We provide IT Staff Augmentation Services!

Analyst/consultant Resume

5.00/5 (Submit Your Rating)

Upper Marlboro, MD

SUMMARY:

  • Three years plus as a Senior Analyst/Consultant at Confidential performing Risk Management Framework (RMF) Assessments using the various security artifacts for guidance at each step of the RMF process, obtaining ATO and Continuous monitoring; Security Control Assessment (SCA);
  • Evaluation and guidance on Security controls section and implementation; developing and update the FIPS 199 System Categorization, SSP, SAR and POA&M; supervising and training clients and team members on new and updated processes and tasks; participating actively in Risk Assessment; and Security Information and Event Management (using Splunk tool).

TECHNICAL SKILLS:

  • POA&M Management using (CSAM,XACTA, and TAF), Automation Protocol, Penetration Testing using KALI UNIX( Nmap, Nessus scans).

WORK EXPERIENCE:

Confidential, Upper Marlboro, MD

ANALYST/CONSULTANT

Responsibilities:

  • NIST SP 800 - 37 Risk Management Framework (RMF) assessments, obtaining ATO and Continuous Monitoring (NIST SP 800-137): Performed RMF assessment on several different environments at the Census Bureau using both scanning tools and manual assessment. Assessment included initiating meetings and interviews with various System Owners and Information System Security Officers (ISSO), providing guidance of evidence needed for security controls, and documenting findings of assessment in the SAR.
  • Knowledge of Several Computer Environments: Performed evaluation and guidance on security control implementation on multiple environments include Windows server, Windows 7 and Windows XP.
  • Security Documentation: Develop and perform updates to System Security Plans (SSP), System Assessment Plan (SAP), Risk Assessments, Incident Response Plans, System Assessment Report (SAR) and draft Plans of Action and Milestones (POAMs).
  • Training of clients and coworkers: Created training decks to train clients and coworkers on processes at the client site. Additionally, run training sessions, using the created deck, on how to process like POAMs, function requirements, and NIST control mappings.
  • POAM Remediation: Performed evaluation of policies, procedures, security scan results, and system settings in order to address controls that were deemed insufficient during Security Assessment and Authorization (A&A), RMF and continuous monitoring
  • Expertise in National Institute of Standards and Technology Special Publication (NIST SP) documentation: Performed assessments, POAM Remediation, and document creation using FIPS 199, FIPS 200, NIST SP 800-60, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-18, NIST SP 800-30, NIST SP 800-137, NIST SP 800-34, NIST SP 800-37 and NIST SP 800-115.
  • Developed Solution to Security weaknesses: Developed solutions to security weaknesses documented in POAM using tools like Excel Spreadsheets and Trusted Agency FISMA (TAF) and Corrective Action Plan (CAP). Assisted ISSOs create solutions to weaknesses based on system functionality and pre-existing architecture.
  • Perform Scanning: Run port Scanning using tools like Nmap to obtain the list of open/active ports and services; and Vulnerability Scanning using tools like Nessus to identify weaknesses in the software.
  • Review Security Audit Logs: using SIEM tools like Splunk to verify that the Access Control mechanisms are working effectively, and collecting and analyzing large volumes of events from the audit log files
  • Lead and conduct interviews with the system owners, system administrators and other stalk holders during the SCA process and documentation after that.
Confidential, Upper Marlboro, MD

SECURITY ANALYST

Responsibilities:

  • Reviewed and updated system categorization using FIPS 199 /NIST 800-60 vol1/vol2 based on CIA, initial risk assessment, E-authentication, A&A packages, Contingency Plans (CP), privacy impact assessment (PIA) and risk assessment (RA) documents, SSP, SAP/SAR based on NIST SP 800-53, SP 800-53A.
  • Identified systems vulnerabilities, recommended corrective measures and monitored the effectiveness of security controls.
  • Created and tracked POA&M and monitored controls post authorization to ensure compliance with FISMA-based security requirements.
  • Worked with Security team, select Security Controls that applies to systems according to their Categorization using NIST 800-53 Appendix D and their relevant detailed Control requirements and supplemental Guidance from NIST 800-53 Appendix F.
  • Worked with ISSO and security team to implement security controls selected in SSP Using NIST 800-18 as a guide to develop SSP.
  • Worked with ISSO and Security team to access Security Controls selected, in updating SAP, ROE where Vulnerability scanning and penetration testing procedures are included in the assessment, conduct assessment meeting kickoff and security Control meeting with ISSO and System Owner. Assessment finding result be reflexed on the (RTM) or Test case and all weakness noted be reported in our SAR report.
  • Use SIEM tools like Splunk to collect large volumes of events from different security logs, analyze the data by correlating/associating them together to determine the existence and nature of security incidents .I also run the Splunk process using the various components of Splunk Architecture like Universal Forwarder, Heavy Forwarder, Indexer, search head, License Master and Deployment server.
  • Monitoring of Security controls by using NIST 800-137 as a guide by testing a portion one-third of the applicable Security controls annually and performing periodic Vulnerability Scanning.
  • Knowledge of SAN-20 and ISO 27001 Security controls and Mapping with NIST.
  • Hands-on security experience performing C&A (Certification and Accreditation) processes with the following frameworks: Federal Information Security Management Act (FISMA), National Institute of Standards and Technology (NIST 800), & International Organization for Standardization (ISO).
  • Processed vulnerability scanning results and generated Technical Vulnerability Assessment (TVA).
  • Supported SSP and SAR development aligned to EPA security policies, procedures, templates and enterprise security architecture
  • Took meeting minutes for all ST&E and SCAs interviews and create status reports
  • Developed understanding of NIST Risk Management Framework (RMF).
  • Supported SSP, CAAT, CP, ISRA, Draft Test Plan development in relation with CMS.
  • Supported Final SCA packages for delivery to CMS clients

We'd love your feedback!