Information Systems Security Analyst Resume
Washington D, C
PROFESSIONAL EXPERIENCE
Information Systems Security Analyst
Confidential, Washington, D.C.
- Performed risk assessments and developed risk treatment plans, performed periodic vulnerability assessments, continuous database monitoring, mainframe database query, audit log reviews, IT security posture audits
- Assisted in FISMA compliance audit in conformance with NIST 800 - 53A & FISCAM
- Responsible for reviewing and updating security policy documents, procedures, and guidelines
- Experience with identity and access management systems {Role Based Access Control, (RBAC)}
- Intermediate knowledge of Microsoft Active Directory security design and application
- Intermediate knowledge of Windows, UNIX, and LINUX operating systems
- Working knowledge of SQL/Oracle databases, query languages, data analysis tools, and monitoring tools
- Extensive knowledge of FISMA, ISO 27001/27002/27005 , SOX, ITIL, GLBA, HIPPA, PCI-DSS, NIST, and COBIT
- Assisted in providing IT security awareness training to staff
Information Systems Security Engineer -
Confidential, Alexandria, VA
- Performed continuous monitoring of several custom online databases
- Assisted with FISMA compliance and DIACAP audits (C&A)
- Performed risk assessments, risk treatment plans, and helped develop annual IT audit plan
- Responsible for reviewing and updating security policy documents, procedures, and guidelines
- Performed FISMA gap analysis
- Responsible for internal vulnerability scans, anti-virus scans, log activity reports, & patch management report
- Assisted in providing IT security awareness training to staff
Information Systems Security Engineer
Confidential, San Antonio, TX
IT acquisition-One-half of time spent on IT acquisition contracting writing statements of work and solicitations and request for proposals (RFPs) for purchases of information security products such as personal computers, laptop computers, anti-virus scan software, intrusion detection and prevention systems, firewalls, routers, servers, commercial software, printers, keyboards, and computer peripherals. Performed due diligence review and assessment of vendor proposals, served on vendor source selection committee, selected vendors, wrote contracts, negotiated contracts, monitored contract work as contracting officer’s technical representative (COTR) & approved vendor payments within the DoD automated payment system.
IT Security Engineer-the other half of time spent performing continuous monitoring of several custom online databases; assisted with FISMA compliance reviews and DIACAP C&A and audits; reviewed and updated security policy & assisted with security awareness training.
Information Systems Audit Manager -
Confidential Fort Worth, TX
- Responsible for all Information System Audits of Lockheed Martin Aeronautics