LiveCareer-Resume

cybersecurity analyst resume example with 12+ years of experience

Jessica Claire
  • Montgomery Street, San Francisco, CA 94105 609 Johnson Ave., 49204, Tulsa, OK
  • H: (555) 432-1000
  • C:
  • resumesample@example.com
  • Date of Birth:
  • India:
  • :
  • single:
  • :
Professional Summary

Experienced Information Assurance Analyst committed to maintaining cutting edge technical skills and up-to-date industry knowledge. Offering a diverse security background in information security, supporting system control assessments/testing, along with implementing Certification and Accreditation / Security Assessment and Authorization (SA&A) support following the guidelines of NIST, FISMA, Internal Revenue Service (IRS) IRM's, DIACAP and OMB. Assisting in the development of Business Continuity Plan, Continuity of Operations Plan, Disaster Recovery Plans, and Incident Response Plans. In addition, offering a technical background in computer networking, along with Microsoft and Network training. Accompanied by a professional work ethic, strong attention to detail, and an ability to produce top-quality results in deadline driven environments. IT professional with over 7 years of experience developing and implementing security solutions in fast-paced environments. Skilled in • POA&M Management
• FISMA Security Control Assessment • Development of Security Documentations
• FedRAMP Cloud Security Assessment • System Security Plan review and development
• CMMC • System Development Lifecycle
• NIST Special Publication 800-series • Amazon Web Services (AWS)
• Vulnerability Management • Cloud Computing
• Risk Analysis and Assessment • Microsoft Suites and Performed preparation, assessment, reporting, and continuous monitoring for each system identified for assessment and authorization with proven history of delivering exceptional risk management support. Results-driven IT professional with notable success in planning, analysis and implementation of security initiatives. Strengths in providing comprehensive network design and security frameworks. Certified in COMPTIA Security +. Hardworking and passionate job seeker with strong organizational skills eager to secure Cybersecurity position. Ready to help team achieve company goals.

Skills
  • NIST 800 Special Publications
  • 800-53 Rev 3/4
  • 800-37
  • 800-34
  • 800-18
  • FIPS 199/200
  • Risk Management Framework (RMF)
  • Enterprise Continuous Monitoring (eCM)
  • Security Control Assessments (SCA)
  • Certification and Accreditation (C&A)
  • Security Assessment and Authorization (SA&A)
  • DIACAP DoD Directive 8500.1 and 8500.2
  • Policy and Procedure Development
  • Vulnerability Scanning
  • Business Impact Assessment
  • Disaster Recovery
  • Contingency Planning
  • GAO Federal Information System Controls Audit Manual (FISCAM)
  • Windows/Linux
  • Privacy Impact Assessments (PIA)
  • Personally Identifiable Information protection
  • Proposal Development
Work History
CyberSecurity Analyst, 06/2021 - 01/2023
Delaware North Companies Tulsa, OK,
  • SA&A management and support using NIST, OMB and IRS IRM guidance to integrate risk-based security principles throughout the program implementation life cycle for medium-scale systems deployments.
  • Execute SA&A process including pre-certification, certification, accreditation, and post accreditation.
  • Security Control Assessment (SCA) Testing, Enterprise Continuous Monitoring (eCM), Enterprise Continuous Monitoring Reauthorization (eCM-r)
  • RISK MANAGEMENT FRAMEWORK (RMF)
  • Categorized information system and information processed, stored, and transmitted by that system based on impact analysis.
  • Select initial set of baseline security controls for the information system based on security categorization; tailoring and supplementing security control baseline as needed based on organization assessment of risk and local conditions.
  • Implement security controls and document how the controls are deployed within information system and environment of operation.
  • Assess security controls using appropriate procedures to determine the extent to which controls are implemented correctly, operating as intended, and producing desired outcome with respect to meeting security requirements for system.
  • Authorize information system operation based upon determination of the risk to organizational operations and assets, individuals, other organizations and Nation resulting from operation of information system and decision that this risk is acceptable.
  • Monitor and assess selected security controls in information system on ongoing basis including assessing security control effectiveness, documenting changes to the system or environment of operation, conducting security impact analyses of associated changes, and reporting security state of system to appropriate organizational officials.
  • Work with Chief Information Officers (CIO), Information Security Officers (ISO), and Security Administrators to assess system security controls or to define security and functional system requirements. This involves the development of security related documentation to include policy development, procedural testing, risk assessments, Assessment control plans, security requirement definition, and security metrics measurement, to support FISMA / NIST C&A/SA&A activities.
  • Combine pieces of information from the results of system testing to outline general rules or conclusion
  • Characterize the system, as well as organize each security control associated with that system
  • Perform system tests, present implementation recommendations, identify and track vulnerabilities, systems integration, and provide technical advice based on those reviews.
  • Coordination of certification and accreditation activity for project teams.
  • Evaluation of information assurance technologies for application to the projects and systems.
  • Planning and support of security engineering.
  • Policy, procedure, and documentation development
  • Quality control: Standard Operating Procedures (SOPs), SCA Testing, NIST/IRM Module Development
  • Implemented company policies, technical procedures and standards for preserving the integrity and security of data, reports and access.
  • Recommended network security standards to management.
  • Proposal development
  • Consistently met deadlines and requirements for all production work orders.
Information Assurance Analyst, 10/2012 - 06/2021
Caci International Inc. Newington, VA,

Supported the IRS Affordable Care Act (ACA) Information System (IS), ACA Information Returns (AIR) application, and the Affordable Care Act (ACA) Verification Service (AVS) application.

