cybersecurity analyst resume example with 11+ years of experience

(555) 432-1000,
, , 100 Montgomery St. 10th Floor

Cybersecurity Analyst with hands-on experience planning, development, and implementation of technical controls, to help build a cyber resilient organization. Interested in a Cybersecurity position where I can expand my experience and NIST 800-53, NIST 800-171, DFARs, and Jessica requirements.

  • Tenable Nessus
Education and Training
California State University – Northridge , Expected in Bachelor of Science : Accounting And Business Management - GPA :
  • Certified Information Systems Auditor (CISA) (200634)
  • Jessica Professional (CCP) Training Program (Completed 2022)
  • CCP Examination (In Progress)
Constellation West - Cybersecurity Analyst
Offutt Air Force Base, NE, 06/2018 - Current
  • Knowledgeable on NIST Cybersecurity Framework and how the Identify, Protect, Detect, Respond, and Recover as a basis of developing and evaluating cybersecurity program for compliance
  • Assessed cybersecurity risk using NIST SP 800-30 methodology focusing on threat type, business impact, and financial impact for management to make informed decisions
  • Leveraged NIST 800-53 Framework to develop cybersecurity programs
  • Spearheaded the first Jessica Readiness review to assess the effectiveness of controls and their compliance with the Jessica Level 2 requirements
  • Mapped ISSP controls to NIST SP 800-171, identified control gaps and deficiencies, provided remediation guidelines in preparation for Jessica review
  • Developed roadmap to track Plan Of Action with Milestones (POAM) to meet scheduled completion date
  • Present assessment results to management with realistic and actionable roadmap to towards compliance
  • Developed data flows to identify the flow of regulated data (FCI/CUI)
  • Used network segmentation techniques to isolate Controlled Unclassified Information (CUI) reducing Jessica scope and certification boundary by 25%
  • Fostered the implementation of "zero trust" end to end encryption to mitigate business risk
  • Performed vulnerability assessments to provide information to improve threat mitigation
  • Evaluated the implementation of Splunk as the primary tool for network defense
  • Reviewed Tabletop Exercises, and Penetration Tests to reduce ransomware risks and recovery measures
  • Updated computer security policies and procedures upon learning of new risks.
Aramark Corporation - Senior IT Auditor
Saint Charles, MO, 07/2017 - 06/2018
  • Executed threat modeling exercises to determine higher likelihood threat events
  • Developed and implemented strategies necessary for minimizing risk of non-compliance
  • Performed Operational Readiness Assessments to identify potential risks prior to project implementation
  • Developed policies and procedures to ensure confidentiality, integrity, and availability of IT systems
  • Single point-of-contact for IT SOX Controls for Space Systems division
  • Reduced audit fees by $17,00 by independently testing SOX control for compliance
  • Organized weekly meetings with sector managers and external auditors to address potential issues and discuss remediation plans
  • Executed information systems, operational, and compliance audits of system security and internal controls
  • Accessed risks and control requirements on newly deployed systems
  • Audited SAP, Oracle, and other major ERP systems, identifying operational inefficiencies and providing enhancement and improvement recommendations to senior management for use in strategic infrastructure planning
  • Collaborated to develop database to track 2,500+ AMD patents reducing exposure of Intellectual Property
  • Reviewed the Disaster Recovery Plan and Business Impact Analysis (BIA) to ensure business continuity
  • Reviewed applicable controls and providing guidance to comply with RMF requirements.
Aramark Corporation - Senior IT Auditor
Santa Clara, CA, 08/2008 - 11/2014
  • Conducted technical and infrastructure audits for all global divisions, managing multiple client engagements in Europe, Asia, North, and Latin America
  • As team lead, coordinated audit activities including scheduling, scoping, fieldwork, and audit reports
  • Audited 50+ systems and applications to ensure infrastructure environment and related systems deliver secure and reliable information
  • Developed Information Security policy to establish authorized access management and authenticator management for internal and third-party personnel
  • Ensured policy documents are aligned with business objectives, implementable and practical for compliance
  • Reduced fieldwork level of effort by 30%, using process flowcharts to facilitate an understanding of business processes, control points, and potential high-risk areas
  • Developed customized role assignment matrix to enforce the "principle of least privilege" (POLP), limiting access to sensitive data
  • Prevented scope creep and budget overruns on projects by enforcing clearly defined project scope, open lines of communication, and time tracking
  • Trained other team members to develop audit programs and lead audits
  • Revamped the new employee on-boarding SharePoint site to facilitate seamless on-boarding experience allowing new hires engage and contribute to the team more quickly
  • Audited SAP, Oracle, and other major ERP systems, identifying operational inefficiencies and providing enhancement and improvement recommendations to senior management for use in strategic infrastructure planning.
  • Technical proficiencies
  • Operations: WINDOWS AND LINUX
  • Software Languages: SQL
  • Software/Tools: Microsoft, VMware, Workday, Workiva, Kronos, Teammate, Archer GRC, Hyperion PeopleSoft, JD Edwards, SAP, Deltek Costpoint, and Cognos
  • Databases: SQL Server, IBM DB2, Oracle, Microsoft Access
Additional Information
  • Systems , Clearance - Current TS/SCI Clearance - Active DoD Top Secret Clearance

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • California State University – Northridge

Job Titles Held:

  • Cybersecurity Analyst
  • Senior IT Auditor
  • Senior IT Auditor


  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: