We provide IT Staff Augmentation Services!

Cyber Security Analyst Resume

Vienna, VA

SUMMARY:

Diverse IT experience in Information Security Vulnerability Management, Security Assessment and Authorization A&A, Software Quality Assurance, Secure File Transfer, System Support, Analysis and Software Development Lifecycle (SDLC).

SPECIALTIES:

Vulnerability scan and analysis,FISMA NIST SP 800s, Information Security, Risk Management, Policy and Procedures, Security Assessment & Authorization (A&A), Continuous Monitoring, Requirement Analysis, Developing System Test plans, Defining Test cases and Developing Test scripts.

EXPERIENCE:

Cyber Security Analyst

Confidential, Vienna, VA

Responsibilities:

  • Perform vulnerability scans (using Tenable Security Center, Scuba, DBProtect and Web Inspect) and compliance scans (using Tripwire) for all systems in Confidential TESS environment.
  • Classify and prioritize the risk of new vulnerabilities according to the specifics of our unique environment’s risk level, mitigating factors, and assessment of the impacts of internal and external threats.
  • Facilitate proactive remediation of new vulnerabilities by collecting information from threat and vulnerability feeds, analyzing the impact/applicability to our environment and communicating applicable vulnerabilities and recommended remediation actions to the impacted teams.
  • Work closely with both business - oriented executives and leads as well as technology-oriented personnel to ensure adequate processes are in place and actions are being taken to mitigate identified risks proactively.
  • Provide technical support to system owners to propose mitigation and remediation solutions to identified issues.
  • Assist departments across the organization in understanding and implementing security policy objectives in ways that are cost effective, and align with business objectives.

Sr Cyber Security Analyst

Confidential, Reston, VA

Responsibilities:

  • Performed Security Categorization using FIPS-199 on multiple systems.
  • Performed Security Control Assessment (SCA) using NIST Rev4 and NIST A
  • Performed updates to System Security Plans (SSP), Risk Assessments, Incident Response Plans, created Change Control procedures, and drafted Plans of Action and Milestones (POAMs).
  • Developed Security Control Assessment Report (SAR) in compliance with NIST SP Rev.4, and A Rev.4.
  • Performed vulnerability scanning using NESSUS.
  • Prepared and reviewed Security Authorization packages for multiple systems in compliance with Risk Management Framework (RMF), NIST .
  • Developed and maintained POA&M for all accepted risks.
  • Monitored controls post authorization to ensure continuous compliance with the security requirement.

Cyber Security Engineer

Confidential, Washington DC

Responsibilities:

  • Performed vulnerability and compliance scans using NESSUS and analyze the report.
  • Monitored and analyzed network traffic on IDS/IPS system SNORT
  • Risk Management Framework (RMF) assessments and Continuous Monitoring
  • Reviewed and analyzed logs from SIEM tool Splunk
  • Performed evaluation and guidance on security control implementation on multiple environments include Windows OS, LINUX, Solaris, and web applications.
  • Performed updates to System Security Plans (SSP), Risk Assessments, Incident Response Plans, and Plans of Action and Milestones (POAMs).
  • POAM Remediation: Performed evaluation of policies, procedures, security scan results, and system settings in order to address controls that were deemed insufficient during and Accreditation (C&A), RMF, continuous monitoring, and FISCAM audits.
  • Expertise in National Institute of Standards and Technology Special Publication (NIST SP) documentation: Performed assessments, POAM Remediation, and document creation using NIST SP Rev.2 and NIST SP Rev.3.

Software Test and Support Engineer

Confidential, Washington, DC

Responsibilities:

  • Worked on reported support Incident tickets for Campus Pack.
  • Consulted with clients to configure and manage Campus Pack building blocks on Blackboard Academic Suite and collaborate with them to troubleshoot difficult issues.
  • Coordinated and communicated with clients in solving issues arise in their Production and testing environments.
  • Created Virtual Machine test beds for different instances of Blackboard and Campus Pack.
  • Installed and tested different blackboard versions on AWS cloud environment.
  • Analyzed business requirements and wrote Test Plans and Test Cases for Campus Pack applications.
  • Created Test cases, new bugs, New feature requests and Support tasks in Jira.
  • Designed and created selenium automation framework to support regression testing as patches and upgrades were made to Campus Pack building blocks.
  • Performed manual testing of Campus Pack tools.
  • Created SQL Queries to generate Usage Stats for various schools.
  • Bug tracking and reporting using the customized Jira.
  • Conducted Functionality, Performance and Regression testing during the various phases of Campus Pack Fusion using Selenium.
  • Performed back end testing by executing SQL queries to extract data from MSQL Server database.

Secure File Transfer Engineer

Confidential, Minneapolis, MN

Responsibilities:

  • Implemented new file transfer connections using Synchrony Gateway Interchange, End to End Activator and CFT.
  • Upgrading End to End Activators and CFTs.
  • Provided rotational On-call Production support (second level, via pager).
  • Worked on reported Incident tickets on Remedy and creating change requests.
  • Created Scope Assessment documents for new file transfer setups.
  • Performed End-to-End testing for both inbound and outbound transfer between the application teams and external Trading Partners.
  • Coordinating and Communicating with Trading Partners in solving issues arise during End-to-end testing.
  • Developed automation test scripts to support regression testing as patches and upgrades are made to AXWAY.
  • Documented Test Cases, Test Results and Test Procedures and attended weekly status meetings.
  • Consulted with internal groups and external clients to configure and manage Synchrony on Linux, Wintel as well as on Mainframe and collaborate with them to troubleshoot difficult issues.
  • Created PGP keys for each outbound transfer for each Trading Partner and link them in the cluster.

Hire Now