Security Analyst Iii Resume
3.00/5 (Submit Your Rating)
Arlington, VA
SUMMARY:
- Experience in Risk Management Framework and FISMA Projects Supporting Federal Agencies.
- Seeking an Information System Auditor or a Risk Analyst position in a growth oriented Organization with focus on FISMA, System Security Monitoring and Auditing, Risk Assessments, Audit Engagements, and Testing Information Technology Controls.
TECHNICAL SKILLS:
- Linux
- Windows
- LAN/WAN
- LDAP
- Wireless Network
- Cloud Computing
- VPN
- TCP/IP/UDP; ACL tools
- DMZ
- IDS Snort
- Nessus
- Nmap
- Wireshark
- Cisco Routers/Switches Security Configuration
- Disaster Recovery
- Business Continuity Plan
- Contingency Plan
- Microsoft Office Suite
- Power Point
- Word
- Excel
- Access
- Computer Forensics
PROFESSIONAL EXPERIENCE:
Security Analyst III
Confidential, Arlington, VA
Responsibilities:
- Ensured that security requirements for the major application or general support system had been met
- Ensured that requests for security authorization (also referred to as C&A) of assigned major application or general support systems were completed in accordance with the published procedures
- Ensured that protective measures for physical security threats were in place
- Ensured compliance with all legal requirements concerning the use of commercial proprietary software, e.g., respecting copyrights and obtaining site licenses
- Maintained an inventory of hardware and software within the program/development offices or field site facility
- Coordinated the development of a Contingency Plan and ensuring that the plan was tested and maintained
- Ensured risk analyses were completed to determine cost - effective and essential safeguards
- Ensured preparation of security plans for sensitive systems and networks
- Attended security awareness and related training programs and distributed security awareness information to the user community as appropriate
- Reported IT security incidents (including computer viruses) in accordance with established procedures
- Reported security incidents not involving IT resources to the appropriate security office and provided input to appropriate IT security personnel for preparation of reports to higher authority concerning sensitive and/or national security information systems.
Senior Information Security analyst
Confidential, Washington, DC
Responsibilities:
- Information Systems Security Officer (ISSO), responsible for the certification and accreditation of computer networks and standalone information systems using government standards, NIST 800-series
- Worked closely with the Information Systems Security Manager (ISSM), interpreting and applying information technology security policies and implementing procedures.
- Analyzed the scan results and communicated remediation requirements. Managed identified vulnerabilities through the development, implementation and execution of Plans of Actions and Milestones (POA&Ms).
- Communicated with the System Owner (SO) to address security issues and resolve vulnerabilities in a timely manner.
Cybersecurity Engineer
Confidential, Washington, DC
Responsibilities:
- Performed Security Accreditation Package (SAP) Quality Assurance Review (QAR) using Assessment and Authorization (A&A) checklist tool.
- Performed Security Test and Evaluation (ST&E), testing management, technical and operational controls using NIST 800-53 A rev4, Security Risk Traceability Matrix (SRTM), and documented findings in the Security Assessment Report (SAR).
Information Security Analyst
Confidential, Silver Spring, MD
Responsibilities:
- Working Knowledge of Federal Government Certification and Accreditation (C&A) practices and regulations, FISMA NIST SP 800 series.
- Performed vulnerability assessment and participated in systems’ scans using Nessus.
- Reviewed organization security documentation, including Security Authorization Package (SAP), updated systems security plans (SSP).
Project Associate Manager
Confidential, Bethesda, MD
Responsibilities:
- Created a database to build a Wikipedia of United States superintendents and principals
- Entered data into and extracted data from system-wide databases using Excel functions, Access queries and SQL
- Used Microsoft office, Excel and Access Data base to analyze data and to develop spreadsheets, reports and presentations.
Security Analyst
Confidential, Reston VA
Responsibilities:
- Performed IT Risk Assessment and documented the controls. Performed the General Computer Control testing of Information Security, Business Continuity Planning.