It Security Specialist Resume
Washington, DC
SUMMARY:
Vast background and experience in Federal Information Security Management, IT infrastructures, and maintenance of large information systems. Extensive experience using the appropriate tools to assess and analyze existing applications for system weaknesses and vulnerabilities, and implementing techniques for mitigating security threats and risks. Hands - on experience in implementation of the Plans of Actions and Milestones / Corrective Action Plans, as well as remediation of the documented threats and vulnerabilities. An expert in the field of risk-based certification and accreditation using various flavors of the State, Federal, as well as International Cybersecurity frameworks (e.g. NIST RMF, FedRAMP, HIPAA, PCI DSS, ISO 27001, SOX, COSO/COBIT etc.) Immensely k now l e dge abl e of indus t r y s t an dar ds a nd pr ov e n t r a c k r ec or d of i m pl e me nt i ng t he ne c e ssa r y c o nt r ol s t o e nsu r e c om plia nc e .
PROFESSIONAL EXPERIENCE:
Confidential, Washington, DC
IT Security Specialist
Responsibilities:
- Managed the information security function in accordance with the established policies and guidelines.
- Established and maintained information security policies, procedures, and guidelines pursuant to NOAA, as well as, State and Federal laws and regulations such as the Federal Information Security Act (FISMA).
- Responsible for IT Security Awareness Training, Contingency Plan Training and Incident Response Training.
- Assess security and privacy controls using the NIST SP 800-53 A Rev4 publication guideline.
- Review security policy documents and make recommendations on documentation compliant.
- Conducted and performed continuous monitoring pursuant to NIST Guidelines requirements.
- Provided impact analysis for updates and version changes required by the NIST Security Publications and FISMA Notices
- Support control testing and development of Plans of Action and Milestones (POA&M)
- Responsible for tasks related to the system Certification and Accreditations (C&A) and follow the Government IT security policies and standards.
Confidential, Beltsville, MD
Senior IT Auditor
Responsibilities:
- Performed information system and integrated audits to assess the adequacy of internal controls, validate compliance with regulatory standards and identify opportunities to streamline operational processes.
- Coordinated data collection, analysis and reporting for IT Security Data Calls, FOIA Requests, and Incident reports.
- Assessed the controls, reliability and integrity of the company's systems and data to assist with maintaining and improving the efficiency and effectiveness of risk management, internal controls and corporate governance.
- Worked with CISO to plan engagement strategy, define objectives, and address technology-related controls risks and issues.
- Ensure documentation reflects current control environment for Key Controls, Non-Key Controls, and Issues (with related Management Action Plans)
- Worked with management and compliance leaders to assure security programs were in compliance with HIPPA security rules and other relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
- Assisted management with incident response (CSIR) as well as determining the nature of incidents such as computer intrusion, distributed denial of service (DDOS) and working with senior management on mitigation risk strategies and remediation.
Confidential, Washington, DC
IT Security Analyst
Responsibilities:
- Provided expertise on technical services including all aspects of information security
- Conduct IT risk assessments to identify system threats
- Assessed system design and security posture as well as advising information security compliance with FISMA and NIST SP 800-53 controls.
- Conducted security control assessments to assess the adequacy of management, operation privacy, and technical security controls implemented
- Performed maintenance and advanced configuration of systems in order to protect systems from emerging cyber threats.
- Conducted forensic traffic logs analysis to isolate issues and respond to analyst alerts
- Business Impact Analysis (BIA) to analyze mission-critical business functions, and identify and quantify the impact if these are lost (e.g., operational, financial). BIA helped to define the company’s business continuity plan and IT internal control audit objective.
Confidential, Bowie, MD
Executive Member
Responsibilities:
- Student representation in the judicial processes of the University.
- Ensure undergraduate students' roles and responsibilities in overall university governance.
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
