Seeking an Information System Auditor or Information Assurance position in a growth oriented organization with focus on IT Security and Risk, System Security monitoring and Auditing; Risk Assessments; Audit engagements; and Testing Information Technology Controls.
A proven project and team lead with aptitude for good customer service, leadership and excellent communication (both oral and written) skills.
FUNCTIONAL AREAS OF EXPERTISE INCLUDE BUT NOT LIMITED TO:
- Information Systems Security
- Vulnerability Assessment
- Help Desk Support
- Project Management and Support
- Security Life Cycle
- Systems Risk Management
- Systems Development Life Cycle
- Technical Writing
- Business Application User Support
Knowledge of networks operating systems such as: UNIX, Windows 7 and 8. Experienced with PC hardware, software, networking technologies and strong troubleshooting skills.
Software: Retina Vulnerability Scanner, Nessus Vulnerability Scanner, Microsoft Baseline Security Analyzer (MBSA), BMC Remedy Applications and Siebel v.7.8, Security Center, Vmware vCenter Protect Essential (Shavlik), AccessData Forensic Server 2003, 2008, Windows 8, 7, xp
Confidential, Potomac, MDInformation System Auditor
- Contributed to the overall strategy development, devising key themes and messages to support Request for Proposal (RPF) bids.
- Responsible for the development of key security standards by performing an in - depth security assessment of DFC information systems in order to maintain HIPPA compliance by implementing guidelines and standards identified in the National Institute of Standard and Technology ( Confidential ) 800-66 in facilities throughout the US. and District Of Columbia.
- Provide information and/or technical assistance to users concerning the development and maintenance of the computer network or for resolutions of special problems.
- Prepared and submitted Security Assessment Plan (SAP) to CISCO for approval.
- Developed and Conducted Contingency Plan and Test
Confidential, Bethesda, MDInformation System Auditor
- Assisted in the development of an Information Security Continuous Monitoring Strategy to help Confidential in maintaining an ongoing awareness of Information Security ( Ensured continued effectiveness of all security controls)
- Developed and E-Authentication report to provide technical guidance in the implementation of electronic authentication.
- Conducted Kick off meetings in order to categorize Confidential ’s systems according to Confidential requirements of Low, Moderate, or High Systems.
- Developed Risk Assessment reports.
- These reports identified threats and vulnerabilities applicable to Confidential systems.
- In addition, it also evaluates the likelihood that vulnerabilities can be exploited, assess the impact associated with these threats and vulnerabilities, and identify the overall risk level.
- Led in the development of Privacy Threshold Analysis (PTA), and Privacy Impact Analysis (PIA) by working closely with the Information System Security Officers (ISSO’s), the System Owners, the Information Owners and the Privacy Act Officer.