We provide IT Staff Augmentation Services!

Sr. Information Assurance Specialist Resume

SUMMARY

  • Information Assurance Professional
  • Extensive experience in Project Management techniques and Information Systems
  • Master’s Degree in Information Systems Security
  • CompTIA Security+ Certification (ce)
  • Information Technology Infrastructure Library (ITIL) V3 Intermediate Certification (Operational Support and Analysis)
  • Resourceful manager and leader
  • Hold a wide range of analytical and process improvement skills

PROFESSIONAL EXPERIENCE

Sr. Information Assurance Specialist

Confidential

Responsibilities:

  • Provided security policy interpretation, research, and development; information systems security; information technology research and analysis in support of the U.S. Drug Enforcement Administration (DEA)
  • Directed cyber security planning, implementation and industrial security best pratices
  • Engaged in information technology policy/guidelines development; and information security requirements
  • Stayed at the forefront of assessing and validating RMF controls and trained junior level analyst on the Steps 1 - 3 of the Risk Management Framework
  • Created ATO packages including the Security Assessment Reports
  • Fully engaged in ensuring that continuous monitoring and Security Impact Analysis was completed

Sr. Cyber Security Analyst

Confidential

Responsibilities:

  • Examined system documentation to determine if System Security Plans and equivalent documentation is accurate and updated
  • Confirmed security category, identify threats, and ensure security controls are adequately described
  • Created Gap Analysis between IA controls as they relate to DISA STIGs
  • Conducted risk assessments to ensure security controls and countermeasures are identified to compensate for weaknesses to reduce risk to agency operations, assets, or individuals
  • Assembled documentation and supporting material required for assessments while considering previous findings and audit results
  • Facilitated kick-off meetings with system owners, senior decision makers, and management to review Assessments and Authorization schedules for the upcoming year
  • Addressed new requirements, policy changes, or other modifications affecting the information technology program office and systems
  • Performed Security Assessment Program to include technical and non-technical Independent Verification and Validation (IV&V) assessments for all supported customers security mission, program, plans, and security requirements affecting confidentiality, integrity, availability, non-repudiation and accountability of an effective and hardened security posture
  • Performe various automated testing, examination, scanning, interviewing and discoveries to identify, validate and assess vulnerabilities
  • Ensured Vulnerability Report objectives are met IAW FISMA, DODI

Senior Information Assurance Engineer

Confidential

Responsibilities:

  • Remediated and mitigated findings from FISMA, Trusted Internet Connection (TIC), A&A and Blue/Red Team assessments
  • Acted as a liaison for security related issues and collect required data points in order to accomplish organizational objectives
  • Provided the Enterprise Network Management (ENM) Director a weekly snapshot of the remediation process and system security posture by tracking non-compliance via the use of dashboards
  • STIG review and remediation based on findings as they relate to the POA&M
  • Defined an organizational approach to address IT security remediation
  • Identified data sources; display structured dashboard accessible to ENM leadership in order to make informed decisions
  • Documented program risks, to include internal and external influences
  • Developed dedicated SharePoint portal for IT Security & Compliance team to maintain documents for ENM organization
  • Chaired Information Assurance (IA) Compliance Team meetings in support of Department of State (DOS)
  • Performed a Trend Analysis which focused on an 8 months period of POA&M closures
  • Received acclaim from the DCIO Team through Branch Chief, regarding the level of work that had been accomplished regarding POA&M closures
  • Performed Data Analysis between Plan of Actions and Milestones and provide results to the DCIO Team

Senior Information Assurance Analyst

Confidential

Responsibilities:

  • Developed C&A packages using Enterprise Mission Assurance Support Service (eMASS); manage C&A packages for collaboration and approval by the Designated Approval Authority (DAA)
  • Wrote the Plan of Actions and Milestones (POA&M) and posted mitigation strategies for 9 C&A packages which later resulting in a confirmation of a three year Authority to Operate (ATO)
  • Created Gap Analysis between DIACAP IA controls as they relate to DISA STIGs
  • Developed Ports Protocol and Services Registrations for Navy Criminal Investigations Agency (NCIS) to be approved by SPAWAR
  • Maintained responsible for coordinating the artifacts for Interim Authority to Test (IATT) when operational environment is required to complete test objectives
  • Composed Baseline Approval Procedures in order to capture a NCIS Baseline Approval Process compose
  • Chaired all collaboration meetings with DAA, Certification Authority (CA) and Information Assurance Manager (IAM)
  • Lead DoD 8500.2 IA Control Validation Reviews and compile validation results in the DIACAP Scorecard for compliance reporting
  • Develop System Identification Profiles (SIP) and DIACAP Implementation Plans (DIP) to support Naval Criminal Investigative Services (NCIS) Law Enforcement Network (LawNet) Classified and Unclassified networks C&A packages
  • Performed C&A document analysis with Joint Worldwide Intelligence Communications System (JWICS) artifacts; make recommendation to Information Assurance Officer (IAO) based on Intelligence Community Directive (ICD) 503 guidance
  • Designated as the exclusive IA section administer of the DON Application & Database Management System (DADMS); the authoritative data source for DON IT system, application, database, and network inventories
  • Developed JWICS Incident Response Procedures Flow Diagrams for the DoD Joint Security Implementation Guide (DJSIG) SSAA for the C&A Package
  • Selected as the C&A Lead on the Virtual Desktop Implementation (VDI) at Navy Criminal Investigative Service (NCIS)

Senior Business Analyst

Confidential

Responsibilities:

  • Developed technical project plans, proposals, reports, and task order and administrative reporting
  • Transformed and stabilize new initiatives: Identified opportunities for organizational improvement within the AGNOSC, ACOIC, ARFORCYBER and scope solutions through written project/action plans that consider Service Strategy, Design, Transition, Operation, and Continual Service Improvement business practices
  • In concert with H HQ, external stakeholders, industry and academia; identified process gaps(GAP Analysis) and devises executable solution sets that can be integrated and implemented among A-GNOSC components; conducted capability analysis to implement Standard Enterprise NETOPS tools
  • Integral and key collaborator in the creation of the A-GNOSC ITSM CONOPS, ITSM Tactics Techniques and Procedures (TTP); assisted in developing NETOPS Service Catalog, Continuous Service Improvement Plan, Process Maturity Assessments, SLA OLAs, and Underpinning contracts
  • Synthesized organizational priorities, requirements, unit background data, best business practices and documentation on matters pertaining to complex regulatory and public policy issues across a multitude of functional areas
  • Reviewed and evaluated regulation implementation; provides ISO 20000 and ITIL knowledge and promotes Operation and ITIL-based processes
  • Strategic and Service Improvement: Independently planned, coordinated and implemented through completion all actions necessary to accomplish transformational milestones: designed analysis plans, execute work products, develop recommendations, and coordinated internally and externally with other staff elements and functions
  • Analyzed data to identify trends, relationships, and problems by ensuring policy compliance; identified areas requiring study and those which can serve as benchmarks to measure resource use and efficiency
  • Mapped higher headquarters campaign milestones to A-GNOSC process environment to identify A-GNOSC strengths and weaknesses (SWOT Analysis) and recommend corrective action
  • Formed, facilitated and participated in meetings and work groups, provide written charters to guide effort
  • Ensured quality assurance of on-time project deliverables

Hire Now