Information Assurance Analyst Resume
4.00/5 (Submit Your Rating)
SUMMARY:
- About four years of IT Support and Cyber Security experience with concentrations on enterprise Security Risk Management with in - depth knowledge in managing and auditing Information Systems for compliance. Provide security solutions for Data and Networks using best practices and customized solutions. Knowledge of FISMA, NIST, DHS-RMF, DHS4300, XACTA, and CSAM. Support Information Assurance activities specifically A&A, ISSO and RMF Assessments and Authorizations.
- Detail Oriented
- Data Management
- Regulatory Compliance
- Disaster Recovery Plans (DRP)
- Change Control and Configuration Management
- Network & System Security
- Vulnerability Management (VMs)
- Multi-Tasking
- Information System Audits
- Network & System Security
- Security Assessment Reports (SAR)
TECHNICAL SKILLS:
Security Technologies: Nessus Security Center
Software: MS Office (Word, Excel, Outlook, Access, PowerPoint)
PROFESSIONAL EXPERIENCE:
Information Assurance Analyst
Confidential
Responsibilities:
- Experience developing and updating system categorization levels using FIPS 199/NIST, selecting the controls using NIST /FIPS 200, implementing controls and developing SSP and other key deliverable documents
- Carried continuous monitoring after authorization to operate (ATO) to ensure continuous compliance with the security requirements.
- Put together Authorization Packages (SSP, POA&M and SAR) for Information systems to the Authorization Officer.
- Ensure security policies, and recommendations comply with NIST, FISMA, organizational guideline and technical best practices.
- Develop and maintain artifacts for A&A (Formally C&A) Process included but not limited to (SSP, SAR, RTM, CM, CP, CPT, SAP, and POA&Ms).
- Updated Plan of Action & Milestone (POA&M) and Risk Assessment based on findings assessed through monthly updates.
- Utilizes the Cyber Security Assessment and Management (CSAM) to record, manage and assess common threats and vulnerabilities. Track and manages POA&M in CSAM.
IT SECURITY ASSESSOR
Confidential
Responsibilities:
- Scheduled kick off meetings with system owners to help identify assessment scope, system boundary, the information system's category and attain any artifacts needed in conducting the assessment .
- Developed Security Assessment Plan (SAP) to initiate Security Assessment for low, moderate and control information systems.
- Perform vulnerability assessment of information systems to detect deficiencies and validate compliance using management tracking tool. (CSAM)
- Performs security controls assessments using NIST SP A as a guide by means of the assessment methods such as Interview, Examination and Testing.
- Determines Technical, Operational and Management security controls effectiveness by assessing whether controls are implemented correctly, operating as intended, and meeting security requirements.
- Creates Requirement Traceability Matrix (RTM) and documents whether controls being assessed passed or fail using NIST SP A as a guide.
- Creates and finalizes Security Assessment Report (SAR) and give recommendations to ISSO on how to mitigate or remediate reported weaknesses and vulnerabilities.
CREDIT ANALYST
Confidential
Responsibilities:
- Arranged risk rating of credit with minimal guidance.
- Analysed mortgage compliance issues and aided with resolution.
- Processed safe deposit box and loan payments, and referred customers to appropriate financial services and products as required.
- Performed financial and industry analyses and prepared supporting documentation for client credit approval.
- Evaluated Balance Sheet, Income Statements, and other financial data of customers who exceed the assigned credit limit.