SEARCH

Information Security Analyst Resume Example

Love this resume?Build Your Own Now
INFORMATION SECURITY ANALYST
Summary

Highly driven, detail-oriented, and experienced IT professional with thorough knowledge and understanding of FISMA, Risk Management Framework and information Assurance with strong hands-on experience. Experience includes System monitoring, Auditing, Risk Assessment, Audit Engagements, Testing Information security Controls and cybersecurity.

Certifications

CompTIA Security +

EC-Council Certified Ethical Hacker (CEH)

AWS Certified Developer - Associate

AWS Certified Solutions Architect - Associate

AWS Certified Security - Specialty

ITIL V4 Foundation Certificate in IT Service Management

Certified Information Systems Auditor (CISA)

Functional Skills

FISMA, FIPS, HIPAA and HITRUST, Security Assessment and Authorization (SA&A), NIST Risk Management Framework (RMF), Access Control, Audit and Accountability, Certification and Accreditation, Compliance Testing, Risk Assessment, Change Management, Configuration Management, Contingency Planning, Policies and Procedures, Implementation Statements, Incident Response, Network Security, System Security Plans, eAuthentication, STIG, OMB Circular A-130 Appendix III, OMB A-123, GRC Tools-CSAM/ Archer, NIST 800-53, NIST 800-30, NIST 800-37, NIST 800-34, NIST 800-18, NIST 800-60, NIST 800-53A, NIST 800-171, NIST 800-39, NIST 800-66, NIST 800-100 and NIST 800-137 FIPS 199 and FIPS 200.

Skills
  • Reporting and documentation
  • Contingency Planning
  • Nessus
  • Information Systems
  • Regulatory Adherence
  • Windows OS
  • NIST
  • FISMA
  • RMF
  • Information Security
  • Risk Mitigation
  • Amazon Web Services
  • Configuration Management
  • Risk Assessment/ Impact Analysis
  • MS Office (MS Excel, Word, PowerPoint)
  • Network and System security
  • Customer Service
Education and Training
June 2020
Western Governors UniversityCity, StateBachelor of Science: Cybersecurity And Information Assurance
Experience
August 2017
to
Current
Hd SupplyLas Vegas , NVInformation Security Analyst
  • Evaluate security assessment documentation and provide written recommendations for security authorization to the AO.
  • Conducts comprehensive reviews of security authorization documents to ensure the appropriate NIST security guidelines were used during the assessments and the selections of security controls are relevant to the confidentiality, integrity, and availability of the system.
  • Develop deliverables associated with a FISMA security package including, but not limited to: System Security Plan (SSP), Information System Contingency Plan (ISCP), Incident Response Plan (IRP), Continuous Monitoring Plan, and RTM.
  • Performs Security Control assessment using NIST 800-53A guidance and as per continuous monitoring requirements.
  • Ensure security assessments are completed for each IS.
  • Analyzes and update Systems Security Plans (SSPs) based on NIST Special Publications and conduct annual self-assessments.
  • Uploads Plan of Actions & Milestones (POA&Ms) into CSAM and validate artifacts provided to remediate.
  • Initiates a POA&M with identified weaknesses and suspense dates for each IS, based on findings and recommendations from the SAR.
  • Provide support for documentation initiatives as related to System Security Plans (SSP), Security Assessment Plans (SAR), Continuity of Operations Plans (COP), Incident Response Plans (IRP), and Security Test and Evaluation (ST&E) standards.
  • Create, oversee, and update policies, information, standards, and guidelines on a regular basis.
  • Worked closely with clients for the duration of projects.
  • Maintains a central repository and up-to-date tracking report of information and official files for all information systems and enterprise-wide audits.
  • Ensure that the information systems are built with security in mind.
August 2013
to
August 2017
Hd SupplyLaurel , MDInformation Security Analyst
  • Ensured proper system categorization using NIST 800-60 and FIPS 199.
  • Selected and implemented appropriate security controls for information system based on NIST NIST 800-53 rev 4 and FIPS 200.
  • Developed system Security Plans (SSPs) to provide an overview of information system requirements and described the controls implemented meet these requirements.
  • Reviewed and updated POA&Ms in CSAM tool. Worked with system Administrators to resolve POA&Ms, gathering artifacts, and also created mitigation memos and corrective action plans to assist in closure of POA&Ms.
  • Guided System Owners and system teams through the ATO process, using NIST 800-37.
  • Created, reviewed and updated Incident Response Plans (IRPs), Security Assessment Plans (SAR), Contingency Plan (CP) and POA&M for approval by the Authorization Official.
  • Analyzed and updated System Security Plan (SSP), Risk Assessment Reports (RAR), Privacy Impact Analysis (PIA), System Security Test & Evaluation (ST&E), and POA&M.
  • Conducted Contingency Plan tests using the table top and/ or functional method at least annually and updated the plan.
  • Ensured configuration management processes are followed to ensure that any changes do not introduce new security risks.
June 2010
to
August 2013
Cu*Answers, Inc.Las Vegas , NVIT Help Desk Support
  • Provided telephone support to over 6000 end-users, troubleshooting, diagnosing, resolving, and documenting hardware, software, and network-related technical issues.
  • Maintain an inventory and database of IT related assets, including hardware, software, and peripherals.
  • Documented all issues and generated reports detailing common problems and error trends.
  • Managed client antivirus and anti-spam tools.
  • Filled in for in-house IT services as needed, installing new desktop systems for developers, project managers, and quality assurance team members.
  • Created, updated and managed issued tickets utilizing remedy-ticketing systems.
  • Escalated issues to the proper help desk associate when necessary and followed up on any escalated issues, all within a timely manner.
  • Created new user accounts, updated and troubleshooted user accounts and workstations in active directory.
  • Assisted in technical support process refinement to improve customer service and support.
  • Consulted via telephone to understand user problems, run through testing scripts and ask probing questions to locate root causes.
  • Configured new employee work stations, including all hardware, software and peripheral devices.
Build Your Own Now

DISCLAIMER

Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.

How this resume score could be improved?

Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:

84Good
Resume Strength
  • Word choice
  • Length

Resume Overview

School Attended

  • Western Governors University

Job Titles Held:

  • Information Security Analyst
  • IT Help Desk Support

Degrees

  • Bachelor of Science : Cybersecurity And Information Assurance

Similar Resumes

View All
Information-Security-Analyst-resume-sample

Information Security Analyst

Pearson

Troy , MI