Information Security Analyst Resume

SUMMARY:

Highly organized and detail - oriented with over 10 years’ experience providing thorough and skillful in the IT and an Accountant
Dedicated and focused; able to prioritize and complete multiple tasks and follow through to achieve project goals. Able to solve problems to grow positive relationships with clients and colleagues at all organizational levels.
Proficient in software development life cycle including FISMA artifacts and SW Testing - test plan development, test case creation, test execution and bug tracking.
Enjoy learning new tools and technologies.
Experience of Compliance Frameworks (FISMA, SOX, PCI-DSS).
Experience of FISMA artifacts (FIPS 199, SORN, E-Authentication, PTA, PIA, Risk Assessment, SSP, CP, CPT, ST&E, SAR, POA&M, ATO-IATO-DATO, NIST 800-53 Rev 4, ISA, MOA, MOU).
Penetration testing knowledge.
Knowledge of Assessment tools (Nessus, Nmap).
Packet capture tools: such as Wireshark.
Knowledge of Linux / UNIX performance commands (Linux RedHat).
Knowledge of dynamic routing and network protocols (BGP, OSPF, EIGRP), Access control lists.
Knowledge of Windows Server environments and Active Directory.
Knowledge of Access Control and Authentication techniques.
Knowledge of Data Protection and Encryption technologies.
Good communication skills, organized, motivated and great team player.

TECHNICAL SKILLS:

Operating Systems: Win 95/98, UNIX, MS-DOS.

MS-Suite: MS-Word, MS Excel, MS-PowerPoint, MS Out-Look.

Data Bases: Oracle 11, SQL

Testing/Security Tools: QC, QTP, Load runner 6.0, EAI, Wireshark, Nessus.

PROFESSIONAL EXPERIENCE:

Confidential

Information Security Analyst

Responsibilities:

Performed Certification and Accreditation (C&A)/(SA&A) process, ensuring that management; operational and technical controls for securing either sensitive Security Systems or IT Systems are in place and are followed according to federal guidelines (NIST 800-53). This included ensuring that appropriate steps were taken to implement information security requirements for IT systems throughout their life cycle, from the requirements definition phase through disposal. Additional responsibilities included assurance of vulnerability mitigation, training on C&A tools, supporting System Test and Evaluation (ST&E) efforts and other support to the IT Security Offices.

Confidential

Software Tester

Responsibilities:

Experienced in Requirements Analysis and Testing phases of SDLC.
Participated in requirements review meetings.
Interacted with Business team by preparing meeting notes; and distributing within the team.
Reviewed business requirements and developed test scripts.
Updated weekly status report in the team.
Served as administrator for Google Drive and distributed information through the team.
Updated, loaded deliverable files for the client using SharePoint and documented information.
Performed Functional Testing using the test environment (EAI testing adapter/tool). Enterprise Application Integration
Provide documentation, testing issues tracking in JIRA.
Documenting Test Documents Using MS Office Tools.
Performed UAT Testing.

Confidential

Software Performance Test Analyst / Quality Assurance Tester

Responsibilities:

Developed Test Cases.
Developed Automation Test Scripts using HP (Mercury) and Quick Test Professional (QTP)
Used HP Load Runner to test Client/Server, Windows applications, Web Services and Web Base applications on UNIX/Linux operating systems.
Worked with Performance test team.
Performed Sanity, Smoke, Functionality, Performance, Volume, Unit, Integrated, System, Positive & Negative, Security and Regression Testing of Web Based and Client-Server applications.
Performed Black Box and User Acceptance Testing.
Performed Data Validation of the data flow from the front-end to the back-end by executing SQL scripts.
Used test management software (Quality Center).
Executed test cases and reported defects using Quality Center.
Executed QTP scripts for automation regression test.
Created reports and tracked defects in the modified code.
Participated in walk thru sessions at reviewed test plans.
Wrote SQL and queries to create quick custom reports and updated the analyzed database values.
Bugs were reported to Developers and after fixed regression testing was performed.