We provide IT Staff Augmentation Services!

Information Assurance Specialist Resume

Columbia, MD

SUMMARY:

A self - motivated, self-starter, organized professional with a blend of experience and expertise in Cyber Security and Program Management.

SUMMARY OF SKILLS:

Technical Experience: FIPS 199, FIPS 200, Confidential Rev 4, Confidential, Confidential, Confidential, E-Authentication, Privacy Threshold Analysis (PTA), Privacy Impact Assessment (PIA), Risk Assessment (RA), SSP, ISCP, ST&E, SAR (Plan of Action and Milestones (POA&M), Authorization to Operate (ATO) Letter, MS Office, Visio, SharePoint, Access, PeopleSoft, Nessus Vulnerability Scanning Tool, WebInspect, Splunk, DbProtect.

Project Management / Office Management Tools: Microsoft SharePoint, Microsoft Project 2013, Microsoft Office Suite (Excel, Word, PowerPoint), Office 365 Online, PC and Mac Pro computers.

EXPERIENCE:

Information Assurance Specialist

Confidential, Columbia, MD

Responsibilities:

  • Conduct Cloud System assessments by utilizing FedRAMP.
  • Document Confidential security control compliance findings within Requirements Traceability Matrixes (RTMs) and Security Assessment Reports (SARs).
  • Review and interpret Tenable Nessus Vulnerability and Compliance scans.
  • Develop and disseminate Security Assessment Plans.
  • Execute Security Assessments and develop and deliver supporting documentation within aggressive timelines.
  • Perform full and partial assessments. (Annually and every 3 years).
  • Conduct ongoing authorizations assessment.
  • Execute Step 4 (Security Assessment) of the Confidential Risk Management Framework (RMF).
  • Perform vulnerabilities scan analysis and monitor continuously using Confidential as a guide with the aid of Nessus.
  • Conduct trending and analysis of monthly results to identify high risk vulnerabilities impacting the network and ensure proper security confidential from confidential vulnerability management standpoint.
  • Perform vulnerability and risk analysis, and participate in confidential variety of computer security penetration studies.
  • Provide enterprise-wide technical analysis and direction for problem definition, analysis and remediation for complex systems and enclaves.
  • Recommend solutions to meet security requirements.
  • Identify risk to information assets and data systems.
  • Conduct assessments and audits to ensure confidential compliance following confidential approach to information security.
  • Develop & document policies and procedures for the use of vulnerability assessment tools and methodologies.

Information Technology Specialist

Confidential, Hanover, MD

Responsibilities:

  • Assisted in assessing cloud systems.
  • Helped in updating IT security policies, procedures, standards and guidelines according to department and federal requirements.
  • Support Cyber Security Analysts in conducting Vulnerability Management, Security Engineering, and Accreditation, and Computer Network Defense.
  • Worked with clients in safeguarding CUIs (Controlled Unclassified Information) by performing the necessary assessments which primarily deals with 14 control families.
  • Performed risk assessments, update and review System Security Plan (SSP) using Confidential (Guide for Developing Security Plan for federal information systems), Plan of Action and Milestones (POA&M), Security Control Assessments, and Configuration.
  • Performed vulnerabilities scan and analysis and monitor continuously using Confidential as a guide with the aid of Nessus.

Junior Information Assurance Specialist

Confidential, Arlington, VA

Responsibilities:

  • Conducted findings meeting with stakeholders.
  • Conducted assessments utilizing Confidential a.
  • Created SAR and provided detailed explanation about findings.
  • Helped in developing, reviewing and updating Information Security System Policies.
  • Assisted team in performing vulnerability scanning with the support of Nessus scanning tool to detect potential risks on a single or multiple asset across the enterprise network.
  • Updated IT security policies, procedures, standards, and guidelines per the respective department and federal requirements.
  • Performed risk assessments, Plan of Action and Milestones (POA&M), Security Control Assessments, and specific security documentations, (SA&A) Security Assessment and Authorization using Confidential SP rev4/FIPS 200 (Security Controls), Confidential SP A rev4 (Assessing Security Controls).
  • Assisted in monitoring controls post authorization to ensure constant compliance with the security requirements.

SOC/IDS/IPS/Monitor

Confidential, Quantico, VA

Responsibilities:

  • Responsible for monitoring and troubleshooting the electronic security systems (ESS).
  • Supervised 4 Operators on each shift.
  • Monitored multiple accounts across agencies, and used open sources tools to determine potential threats for the network.
  • Monitored and updated incoming/assigned tickets.
  • Utilized SNORT for packet logging and traffic analysis.
  • Performed scanning using scanning tools such as Nessus, DBProtect, and WebInspect.
  • Managed electronic security equipment including surveillance cameras.
  • Worked on various types of communication and electronic data processing equipment.
  • Received and transmit routine and emergency call in the Security Operations Center, administer routine and emergency call assignments and operations.
  • Provided analysis and trending of security log data from a large number of heterogeneous security devices.
  • Provided Incident Response (IR) support when analysis confirms actionable incident.
  • Provided threat and vulnerability analysis as well as security advisory services.
  • Analyzed and responded to previously undisclosed software and hardware vulnerabilities.

Grants Management Specialist

Confidential, Rockville, MD

Responsibilities:

  • Prepared, reviewed and examined grant applications and documents including subcontracts arrangements.
  • Prepared Notice of for the continuation of existing and new grant programs through IMPAC system and SAMHSA Grants Information Management System.
  • Prepared Notices of for Post actions and high risk status for several Grant Programs.
  • Initiated Close-Out procedures of grant program that involves reviewing reports of expenditures for accuracy, appropriate costs and disposition of unobligated balance.
  • Uploaded Post actions into Share Point System, maintained records for active/pending grants using Payment Management System (PMS).

Hire Now