SEARCH

Cybersecurity Analyst Resume Example

Resume Score: 80%

Love this resume?Build Your Own Now
BN
CYBERSECURITY ANALYST
Professional Summary

Information Security Analyst with experience across full information systems lifecycle. Highly skilled in FISMA compliance, A&A process, to include DoD and federal RMF . Self-motivated and deadline-oriented with track record of on-time deliverables.

Skills
  • A&A process support/submission
  • Review/develop A&A documentation
  • Vulnerability Assessment
  • Project Management and Support
  • Continuous Monitoring and Risk Scoring tool
  • IAVM
  • POAM Remediation
  • Proficient with IAVM/IAVA, eMASS, STIG/SRG, and HBSS ePO
Work History
05/2020 to CurrentCybersecurity AnalystCompany Name | City, State
  • Conducted security audits to identify vulnerabilities.
  • Recommend improvements in security systems and procedures.
  • Created spreadsheets using for tracking IAVM/IAVA weekly and monthly reporting.
  • Collaborate with multiple stakeholders, ISSM and SCA to accomplish tasks.
  • Provides support to the Defense Information Systems Agency (DISA) to ensure categorization of Information System (IS), selection of the baseline security controls, implementation of security controls, assessment of security controls, authorization of IS, and continuous monitoring of the IS.
  • Identified, developed coordination with applicable experts, and incorporate common artifacts found in RMF authorization package such as system architecture and boundaries, hardware and software inventories, risk assessment reports, POA&Ms, data flows, COOP, PPSM accounting, and other necessary system, network, and application documentation.
  • Support a Program of Record through a full security assessment and achieve an ATO.
  • Assess threats to the environment using tools such as ACAS, HBSS for performing vulnerability scans and monitoring networks and systems.
  • Proficient with eMASS, IAVM/IAVA, DTO, ATO package, STIG SRG, SCAP, and developing A&A artifacts.
04/2019 to 03/2020Information Assurance AnalystCompany Name | City, State
  • Performed Security Categorization (FIPS 199), Privacy Threshold Analysis (PTA), E-Authentication with business owners selected stakeholders.
  • Develop, review and update Information Security System Policies, System Security Plans (SSP), and Security baselines in accordance with NIST standards, FISMA requirements, OMB III A-130, and industry best security practices
  • Develop and conduct ST&E (Security Test and Evaluation) according to NIST SP 800-53A.
  • Work with business process owners to ensure timely identification and remediation of jointly owned risk related issues and action plans.
  • Networks to maintain an acceptable system security posture throughout the lifecycle of multiple national level mission system. Perform compliance reviews, tracking, and continuous monitoring of newly submitted C&A packages.
  • Served on a team of information security professionals in the development of security policies, procedures, and security certification & accreditation (C&A) packages for a variety of commercial and government activities worldwide.
  • Assisted with review of policy, security alerts, guidance, regulations and technical advances in IT Security Management
  • Contributed to initiating FISMA metrics such as Annual Testing, POA&M Management, and Program Management.
    .
09/2017 to 02/2019Information Security Analyst (Apprenticeship)Company Name | City, State
  • Trained by security contractors to prepare Assessment and Authorization (A&A) package for reviews using the six steps Risk Management Framework Process (RMF).
  • Created and tracked Plan of Action and Milestones (POA&M) of all risks and upon completion of Security Control Assessment (SCA) exercises and documented in system security plan (SSP).
  • Developed and reviewed system security artifacts such as contingency plans (CP), incident response plans (IRP), privacy impact assessments (PIA), MOUs/ISAs and risk assessment (RA) documents for compliance with NIST 800 guidelines and agency's security requirements.
  • Monitoring controls post authorization to ensure continuous compliance with the security requirements by evaluating threats and vulnerabilities through Nessus scan results and work with the IT staff for mitigation actions.
  • Developed and updated Authorization to Operate (ATO) packages such as the SSPs, SAR and POA&Ms for information systems to ensure they are in compliance with organization's information security requirements.
  • ·Conduct the ST&E Kick-off Meeting and populate the Requirements Traceability Matrix (RTM) according to NIST SP 800-53A.
  • Review implementation statements and supporting evidence of security controls as to determine if the systems are currently meeting the requirements and provide findings/suggested mitigations to stakeholders.
  • Demonstrated ability to review and edit draft security artifacts as assigned to ensure compliance with SA&A, and FISMA
  • Communicated effectively through written and verbal means to co-workers, subordinates and senior leadership.
  • Maintained compliance with DoD standards to perform all compliance activities.
06/2015 to 08/2017IT AdministratorCompany Name | City, State
  • Provided support for various hardware, software and equipment issues and problems, as well as service or maintenance for server equipment and systems.
  • Coordinated with outside vendor technical support to resolve operation issues.
  • Implemented and maintained technology policies and training for end users; ensure they are performing properly; analyzes, troubleshoots data or performance issues.
  • Conducted network asset management functions, including maintenance of network component inventory.
  • Analyzed system/application usage; recommends, schedules and performs software installations and configuration.
  • Added/removed new and existing end user accounts; administers exchange email system; installs configures and initiates exchange servers; provides on call support for end users.
  • Maintained network hardware, applications, security, and network configurations.
Education
Expected in 10/2021Bachelor of Science | Computer Network And CybersecurityUniversity Of Maryland Global Campus, City
Certifications
  • CISA - Certified Information Systems Auditor
  • CompTIA Security+
  • Scrum Master Certified
  • A+
  • CAP (in progress)
Build Your Own Now

DISCLAIMER

Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.

Resume Overview

School Attended

  • University Of Maryland Global Campus

Job Titles Held:

  • Cybersecurity Analyst
  • Information Assurance Analyst
  • Information Security Analyst (Apprenticeship)
  • IT Administrator

Degrees

  • Expected in 10/2021 Bachelor of Science | Computer Network And Cybersecurity

Similar Resumes

View All
Cybersecurity-Analyst-resume-sample

Cybersecurity Analyst

Compton, California