Senior It Security Analyst Resume
3.00/5 (Submit Your Rating)
New, YorK
SUMMARY:
- Seeking an IT Security Analyst and Security Control Assessor position in a growth - oriented organization with focus on the following; FISMA, system security monitoring and auditing, risk assessments, testing information technology controls and developing security policies, procedures and guidelines.
- A demonstrated leader in Information Security and Risk Management with focus on FISMA, System security evaluation, validation, monitoring, risk assessments and audit engagements. I am an accomplished analyst with over five years of experience in assessing information security risks and coordinating remediation efforts. I have strong managerial skills and expertise in developing strategic partnerships. I am very adaptive and have analytical and organizational skills and willing to relocate
- FIPS 199/FIPS200
- NIST Special Publications (NIST SP) Series
- Security Control Assessor
- Security Categorization
- Security Assessment Reporting (SAR)
- Plan of Action & Milestones (POA&M)
- Risk Management Framework
- Health Insurance Portability and Accountability Act (HIPPA)
- System Security Plan
- MS Office
- Effective interpersonal and verbal/written communication skills
- Ability to multi-task, work independently and as part of a team
PROFESSIONAL EXPERIENCE:
Confidential, New York
Senior IT Security Analyst
Responsibilities:
- Conduct Kickoff meetings with System Owners to prepare and advise security control assessments to assess the adequacy of management, operational, and technical security controls implemented.
- Develop Security Assessment Report (SAR) detailing the results of assessment along with plan of action and milestones (POA&M)
- Assist in the development of an Information Security Continuous Monitoring Strategy to help agency’s in maintaining an ongoing awareness of information security (ensure continued effectiveness of all security controls), vulnerabilities, and threats to support organizational risk management decisions
- Reviewed SSP documents from System Owners providing an overview of federal information system security requirements and describing the controls in place or planned by agencies to meet those requirements.
- Also assisted some System Owners with writing compliance descriptions for controls these systems I did not asses.
- Ensured that system's security controls, policies and procedures are examined, and validated.
- Developed and maintained C&A documentations, including System Security Plans, Contingency Plans, Risk Assessment Reports and evaluated existing documents and their accuracy
- Worked with C&A team members and senior representatives to establish and define programs, resources, schedules, and risks
- Assist System Owners and ISSOs in preparing Assessment and Authorization packages for client IT systems, making sure that management, operational and technical security controls adhere to formal well-established security requirements authorized by NIST Rev 4
Confidential
IT Security Analyst
Responsibilities:
- Planed and worked with assessment and compliance teams to conduct assessments and ensure compliance for the agency’s Insurance centers, Data centers for low, moderate and high impact systems, and validated their HIPAA compliance based on Policy and Procedures of the Organization.
- Assessed security controls selection for systems in accordance with the requirements in NIST A.
- Conducted FISMA-based security risk assessments for various government contracting organizations and application systems.
- Planed and worked with POA&M teams to remediate Vulnerabilities of various Insurance center and Data centers.
- Deliver an assessment of the severity of weakness or deficiencies discovered in information.
- Led teams to work onsite with each facility’s technical team and leadership to ensure recommendations are maximized.
- Creating, revising, and reviewing System Security Plans (SSP), Security Assessment Plans (SAP), Plan of Action & Milestones (POA&M), Security Assessment Reports (SAR) for low, moderate and high systems.
- Develop POA&M (Plan of Action & Milestones) document to take corrective actions resulting from ST&E (System Test & Evaluation).
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