Responsibilities:

  • SA&A management and support using NIST, OMB and IRS IRM guidance to integrate risk-based security principles throughout the program implementation life cycle for medium-scale systems deployments.
  • Execute SA&A process including pre-certification, certification, accreditation, and post accreditation. Conducted Security Control Assessments
  • Supporting RISK MANAGEMENT FRAMEWORK (RMF)
  • Categorize the information system and the information processed, stored, and transmitted by that system based on an impact analysis (1).
  • Select an initial set of baseline security controls for the information system based on the security categorization; tailoring and supplementing the security control baseline as needed based on organization assessment of risk and local conditions (2).
  • Implement the security controls and document how the controls are deployed within the information system and environment of operation. Assess the security controls using appropriate procedures to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system (3).
  • Authorize information system operation based upon a determination of the risk to organizational operations and assets, individuals, other organizations and the Nation resulting from the operation of the information system and the decision that this risk is acceptable (4).
  • Monitor and assess selected security controls in the information system on an ongoing basis including assessing security control effectiveness, documenting changes to the system or environment of operation, conducting security impact analyses of the associated changes, and reporting the security state of the system to appropriate organizational officials
  • Worked with Chief Information Officers (CIO), Information Security Officers (ISO), and Security Administrators to assess system security controls or to define security and functional system requirements. This involves the development of security related documentation to include policy development, procedural testing, risk assessments, ST&E plans, security requirement definition, and security metrics measurement, to support FISMA / NIST C&A/SA&A,activities.
  • Combine pieces of information from the results of system testing to outline general rules or conclusion Characterize the system, as well as organize each security control associated with that system Perform system tests, present implementation recommendations, identify and track vulnerabilities, systems integration, and provide technical advice based on those reviews.
  • Coordination of assessment activity for project teams. Evaluation of information assurance technologies for application to the projects and systems.
  • Planning and support of security engineering.
  • Development of System Security Plan (SSP), Information System Audit Plan, Security Control requirements for Moderate Information Established compatibility with third party software products by developing program for modification and integration.
Information Systems Security Officer (ISSO), 08/2009 - 05/2012
Bae Systems Fort Gordon, GA,

Supported Certification and Accreditation (C&A) and security engineering activities for Bank of New York Melon and government clients, Housing of Urban Development (HUD).

Responsibilities:

  • Obtaining and managing security certification and accreditation of systems, networks, and sites.
  • Support using FISMA, , FIPS 199/200, NIST SP 800 Series, and FISMA guidance
  • Execute C&A process including pre-certification, certification, accreditation, and post accreditation (continuous monitoring).
  • Risk Management Framework - Identifying threat likelihood and impact analysis. Vulnerability scanning.
  • Financial Auditing using OMB A-123 guidance
  • SCAP expressed checklist used /needed for GSS’s or a system’s life cycle.
  • Managing and leading efforts in the review, application, and maintenance of information assurance policies and procedures.
  • Review and maintenance of certification plans and accreditation documentation.
  • Performing security, analyses and risk/vulnerability assessments.
  • Support clients using Nessus
  • SCAP validation products used to support clients: Tenable’s Nessus, DISA gold disk, and multiple Symantec applications.
  • Conducting security tests and evaluations.
  • SCAP Data Loss Prevention (DLP) while working with Bank of New York. Mellon
  • SCAP Data Loss Prevention (DLP) while working with Ginnie Mae.
  • Utilizing NIST SP 800-53 Rev. 3 and evaluating auditing tools; firewall and switch configurations, intrusion detection applications, and media control.
  • Visualize how the agency protected paper trails, backups (do they use the correct storage or third party vendors such as Iron Mountain), and all hardware that contains sensitive data.
  • Coordination of certification and accreditation activity for project teams.
  • Evaluation of information assurance technologies for application to the projects and systems.
  • Planning and support of security engineering.
  • Policy, procedure, and documentation development:BCP, DRP, IRP, and COOP development
Education
Bachelor of Science: Computer Science, Expected in 12/2009
-
UNIVERSITY OF GHANA - GHANA,
GPA:
Status -
Certifications
  • CompTIA Security Plus
  • Secret Clearance in Progress
,

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • UNIVERSITY OF GHANA

Job Titles Held:

  • CyberSecurity Analyst
  • Information Assurance Analyst
  • Information Systems Security Officer (ISSO)

Degrees

  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: