Senior Security Consultant/information Assurance Analyst Resume
Billerica, MassachusettS
SUMMARY:
Over 15 years of experience in information technology and information security supporting the Confidential Government and the Department of Defense. Excellent working knowledge of Confidential security regulations and policies. Highly skilled in conducting risk/vulnerability assessments, developing security plans, policies, procedures, standard operating procedures and continuous monitoring.
WORK EXPERIENCE:
Senior Security Consultant/Information Assurance Analyst
Confidential, Billerica, Massachusetts
Responsibilities:
- Responsible for ensuring the secure baseline configuration of Windows and Linux operating systems.
- Responsible for vulnerability assessments and patch management.
- Responsible for Confidential ePO implementation
- Responsible for the integration of audit logs into Splunk and the development of various Splunk applications for log analysis.
- Responsible for Confidential Server Automation, which consists of change management auditing, baseline compliance, and automated remediation jobs.
- Tracking, reporting, and remediation all POA&Ms.
- Responding to security related events, log reviews
- Participating in annual third - party and internal security audits.
- Providing material and input to the System Security Plan
Senior Security Engineer
Confidential, Dulles, Virginia
Responsibilities:
- Hands on development, design, and implementation of security products to meet continuous monitoring objectives.
- Hands on development, design, and implementation of security products to meet continuous monitoring objectives.
- Create briefings and demonstrations on products for potential customers.
- Work with vendor’s product teams to improve product capabilities
- Continually assess security of vendor’s products before customer deployment.
Information Assurance Subject Matter Expert
Confidential, Fairfax, Virginia
Responsibilities:
- Responsible for assisting customers with completion of their & Accreditation as it relates to Confidential equipment in order to receive ATO, using both Confidential and Confidential guidelines.
- Responsible for configuring, assessing, and testing and systems for compliance with DISA Secure Technical Implementation Guides.
- Responsible for the creation and routine vulnerability assessments and patch management process using Nessus and Retina.
- Responsible for maintaining system specific security guides for Confidential products.
- Responsible for pre-JITC testing by completing SARs on products and tracking
- Work closely with development teams in closing POAMs on our products.
Senior Security Consultant
Confidential, Oakton, Virginia
Responsibilities:
- Responsible for ensuring the secure baseline configuration of Windows and Linux operating systems.
- Responsible for vulnerability assessments and patch management.
- Responsible for the integration of audit logs into Splunk and the development of various Splunk applications for log analysis.
- Responsible for Confidential Server Automation, which consists of change management auditing, baseline compliance, and automated remediation jobs.
Senior Security Engineer
Confidential, McLean, Virginia
Responsibilities:
- Conduct Security Tests & Evaluations.
- Develop Standard Operating Procedures for various security tools.
- Deployment of Confidential Confidential -Policy Orchestrator.
Deputy Director of Enterprise Operations Center
Confidential, Springfield, Virginia
Responsibilities:
- Conduct briefings with CIO and Senior Staff to maintain Situational Awareness
- Provide Government Oversight for 60 contractors and six government watch officers.
- Monitor the progress and remediation of audit findings (POA&Ms).
- Served as voting member of Change Control Board.
Senior Security Consultant
Confidential, Oakton, Virginia
Responsibilities:
- Provide technical guidance in the creation of a System Security Plan
- Ensured all devices (servers, workstations, network devices, etc) met Security Baselines
- Created and enforced a Vulnerability and Patch Management Program
- Served as a voting member of the Change Control Board
Information Assurance Manager
Confidential, Oakton, Virginia
Responsibilities:
- Responsible for conducting vulnerability assessments and mitigation of all found vulnerabilities.
- Audit systems and mitigate vulnerabilities in support of the yearly and Accreditation process.
- Develop and enforce security policies.
- Report and investigate security incidents.
- Conduct annual security awareness .
- Create standard operating procedures.
- Review and audit firewall rules and Access Control Lists.
- As a voting member of and engineering review board and Change Control Board, review and approve/disapprove all proposed changes to the network.
Senior Security Architect
Confidential, Reston, Virginia
Responsibilities:
- Responsible for ensuring the design and changes to the design met the moderate baseline security controls.
- Advised developers, network engineers, and system administrators on the security controls necessary to meet various regulations to include, Department of Homeland Security Policies, Confidential Moderate Baseline, and best business practices.
- Responsible for leading the ‘hardening’ process of servers, workstations, and network devices.
- Validation of all security controls to ensure they were properly being implemented. This was accomplished through interviews, vulnerability scans, and manual audits.
Information Assurance Manager
Confidential, Ashburn, Virginia
Responsibilities:
- Responsible for conducting vulnerability assessments and mitigation of all found vulnerabilities.
- Audit systems and mitigate vulnerabilities in support of the yearly and Accreditation process.
- Develop and enforce security policies.
- Report and investigate security incidents.
- Conduct annual security awareness .
- Create standard operating procedures.
- Review and audit firewall rules and Access Control Lists.
- As a voting member of and engineering review board and Change Control Board, review and approve/disapprove all proposed changes to the network.
Network Engineer/Systems Consultant
Confidential, Maryland
Responsibilities:
- Conducted summary meetings to discuss findings and offer recommendations to administrative and technical personnel through oral presentations and written reports.
- Troubleshoot and resolve network, desktop, operating system, and server-based issues to ensure optimal and stable product use.
- Provided highest level of support for escalations.
- Worked with various groups within the organization to provide recommendations for future product development.
- Built various makes and models of servers and configured OS and hardware including array controllers, memory, modems, tape backup devices, drive arrays and multiple processors.