SUMMARY:

• Creating and updating ATO Security Documentation, consisting of SSP, RA, SA, ISA/MOU, CMP, PTA/PIA, DRP, IRP, ISCP
• Direct experience with the Security Assessment and Authorization process
• Executed security tests, evaluations, and vulnerability analysis of systems using Nessus
• Used mainly FIPS 199, FIPS 200, NIST - 37, and NIST 800-53 rev4 to assess systems
• Verified that IT Systems are functioning properly, in agreement with NIST 800-53 A publication.
• Provided customer with suggested evidences for security controls, according to 6500 Handbook
• Used GRC tool to manage IT Systems for the Confidential and to maintain up to date, necessary ATO documentation
• Assisted with POAM remediation and verifying all evidences were relevant, accurate, and up to date
• Conducted system hardening, generated vulnerability reports, and re-assessments via DISA STIGS and Confidential Benchmarks
• Windows 3.1- Windows 8.1, Windows Server 2003 & 2008 R2, Linux, MAC OSX, Active Directory, GPO, Auditpol, VMware, Great Plains
• MS Office, MS Exchange, Lync 2013, RSA, Citrix, McAfee Anti Virus, Symantec Endpoint Protection (SEP), SOPHOS, Malware Bytes, Super Anti Spyware, Spy Bot, Norton GHOST, PC Anywhere, Backup Exec, Remote Desktop, TCP/IP, DNS, WireShark, Secunia, Remedy, ServiceNow, Footprints, CheckPoint Encryption, SafeBoot, Ultimate Boot Disc Tools, DELL Diagnostic Tools, BES, Nessus, Dumpsec, Splunk, GRC, Risk Vision
• 16+ years of IT Security experience
• Ability to manage and lead individuals as well as work as part of a team
• Excellent attention to detail and organizational skills
• Ability to author clear and concise documentation
• Familiar with the dynamics of a fast paced and mission critical environment

PROFESSIONAL EXPERIENCE:

Lead Cyber Security Analyst

Confidential

Responsibilities:

• Experience creating and updating all ATO Artifacts for the System, including SSP
• Referencing and utilizing NIST publications and Confidential provided documentation for client
• Met and interviewed key personnel to address NIST controls and develop implementation details in SSP
• Assisted with inputting information into Risk Vision system for Confidential, to account for various evidence and implementation details
• Familiar with addressing POAMs and remediating them for the client
• Experience with travel and working with the client to resolve POAMS and gather information at their site
• Delegated tasks and projects to team, serving as team lead for 5 team members

Cyber Security Vulnerability Analyst

Confidential

Responsibilities:

• Working face-to-face with multiple stakeholders interviewing, planning, or participating in a team effort to bring multiple complex projects to fruition in a highly motivated, fast paced environment.
• Running automated scanning tools such as Nessus
• Conducting in-depth technical reviews of new and existing IT systems in order to identify the appropriate mitigation strategies required to bring these systems into compliance with established policy and industry guidelines.
• Providing ongoing gap analysis of current policies, practices, and procedures as they relate to established guidelines outlined by NIST, OMB, FISMA, etc.

IT Security Specialist

Confidential

Responsibilities:

• Main contact for end user support, both face to face and remotely with frequent use of MS Lync in a Windows 7 environment
• Responsible for providing Tier 1 and Tier2 support for laptops, Blackberries, printers, copiers, scanners, Citrix applications, Active Directory, and Microsoft Exchange mail to 600 government, contractor, and military personnel
• Working experience with Group Policy Object (GPO) management: adding, deleting, or changing groups and group permissions
• Create, unlock, and maintain user accounts in Active Directory on Windows Server 2008 R2
• Encrypted PC’s using Endpoint Encryption Manager
• Configured email, remote connections, and networking protocols on systems to provide users appropriate resources
• Migrated user’s workstations and laptops to different offices within the agency, and verified complete migration of hardware and network functionality
• Escalate issues to onsite management and centralized resources as appropriate
• Responsible for configuring and administration of Check Point security hard drive encryption, as well as upgrading to most recent versions of CheckPoint software
• Responsible for RSA token configuration and administration
• Completed virus removal process on infected computers with SOPHOS, Malware Bytes, Super Anti Spyware, and Spy Bot
• User support and training for a custom built internal SharePoint application
• Load images, configure, and deploy laptops from PXE boot or Norton Ghost
• Deploy and configure security for iPads, iPhones, Blackberries, and Windows OS based phones from NIST SOP’s

Security Administrator

Confidential

Responsibilities:

• Served as point of contact to support critical requests for multiple client locations.
• Provided Windows technical support and troubleshooting to over 100 clients, both on-site and remotely over phone and email.
• Monitored and maintained daily tape backups, event logs, and an anti-virus server.
• Maintained current virus definitions in SEP and scheduled automated local scans as part of continuous monitoring
• Protected PII from patients through secure applications and physical lockdown of patient records
• Complied with HIPAA policies to protect patient information
• Deployed images to workstations using Symantec GHOST.
• Assisted users with AVAYA PBX IP Telephone configuration and setup.
• Troubleshot and maintained high volume printers ranging from Konica to HP set ups.

Security Administrator

Confidential

Responsibilities:

• Provided server management and technical support for the network of 60+ clients.
• Assisted with Configuration Management and kept software patches up to date
• Configured older workstations and integrated new workstations to the client system.
• Used GPO and AD to specify user access control
• Installed drivers, modifications, printers and software packages on workstations.

Research Office Intern

Confidential

Responsibilities:

• Managed projects ranging from database management to HTML survey creation.
• Maintained documents and published surveys and other documents.
• Configured scanners for high volume scanning.
• Assisted peers with technical hardware and software issues.

Junior System Administrator

Confidential

Responsibilities:

• Maintained a WIN NT 4.0 web and fax server with multiple clients running Windows.
• Performed webmaster duties for extranet site.
• Resolved networking issues and managed resource sharing
• Served as main contact point for MS Office suite questions and support