We provide IT Staff Augmentation Services!

Cyber Security Analyst Resume

3.00 Rating

Vienna, VA


Diverse IT experience in Information Security Vulnerability Management, Security Assessment and Authorization A&A, Software Quality Assurance, Secure File Transfer, System Support, Analysis and Software Development Lifecycle (SDLC).


Vulnerability scan and analysis,FISMA NIST SP 800s, Information Security, Risk Management, Policy and Procedures, Security Assessment & Authorization (A&A), Continuous Monitoring, Requirement Analysis, Developing System Test plans, Defining Test cases and Developing Test scripts.


Cyber Security Analyst

Confidential, Vienna, VA


  • Perform vulnerability scans (using Tenable Security Center, Scuba, DBProtect and Web Inspect) and compliance scans (using Tripwire) for all systems in Confidential TESS environment.
  • Classify and prioritize the risk of new vulnerabilities according to the specifics of our unique environment’s risk level, mitigating factors, and assessment of the impacts of internal and external threats.
  • Facilitate proactive remediation of new vulnerabilities by collecting information from threat and vulnerability feeds, analyzing the impact/applicability to our environment and communicating applicable vulnerabilities and recommended remediation actions to the impacted teams.
  • Work closely with both business - oriented executives and leads as well as technology-oriented personnel to ensure adequate processes are in place and actions are being taken to mitigate identified risks proactively.
  • Provide technical support to system owners to propose mitigation and remediation solutions to identified issues.
  • Assist departments across the organization in understanding and implementing security policy objectives in ways that are cost effective, and align with business objectives.

Sr Cyber Security Analyst

Confidential, Reston, VA


  • Performed Security Categorization using FIPS-199 on multiple systems.
  • Performed Security Control Assessment (SCA) using NIST 800-53 Rev4 and NIST800-53A
  • Performed updates to System Security Plans (SSP), Risk Assessments, Incident Response Plans, created Change Control procedures, and drafted Plans of Action and Milestones (POAMs).
  • Developed Security Control Assessment Report (SAR) in compliance with NIST SP 800-53 Rev.4, and 800-53A Rev.4.
  • Performed vulnerability scanning using NESSUS.
  • Prepared and reviewed Security Authorization packages for multiple systems in compliance with Risk Management Framework (RMF), NIST 800-37.
  • Developed and maintained POA&M for all accepted risks.
  • Monitored controls post authorization to ensure continuous compliance with the security requirement.

Cyber Security Engineer

Confidential, Washington, DC


  • Performed vulnerability and compliance scans using NESSUS and analyze the report.
  • Monitored and analyzed network traffic on IDS/IPS system SNORT
  • Risk Management Framework (RMF) assessments and Continuous Monitoring
  • Reviewed and analyzed logs from SIEM tool Splunk
  • Performed evaluation and guidance on security control implementation on multiple environments include Windows OS, LINUX, Solaris, and web applications.
  • Performed updates to System Security Plans (SSP), Risk Assessments, Incident Response Plans, and Plans of Action and Milestones (POAMs).
  • POAM Remediation: Performed evaluation of policies, procedures, security scan results, and system settings in order to address controls that were deemed insufficient during Certification and Accreditation (C&A), RMF, continuous monitoring, and FISCAM audits.
  • Expertise in National Institute of Standards and Technology Special Publication (NIST SP) documentation: Performed assessments, POAM Remediation, and document creation using NIST SP 800-53 Rev.2 and NIST SP 800-53 Rev.3.

Software Test and Support Engineer

Confidential, Washington, DC


  • Worked on reported support Incident tickets for Campus Pack.
  • Consulted with clients to configure and manage Campus Pack building blocks on Blackboard Academic Suite and collaborate with them to troubleshoot difficult issues.
  • Coordinated and communicated with clients in solving issues arise in their Production and testing environments.
  • Created Virtual Machine test beds for different instances of Blackboard and Campus Pack.
  • Installed and tested different blackboard versions on AWS cloud environment.
  • Analyzed business requirements and wrote Test Plans and Test Cases for Campus Pack applications.
  • Created Test cases, new bugs, New feature requests and Support tasks in Jira.
  • Designed and created selenium automation framework to support regression testing as patches and upgrades were made to Campus Pack building blocks.
  • Performed manual testing of Campus Pack tools.
  • Created SQL Queries to generate Usage Stats for various schools.
  • Bug tracking and reporting using the customized Jira.
  • Conducted Functionality, Performance and Regression testing during the various phases of Campus Pack Fusion using Selenium.
  • Performed back end testing by executing SQL queries to extract data from MSQL Server database.

Secure File Transfer Engineer

Confidential, Minneapolis, MN


  • Implemented new file transfer connections using Synchrony Gateway Interchange, End to End Activator and CFT.
  • Upgrading End to End Activators and Confidential .
  • Provided rotational On-call Production support (second level, via pager).
  • Worked on reported Incident tickets on Remedy and creating change requests.
  • Created Scope Assessment documents for new file transfer setups.
  • Performed End-to-End testing for both inbound and outbound transfer between the application teams and external Trading Partners.
  • Coordinating and Communicating with Trading Partners in solving issues arise during End-to-end testing.
  • Developed automation test scripts to support regression testing as patches and upgrades are made to AXWAY.
  • Documented Test Cases, Test Results and Test Procedures and attended weekly status meetings.
  • Consulted with internal groups and external clients to configure and manage Synchrony on Linux, Wintel as well as on Mainframe and collaborate with them to troubleshoot difficult issues.
  • Created PGP keys for each outbound transfer for each Trading Partner and link them in the cluster.

We'd love your feedback!