Cybersecurity analyst Resume

SUMMARY:

Active Investigation Secret Security Clearance
Nessus Vulnerability Scanning Tool, WebInspect, Splunk, DbProtect, FIPS 199, FIPS 200, NIST 800 - 53 Rev4, NIST 800-37, NIST 800-39, E-Authentication, Privacy Impact Assessment (PIA), Risk Assessment (RA), SSP, ST&E, SAR, Plans of Action and Milestones (POA&M), Authorization to Operate (ATO) Letter, MS Office, SharePoint.

PROFESSIONAL EXPERIENCE:

Confidential

Cybersecurity analyst

Perform Security Assessments on assigned systems using the Risk Management Framework (RMF) guidelines.
Reviewed technical security controls and provide implementation responses to meet requirements
Meet with client to discuss findings and process of remediation
Review provided or requested Artifacts and Plan of Action & Milestones (POAMs) to determine if controls are implemented correctly.
Utilizes NIST 800-53A and NIST 800- 53 rev-4 to review implemented controls and enter information into the Requirements Traceability Matrix (RTM) and findings into the Security Assessment Report (SAR).
Collaborate with other team members and system owners/ technical managers to schedule and conduct Kick-off meetings and interviews to discuss findings.
Provide weekly status reports.

Confidential

Cybersecurity analyst

Assisted in conducting cloud system assessments
Helped in updating IT security policies, procedures, standards and guidelines according to department and federal requirements
Support Cyber Security analyst in conducting Vulnerability Management, Security Engineering, Certification and Accreditation, and Computer Network Defense.
Perform risk assessments, update and review System Security Plans (SSP) using NIST 800-18 (Guide for Developing Security Plans for federal information systems) Plans of Action and Milestones (POA&M), Security Control Assessments, Configuration
Perform vulnerabilities scan and monitor continuously using NIST 800-137 as a guide with the aid of Nessus

Confidential

Entry level/Junior IT Security Analyst

Developed, reviewed and updated Information Security System Policies, established security baselines in accordance with NIST, FISMA, FIPS, and industry best security practices.
Performed vulnerability scanning with the support of Nessus scanning tool to detect potential risks on a single or multiple asset across the enterprise network.
Updated IT security policies, procedures, standards, and guidelines per the respective department and federal requirements.
(SA&A) Security Assessment and Authorization using NIST SP 800-53 rev4/FIPS 200 (Security Controls), NIST SP 800-53A rev4 (Assessing Security Controls).

Confidential

Help Desk Support

Assist for Windows Server, VM, Active Directory and networking experience as well as a laptop/desktop break fix background.
Assisted the SOC team in documenting and reporting vulnerabilities by utilizing tools such as Splunk and SNORT.
Worked with network security (network administrator policies and procedures, firewalls, etc.
Responsible for conducting analysis of security incidents. Perform investigations of unauthorized disclosure of PII. Responsible for reporting findings and provide status to senior leadership.
Policy writing and understanding of NIST publication
Interned as an IT security analyst as well as worked with different SIEM tools
Customer service and problem solving,
Provide all first level technical support and escalate as needed.
Providing 2nd line technical support,
Answering support queries via phone & email.