Information Security Policy and Compliance Analyst Resume Frederick, MD - Hire IT People

SUMMARY:

Dedicated Information Security Analyst with skills in Management and Protection of Enterprise Information Systems. Willing to contribute relevant experience to the fast growing information technology industry and improve by learning new technology in the challenging world of information technology. With over 5 years of IA Security operations, Information security policies and procedure development.

TECHNICAL SKILLS:

RMF Tools: CSAM, Nessus Scanner, Retina, Nmap, Risk Vision (GRC Agiliance)

Operating System: Windows XP, Windows 7

Software and hardware installation

System and network Troubleshooting

Analytical skills to resolve network conflicts

PROFESSIONAL EXPERIENCE:

Information Security Policy and Compliance Analyst

Confidential, Frederick, MD

Responsibilities:

Develop and modify Organization’s Security Policies, Standards, Processes and Procedures.
Driving communication and implementation of security policies, procedures, and technologies across the organization.
Categorize system and identify security objectives by applying appropriate information security control for Federal Information System based on NIST SP 800 - 60, SP 800-53, FIPS 199, FIPS 200, and OMB A-130 Appendix III.
Use of network applications to scan and audit the security of the network.
Works with organization and direct supervisor to ensure formal security training on a regular basis.
Designed, developed, and innovative solutions to meet security compliance requirements
Develop, review and update Information Security System Policies, System Security Plans (SSP), and Security baselines in accordance with NIST, FISMA and industry best security practices.
Partner with internal teams to ensure policies meet the needs and goals of Confidential .
Create ATO package documents; SSP, RA, SAR, POAM reports, etc., based on the security assessments performed on systems.
Partners effectively with security awareness program to communicate new policies, procedures, and programs.
Perform the role of Security Control Assessor by reviewing the artifacts and implementations statements provided by the ISSO on a system to determine if the security controls are yielding the desired result.
Formulate security assessment reports and recommendations for mitigating vulnerabilities and exploits in the system.
Provides training and awareness on company policies across the organization.

RMF Analyst

Confidential, Bowie, MD

Responsibilities:

Conducted security standards/compliance assessments and audits.
Ran Nessus Scans and Retina scanning tools to analyze results.
Develop, review and update Information Security System Policies, System Security Plans (SSP), and Security baselines in accordance with NIST, FISMA and industry best security practices.
Updated identified systems threat and mitigation of vulnerabilities to threat in the systems.
Fostered security-focused tools and training programs.
Create ATO package documents; SSP, RA, SAR, POAM reports, etc., based on the security assessments performed on systems.
Identified and recommended solutions for various risks and security issues.
Maintained regulatory requirements.
Managed and facilitated information security related projects.
Independently reviewed complex systems for compliance with security requirements.
Moderated workshops and interviewed security program participants to determine technical threats and risk.
Determined likelihood of a threat by analyzing the vulnerability scanning report for the information system based on the implemented controls in place.
Monitored compliance with organization's information security policies and procedure.
Provided expertise on Information Security policies and guidelines, best practice approaches and solutions for compliance

We provide IT Staff Augmentation Services!

Information Security Policy And Compliance Analyst Resume

Frederick, MD

We'd love your feedback!

Resume Categories

Client Services

Job Seekers

Visa Sponsorship