A detail oriented individual with over 5yrs experience in cyber security field, information Security with focus on Confidential, System Security Monitoring and Auditing, Risk Assessments, Security Control Assessment and Developing Security Policies, Procedures according to Confidential Standards and guidelines, deeper knowledge of the Confidential Special Publications.
Confidential, Upper Marlboro - Maryland
- Conduct risk assessments and collaborate with clients to provide recommendations regarding critical infrastructure, network security operations and Continuous Monitoring processes.
- Extensive knowledge in Categorizing Information Systems (using FIPS 199 as a guide)
- Create, update and revise System security Plans, Confidential audits, Contingency Plans, Incident Reports and Plan of Action & Milestone
- Review privacy Impact Assessment document after a positive PTA is created and ensure PII findings are recorded in the System of Record Notice (SORN)
- Document and finalize security Assessment Report and Performing security assessment and continuous monitoring of cloud computing services on multi-agency systems in accordance to Fed RAMP security control baselines
- Evaluate threats and vulnerabilities based on tenable reports and also Implement Risk Management Framework in accordance with Confidential SP 800-37.
- Classification and categorization of information Systems using the RMF processes to ensure system Confidentiality, Integrity and Availability.
- Provide audit briefings to agency and Information System Security Officer's (ISSO), to assist in the preparation of independent audit assessments with the agency's goal of improving their operational effectiveness and ensuring that all findings are documented as Plan of Action & Milestones within their Trusted Agent Confidential tool.
- Develop, review and update System Security Plans (SSP) against Confidential 800-18 and Confidential 800 53 requirements.
- Participate in Confidential Kick-off Meeting and populate the Requirements Traceability Matrix (RTM) per Confidential SP 800-53A update and revise System security Plans, Confidential and FISCAM audits, Contingency Plans, Incident Reports and Plan of Action & Milestone