Cybersecurity Risk Analyst Resume
SUMMARY
- Information security specialist with experience in executing Certification and Accreditation (C&A) activities, PO&AM Management, Risk Assessments, Identity & Access Management (IAM)/Privilege Access Management (PAM) best practices, Sarbanes - Oxley (SOX) and Payment Card Industry (PCI) security audits and developing secure IT management systems.
- Consistently demonstrated teh ability to capture and transform business requirements into technological solutions that exceed stakeholder expectations. Seeking an opportunity to continue leveraging expertise in Information Security and Information Assurance.
TECHNICAL SKILLS
Experience with: Cyber Security Assessment Management System (CSAM), Splunk Enterprise, Tenable Security Center, Qualys, Micro Focus WebInspect, Azure Sentinel, VMWare Fusion Pro, ServiceNow (SNOW), KACE, JAMF, Jira, CyberArk, CA Privilege Access Manager (PAM), SailPoint, USAccess, Microsoft SharePoint 2013, SharePoint 2010, SharePoint 2007, InfoPath 2013, InfoPath 2010, InfoPath 2007, SharePoint Designer 2010, SharePoint Designer 2007, ServiceNow, Tableau, Intralinks, Ardoq, Active Directory, SQL Server Management Studio, SQL Server 2008, VBScript
Proficient in: Microsoft 0365 (InfoPath, Outlook, Word, Excel, PowerPoint, Teams, Skype, OneNote, Project, Visio Professional), Windows OS (2000, XP, Vista, 7, 8, 10), macOS (10.13, 10.14, 10.15, 11), Ubuntu, Slack, Truello, Yammer, Cisco Jabber
PROFESSIONAL EXPERIENCE
Confidential
Cybersecurity Risk Analyst
Responsibilities:
- Acquire a cloud security and compliance solution for 800+ employees to grow teh internal cyber program of teh organization.
- Implement cloud security and compliance solution via Cloud Agents to manage Windows, Mac, and Linux based assets, identify threats, remediate vulnerabilities, and deploy patches.
- Align organization to achieve Cybersecurity Maturity Model Certification (CMMC) Level 3 and FedRAMP Moderate policy compliance by identifying control failures, employing policies, and assessing procedures to determine if controls are implemented.
- Update onboarding/offboarding processes for 8 heritage companies to utilize post-merger.
Confidential
Information Systems Security Officer
Responsibilities:
- Implemented Agency Cyber Security Assessment Management (CSAM) System controls and artifacts for Authority to Operate (ATO) requirements.
- Facilitated all 6 steps in teh RMF process for client organizational systems on teh on teh monitoring of security controls across teh system development lifecycle.
- Created, updated, and closed Bureau Plan of Action and Milestones (POA&Ms) based on high/critical vulnerabilities.
- Analyzed third-party FedRAMP Cloud Service Provider (CSPs) packages for teh following: security control compliance, approving SAP/SAR/ POA&M, issuing ATO, assessing monthly continuous monitoring deliverables, performing risk analysis of teh authorization package, and conducting review of annual assessment materials.
- Designed System Security Plan (SSP), Configuration Management Plan (CMP), and Contingency Plan (CP) components: technical specifications, architectural diagrams, and configurations for agency applications.
- Streamlined FIPS 199, Business Impact Analysis (BIA), Privacy Impact Assessments (PIA), E-Authentication and Memorandum documents detailing security impact categories for teh transmission, storage, and processing of data.
- Produced Risk Assessments to identify threats to system security, teh probability of occurrence, resulting impact and apply safeguards for mitigation.
- Updated Enterprise Policies from NIST Rev4 Security Controls to Rev5 for applicability and compliance.
- Team lead for Splunk Enterprise data indexing, reporting and analytics of application server logs.
- Team lead for Tenable Security Center Vulnerability reporting, dashboards and analytics.
- Team lead for Qualys Web Application scans, analysis of identified Common Weakness Enumeration (CWE) and OWASP security risks, and facilitation of remediation activities.
- Updated Risk Management Maturity Questionnaires and inactive Active Directory (AD) user accounts for Audit walkthroughs in support of FISMA Provided by Client (PBC) deliverables.
- Facilitated IAM specific PBC walkthroughs to determine ICAM strategy, account provisioning and management, account monitoring and periodic reviews, remote access, authentication mechanisms, least privilege, separations of duties and session controls.
Confidential
Senior Consultant
Responsibilities:
- Facilitated an onsite IAM workshop with commercial stakeholders to document observations and gaps between current state architecture, planned initiatives, and desired future state (People, Process, and Technology) to develop teh organization’s next-gen IAM capabilities.
- Identified current state architecture and gaps of business processes from HR, audit, operations and security perspectives, for teh purpose of automating manual processes and providing strong governance.
- Defined IAM requirements for future state architecture based on client capability area and function.
- Developed Identity Use Cases for onboarding, off-boarding, employment conversions, transfers, rehires, and urgent terminations for employees and contractors.
- Performed IAM vendor analysis and recommendations based on resources and cost.
