Information Assurance Analyst Resume

SUMMARY:

About four years of IT Support and Cyber Security experience with concentrations on enterprise Security Risk Management with in - depth knowledge in managing and auditing Information Systems for compliance. Provide security solutions for Data and Networks using best practices and customized solutions. Knowledge of FISMA, NIST, DHS-RMF, DHS4300, XACTA, and CSAM. Support Information Assurance activities specifically A&A, ISSO and RMF Assessments and Authorizations.
Detail Oriented
Data Management
Regulatory Compliance
Disaster Recovery Plans (DRP)
Change Control and Configuration Management
Network & System Security
Vulnerability Management (VMs)
Multi-Tasking
Information System Audits
Network & System Security
Security Assessment Reports (SAR)

TECHNICAL SKILLS:

Security Technologies: Nessus Security Center

Software: MS Office (Word, Excel, Outlook, Access, PowerPoint)

PROFESSIONAL EXPERIENCE:

Information Assurance Analyst

Confidential

Responsibilities:

Experience developing and updating system categorization levels using FIPS 199/NIST, selecting the controls using NIST /FIPS 200, implementing controls and developing SSP and other key deliverable documents
Carried continuous monitoring after authorization to operate (ATO) to ensure continuous compliance with the security requirements.
Put together Authorization Packages (SSP, POA&M and SAR) for Information systems to the Authorization Officer.
Ensure security policies, and recommendations comply with NIST, FISMA, organizational guideline and technical best practices.
Develop and maintain artifacts for A&A (Formally C&A) Process included but not limited to (SSP, SAR, RTM, CM, CP, CPT, SAP, and POA&Ms).
Updated Plan of Action & Milestone (POA&M) and Risk Assessment based on findings assessed through monthly updates.
Utilizes the Cyber Security Assessment and Management (CSAM) to record, manage and assess common threats and vulnerabilities. Track and manages POA&M in CSAM.

IT SECURITY ASSESSOR

Confidential

Responsibilities:

Scheduled kick off meetings with system owners to help identify assessment scope, system boundary, the information system's category and attain any artifacts needed in conducting the assessment .
Developed Security Assessment Plan (SAP) to initiate Security Assessment for low, moderate and control information systems.
Perform vulnerability assessment of information systems to detect deficiencies and validate compliance using management tracking tool. (CSAM)
Performs security controls assessments using NIST SP A as a guide by means of the assessment methods such as Interview, Examination and Testing.
Determines Technical, Operational and Management security controls effectiveness by assessing whether controls are implemented correctly, operating as intended, and meeting security requirements.
Creates Requirement Traceability Matrix (RTM) and documents whether controls being assessed passed or fail using NIST SP A as a guide.
Creates and finalizes Security Assessment Report (SAR) and give recommendations to ISSO on how to mitigate or remediate reported weaknesses and vulnerabilities.

CREDIT ANALYST

Confidential

Responsibilities:

Arranged risk rating of credit with minimal guidance.
Analysed mortgage compliance issues and aided with resolution.
Processed safe deposit box and loan payments, and referred customers to appropriate financial services and products as required.
Performed financial and industry analyses and prepared supporting documentation for client credit approval.
Evaluated Balance Sheet, Income Statements, and other financial data of customers who exceed the assigned credit limit.