SUMMARY

Professional Cyber Security analyst with years of experience in performing Security Assessment & Authorization, Certification & Accreditation, Security Planning, Business Continuity Planning, Risk Assessments, Vulnerability Management, Security Test & Evaluation, Policy and Process Development using the applicable frameworks such as FISMA, NIST 800 - 53 rev. 4, NIST 800 - 37, NIST 800-34, ISO 27001 to comply with various private and federal agencies issuance and guidelines.

TECHNICAL SKILLS

• NIST 800 - 53 REV. 4
• NIST 800 - 37
• NIST 800 - 40 rev 2
• NIST 800 - 60
• NIST 800 - 18
• NIST 800 - 137
• Vulnerability Management
• FISMA
• Risk Management Framework
• IT Security and Risk Management
• Microsoft Word
• Excel
• Power Point
• Share Point
• CSAM and XACTA. Windows OS: Windows 7, 8, 10
• Windows Server 2008 Active Directory Proficient in Microsoft Office Applications (Excel, Word, PowerPoint)

PROFESSIONAL EXPERIENCE

Confidential

CYBER Security Analyst

Responsibilities:

• Perform Federal Compliance over system application and security using FISMA, NIST 800-53 frameworks.
• Perform Security Categorization (FIPS 199), Privacy Threshold Analysis (PTA) and E-Authentication with system owners and selected stakeholders.
• Develop and conduct ST&E (Security Test and Evaluation), Security Assessment plan (SAP) according to NIST SP 800-53A.
• Document and Review security plans (SP), contingency plans (CP), contingency plan tests (CPT), privacy impact assessments (PIA), and risk assessment (RA) documents per NIST 800 guidelines for various government agencies.
• Assist in review of policy, security alerts, guidance, regulations and technical advances in IT Security Management
• Utilize processes within the Security Assessment and Authorization environment such as system security categorization, development of security and contingency plans, security testing and evaluation, system accreditation and continuous monitoring.
• Contribute to initiating FISMA metrics such as Annual Testing, POA&M Management, and Program Management.
• Perform vulnerability and compliance scan, using Nessus to detect vulnerabilities and validate compliance with policies and standards
• Perform risk assessment and develop Security Assessment Report with findings and suggest remediation
• Performed RMF assessment on several different environments using both scanning tools and manual assessment. Assessment included initiating meetings with various System Owners and Information System Security Officers (ISSO), providing guidance of evidence needed for security controls, and documenting findings of assessment using NIST 800-53 & NIST 800-37.
• Conduct Security Risk Assessment on new Vendors and annual Vendors’ Risk Assessment. Assist management in authorizing the IT Systems for operation based on whether the residual risk is at an acceptable level or whether additional compensating controls should be implemented.

Confidential, Largo, MD

IT Administrator

Responsibilities:

• Performed installation, configuration and support the Microsoft XP/Vista/Windows 7/8/10 operation system laptops and desktop computers in a client/server environment.
• Supported resolution of end user trouble tickets and support requests and close such tickets timely. Perform password reset and unlock users’ accounts that were locked out after attaining the threshold of unsuccessful login attempt for users.
• Compliance scan with Nessus to detect deficiencies and validate compliance of information systems configuration with organization’s policies and standards such as Center for Internet Security ( Confidential ) benchmarks
• Analyzed vulnerabilities to determine remediation measures and rule out false positive using resources such as Confidential Database ( Confidential ), Confidential, Confidential, and Confidential Web. Develop Vulnerability Assessment Report (VAR) to document findings and recommend remediation measure. Brief Senior Executives, Information System Security Officers, System Administrators on the vulnerability report and the recommended remediation
• Assisted in the planning of remediation strategies. Propose new initiatives to increase efficiency, better and faster processes of accomplishing tasks. Author Standard Operation Procedure (SOP) for Vulnerability Management for process improvement.

Confidential

Technical Support Specialist

Responsibilities:

• Responsible for migrating and remote clients installed, remote connectivity issues, imaging, upgrading, patching, configured windows desktop setting (Win 8, 7, XP).
• Troubleshoot various problems the operating systems as well as with Microsoft application suite.
• Train users on operation systems, acts end users, advise the users on appropriate action, system utilities, backups, developed and created user-friendly database in order to generate certificate.
• Assisted to enable and or to deploy database, restore at times system crash on timely fashions, resolving problem log on site.
• Attend to ticketing, escalate the ticket to appropriate region, handling their request with satisfaction, resolving issues with certificate pending using subversion release to solve the problem.
• Provide general administrative support including, drafting letters, creating and maintaining student file, giving course material, preparing exam notices, creating newsletters and maintaining notice board.
• Maintaining admissions databases and preparing basic admissions and enrolment statistics collecting and tracking student fees and issuing receipts.