Confidential
Senior Consultant
Responsibilities:
- Led client Health Checks to determine Privilege Access Management (PAM) tool deployments, inventory of PRIV users/accounts/devices, PRIV types, PRIV attributes, AD network accounts, 3rd Party Integration of PAM services, target device groups, naming standards, current data exports, licensing and server quantities.
- Created client Decision Point Reports (DPRs), to define implementations, issues, pain-points, challenges, and concerns, and guide teh Gap Fill planning and associated processes.
- Created teh Solution Implementation Architecture (SIA) document to provide Agency HQ with current and future state architectures, data flows, data processing, dashboarding, design recommendations, implementation approaches, deployment plan, assumptions, risks and dependencies.
- Managed client Weekly Technical Exchange Meetings (TEM) for teh Master User Record (MUR) Gap Fill effort, to facilitate teh PAM tool/solution overview, integration of data from client CyberArk/CA PAM into HQ SailPoint and identify expected gaps in MUR data.
- Facilitated weekly Integrated Project Team (IPT) meetings with management to discuss legacy and current PAM tool lab activities.
Confidential
Cyber Risk Advisory Senior Consultant
Responsibilities:
- Developed Personal Identification Verification (PIV) Card Issuance Facility (PCIF) Requirements and guidelines for teh creation of 204 independent and fully operational PIV card issuing facilities.
- Reverse-engineered client Budget and streamlined funding allocated for teh acquisition of an enterprise-wide PIV solution.
- Established a role holder mapping strategy to ensure appropriate access rights/privileges for personnel utilizing teh new enterprise-wide PIV Solution.
- Updated VA policies to abide to Homeland Security Presidential Directive 12 (HSPD-12), Federal Information Processing Standards Publication (FIPS-201-2), and NIST Special Publication 2 requirements.
- Renewed, terminated and recycled over 2,000 PIV cards to ensure cards were activated and re-issued appropriately, personnel were tracked, and cardstock was managed and distributed to facilities for PIV enrollment.
- Facilitated PIV enrollment and adjudication (fingerprinting, processing and card creation) for employees that required PIV card renewals utilizing teh enterprise-wide PIV solution.
- Created teh transition strategy and training documentation for teh PIV badge office, increasing productivity and decreasing time spent per card renewal appointment.
- Remediated OIG Risk Resilience Management (RMM) recommendations based on 2014 audit through submission of evidence packages with CISO stakeholders & SMEs, to achieve 100% maturity of teh client IAM Program.
- Led UAT in CAT and PROD environments for a 3-month implementation of SailPoint CDM behavior monitoring, resulting in enhanced reporting capabilities and replacement of existing technologies.
- Served as teh SharePoint Administrator to ensure appropriate access privileges, facilitating teh migration, testing, and upgrade of SP 2010 to SP 2013, creating SP lists/libraries, and maintaining day-to-day operations.
- Standardized Remote Desktop Protocol (RDP) requirements for reporting and tracking of users and identified teh validity of RDP usage across enterprise.
- Lead of teh client IT Controls Automation (ITCA) tool to continuously monitor, assess and remediate configuration settings for 23 access security controls across 6 platforms ensuring Sarbanes-Oxley (SOX) compliance.
- Managed quarterly ITCA upgrades and process of Technology Solution Life Cycle (TSLC) artifacts and approvals.
- Evaluated access management controls to conduct annual IT SOX testing and identify control coverage, gaps, and potential remediation efforts for SOX in-scope systems.
- Updated Risk Acceptance Letter (RAL) and Security Exception Letter (SEL) forms of vulnerabilities, risk acnoledgements, and commitment to short- or long-term vulnerability remediation.
- Validated Payment Card Industry (PCI) system assets for annual PCI Assessments. Analyzed configuration settings, server, and IP addresses and assist technical leads in providing updated application data.
- Evaluated Functional Segregation of Duty (FSoD) roles and functions and performed annual FSoD recertification to monitor and prevent individuals from committing or concealing fraud.
Confidential
POA&M Analyst
Responsibilities:
- Mitigated and remediated POA&Ms of 28 client Government Agencies utilizing CSAM.
- Assessed teh quality of POA&M security artifacts and completion of milestones to remediate system vulnerabilities.
- Monitored risk-based decisions (RBDs), waivers, privileged user account exception requests, Interconnection Security Agreements (ISA) sharing data, and Agency System After Action Reviews (AARs) for conformity with POA&M status.
- Developed monthly POA&M executive reports for use in teh USDA FISMA scorecard, generated by vulnerability scanners and intrusion detection systems.
- Updated teh SSP, internal security policy, POA&M SOP, and training documentation.
Confidential
Information Security Analyst
Responsibilities:
- Identified vulnerabilities and analyzed security controls to facilitate compliance with teh Federal Reserve Board’s (FRB) Information Security Program.
- Processed FRB systems through teh entire RMF lifecycle: categorizing systems, identifying, implementing, and assessing applicable controls, authorizing for permissible risks, and continuous monitoring.
- Provisioned access permissions of 300+ FRB staff to client applications, AD groups, and Mainframe system.
- Created automated business workflows to facilitate annual management reviews and approval of access changes.
- Performed test sessions of user access approval workflows and created logs to track issues/changes.
- Migrated SharePoint 2010 to SharePoint 2013, resulting in growth, increased functionality and ease of site usability.