SUMMARY

• Over five years of experience in Cyber Security, auditing and evaluation, Assessment & Authorization. Detailed knowledge of Risk Management Framework, with special emphasis on, and FISMA/FedRAMP Assessment best practices.
• I am seeking to apply my skills and expertise to help achieve Enterprise - wide information risk management goals and objectives.
• Develops documentation including ATO package; SSP, SAR, POAM, Contingency Plan (CP) and Risk Assessment (RA), Incident Response Plan (IRP), Privacy Threshold Analysis (PTA), Privacy Impact Assessment (PIA), System of Records Notice (SORN)
• Proven ability to lead, direct, solve information security risks problems professionally, and make strategic decisions in fast paced environment.
• Perform Certification and Accreditation documentation in compliance with Federal standards
• Reviews and evaluates Vulnerability Scanning results
• Perform comprehensive assessments and document results of management, operational and technical security controls for audited applications and information systems
• Develop and conduct ST&E (Security Test and Evaluation) according to NIST SP A and NIST SP R4
• Compile data to complete Residual Risk Report and update the SAR and POA&M
• Ability to multi-task, work independently and as part of a team
• Strong analytical skills

TECHNICAL SKILLS

Security Technologies: Nessus, Service Now and Norton 360.

Operating Systems: Windows, Mac, Android.

Software: Office 365 (Word, Excel, PowerPoint, Access, Outlook)

PROFESSIONAL EXPERIENCE

Confidential

Cyber Security Analyst

Responsibilities:

• Creates and maintains security metrics in order to help senior management make decisions.
• Conducts kick-off meetings to collect systems information and categorize systems based on NIST SP and FIPS 199.
• Provides adequate security controls to protect information systems kept in a data center environment.
• Develops plan for FedRAMP re-authorization audit and support FISMA.
• Collects evidence, develops test plans and procedures and documents test results.
• Ensures the implementation and maintenance of security controls in accordance with what is in the System Security Plan (SSP).
• Reviews and updates the Security Assessment Plan (SAP), System Security Plan (SSP), Contingency Plan (CP) and Risk Assessment (RA), Incident Response Plan (IRP), Privacy Threshold Analysis (PTA), Privacy Impact Assessment (PIA), and System of Records Notice (SORN)
• Conducted Annual Self-Assessment (NIST SP A)
• Provides the SCA team with all evidence or artifacts that can be used to validate the implementation of security assessment questions.
• Develops security control baseline and tested plan used to assess and implement security controls

Confidential

Cyber Security Analyst

Responsibilities:

• Scheduled and conducted interviews with stakeholders to gather and analyze Security Controls implementation and the Information System Security posture
• Developed Security Assessment Reports (SAR)
• Tracked and updated Plans of Action and Milestones (POAM) regarding the mitigation and remediation status
• Supported the Security Assessment and Authorization (SA&A), FISMA compliance, NIST requirements and continuous monitoring for Security Controls.
• Reviewed authorization expirations for different system including General Support Systems (GSS) and Major Applications (MA)
• Participated in kick-off meeting to collect systems information (information type, boundary, inventory, etc.) and categorized the systems based on NIST SP, and conducted client interviews to complete the Risk Assessment, Security Control Assessment, and Plan for Remediation Actions and Security Continuous Monitoring Plan
• Updated existing authorization packages throughout the life cycle of the Major Applications and General Support Systems
• Conducted security control assessments to assess the adequacy of management, operational, privacy, and technical control security implemented. Security Assessment Reports (SAR) are developed, and documented the results of the assessment along with Plan of Action and Milestones (POA&M)
• Created and updated Security Assessment and Authorization (SA&A) artifacts, Security Test and Evaluations (ST&Es), Risk Assessments (RAs), Privacy Threshold Analysis (PTA), Privacy Impact Analysis (PIA), E-Authentication, Contingency Plan, Plan of Action and Milestones (POAMs)
• Prepared Security Assessment and Authorization (SA&A) packages to ascertain that management, operational and technical Security controls adhere to NIST SP standards
• Reviewed organizational policies, standards and procedures and providing advice on their adequacy, accuracy, and compliance with industry standards

Confidential

Staff Accountant

Responsibilities:

• Handles situations regarding Invoices with outstanding balance, or anything related to account receivables
• Enter invoices for payment
• Accounts Payable Account Reconciliations
• Monitor email and mails daily to check for any requests/ issues that need action
• Keep track of the outstanding credits that are owed by the client and follow up on those credits to ensure they are received
• Process payment to client
• Reconcile client statements
• Validate and process checks for utilities and supplies
• Performs other duties as assigned