing controls and developing SSP and other key deliverable documents
Analyze and update System Security Plan (SSP), Risk Assessment (RA), Privacy Impact Assessment (PIA), System Security test and Evaluation (ST&E) and the Plan of Actions and Milestones (POA&M)
Evaluate and/or create System Security Plans (SSP), Contingency Disaster Recover Plans (CDRP), Risk Assessment Reports (RAR), Security Assessment Reports (SAR) and executive summaries
Review, update and develop required security documentation including but not limited to System Security Plans (SSPs), Contingency Plans (CP), Plan of Action and Milestones (POA&Ms), Security Assessment Reports (SAR)
Create, review and update A&A Packages: System Registration, System Security Categorization, eAuthentication Assessment CP, CPT, SSP, SAP, SAR, and POA&M using TAF .