Information Systems Security Officer Resume
Denver, CO
SUMMARY
- Highly self - motivated Cybersecurity Analyst/Auditor with a Top-Secret Clearance.
- Possesses refined Information System Security and Vulnerability Management experience.
- Currently looking to further my career in Cybersecurity with a Mid-level Operational/Engineering Security role within a fast-moving and respected organization.
TECHNICAL SKILLS
Applications/Tools: CDBurnerXP, eMASS, Port Protection Program (P3), MS Office, Qualys, SCC, Splunk, STIG Viewer, Tableau, Tenable.io, Unisys Stealth, VISIO, Virtual Box, vSphere, Wireshark
Certifications: Amazon Web Services (AWS) Certified Solutions Architect - Associate, CompTIA Linux+, CompTIA Network+ ce, CompTIA Security +ce, LPIC-1, Qualys Vulnerability Management Proficiency, Qualys Web Application Scanning Proficiency, Splunk Core Certified User, Tenable.io Proficiency
Networking & Firewalls: OSI Model, TCP/IP Model, Packet Analysis & Inspection, Firewall rules, Port Scanning (nmap)
Operating Systems: Windows 7/10/Server 2008 R2/Server 2016, RHEL 5/6/7, SuSE 11, Solaris 10
Programming/Development: Bash, Visual Basic, SQL
Publications: NIST Revision 4, NISPOM, DAAPM, NIST
PROFESSIONAL EXPERIENCE
Information Systems Security Officer
Confidential, Denver, CO
Responsibilities:
- Responsible for the operational and logistical security of information systems in LANs/WANs
- Tasked with maintaining information system ATOs via eMASS and practicing Continuous Monitoring
- Authorize systems using the RMF from NIST by applying overlays and tailoring controls specific to the system with the help of NIST, NISPOM, and DAAPM.
- Utilize Splunk to perform log analysis and correlate auditable events within information systems
- Perform SCAP scans and STIG checklists on information systems
- Automate processes and auditing procedures on RHEL using Bash scripts
- Brief users of information systems to ensure and enforce security awareness
- Conduct weekly auditing procedures on information systems and performing checks such as verifying user permissions, privilege escalation, account modifications, up-to-date virus definitions, etc.
Information Security Intern
Confidential, Albany, NY
Responsibilities:
- Provided web application scanning and support to NYS agencies, with focusing on over 200 critical, internet-facing web applications
- Reviewed agency scan reports to help identify false positives, make recommendations and provide solutions for identified vulnerabilities on over 50+ scans a week
- Conducted vulnerability management through the effective use of scanning, defining remediation actions, tracking remediation efforts by operational units, and post remediation verification
- Configured web application scanning using concepts such as whitelisting/blacklisting and regex
- Created and edited SOPs to ensure streamlined reporting and standardization procedures
- Collaborated with Unisys Stealth Security team to formulate Network Security solutions
- Rolled-out Endpoint-Security Updates to Prod/Non-Prod Servers to multiple NYS Agencies
Information Systems Project Manager
Confidential, Albany, NY
Responsibilities:
- Tasked with leading team through multiple stages of Iterative and Agile development processes
- Skilled in developing Use Cases, User Stories/User Goals, ERDs, SDLCs, Domain Class Models, Event Tables, CRUD, and many other system design/analysis techniques