Sr. Rsa Archer Sme Resume
2.00/5 (Submit Your Rating)
PROFESSIONAL EXPERIENCE
Confidential
Sr. RSA Archer SME
Responsibilities:
- Implemented advanced workflow security incident intake process to automate incident submission from agency bureaus to US - CERT meeting the federal incident notification guideline requirement
- Developed security assessments to generate automated findings
- Established data feed connection between bureau security information management systems to Archer platform
- Established record permissions for the organizational hierarchy and inherited permissions through enterprise applications based on bureau automatic record permissions
- Compiled reports into bureau and agency specific dashboards iViews
- Consulted with agency to build roadmaps for program guidance related to the ESOC
- Implemented Policy Governance process to automate workflows for policy review and change request related to policies, control standards and control procedures
- Established organizational hierarchy to create record permissions within the agency, bureau operating units and department offices to inherit across applications referencing an impacted area
Confidential
Sr. RSA Archer Developer
Responsibilities:
- Utilized RSA Archer platform to support Continuous Monitoring and diagnostics program
- Assisted with development and design of ODA’s and core applications to support Continuous diagnostics and monitoring program
- Implemented data driven events and advanced workflow questionnaires for CDM assessment workflows
- Implemented Cross References between applications to associate relationships to CDM records
- Created Data Driven Events for conditional layouts, notifications, date and time triggers and set values based on record content
Confidential
Information Security Analyst
Responsibilities:
- Responsible for developing, implementing and monitoring risk-based programs to identify, assess and mitigate any operational risk that arises from inadequate or failed internal processes, people, systems or external events
- Consulted with business to develop corrective action plans for risk remediation related to security incidents
- Identified appropriate security controls based on risk and business impact for enterprise and vendor assets
- Evaluated network diagrams to determine vulnerabilities and lack of security controls between network transmissions in a relevant data set
- Determine GLBA relevant assets based on questionnaire responses
- Evaluate the adequacy and effectiveness of IT controls, policies, procedures, processes, initiatives, products and identified issues resulting from internal or external examinations
- Review effectiveness of SOX controls by running vulnerability scans of the environment to provide evidence of any ineffective general, internal or external controls