Information Security Analyst resume example with 11 years of experience
(555) 432-1000 - - resumesample@example.com - -
Highly driven, detail-oriented, and experienced IT professional with thorough knowledge and understanding of FISMA, Risk Management Framework and information Assurance with strong hands-on experience. Experience includes System monitoring, Auditing, Risk Assessment, Audit Engagements, Testing Information security Controls and cybersecurity.
CompTIA Security +
EC-Council Certified Ethical Hacker (CEH)
AWS Certified Solutions Architect - Associate
AWS Certified Security - Specialty
ITIL V4 Foundation Certificate in IT Service Management
Certified Information Systems Auditor (CISA)
FISMA, FIPS, HIPAA and HITRUST, Security Assessment and Authorization (SA&A), NIST Risk Management Framework (RMF), Access Control, Audit and Accountability, Certification and Accreditation, Compliance Testing, Risk Assessment, Change Management, Configuration Management, Contingency Planning, Policies and Procedures, Implementation Statements, Incident Response, Network Security, System Security Plans, eAuthentication, STIG, OMB Circular A-130 Appendix III, OMB A-123, GRC Tools-CSAM/ Archer, NIST 800-53, NIST 800-30, NIST 800-37, NIST 800-34, NIST 800-18, NIST 800-60, NIST 800-53A, NIST 800-171, NIST 800-39, NIST 800-66, NIST 800-100 and NIST 800-137 FIPS 199 and FIPS 200.
|
|
Western Governors University - Salt Lake City, UT
- Evaluate security assessment documentation and provide written recommendations for security authorization to the AO.
- Conducts comprehensive reviews of security authorization documents to ensure the appropriate NIST security guidelines were used during the assessments and the selections of security controls are relevant to the confidentiality, integrity, and availability of the system.
- Develop deliverables associated with a FISMA security package including, but not limited to: System Security Plan (SSP), Information System Contingency Plan (ISCP), Incident Response Plan (IRP), Continuous Monitoring Plan, and RTM.
- Performs Security Control assessment using NIST 800-53A guidance and as per continuous monitoring requirements.
- Ensure security assessments are completed for each IS.
- Analyzes and update Systems Security Plans (SSPs) based on NIST Special Publications and conduct annual self-assessments.
- Uploads Plan of Actions & Milestones (POA&Ms) into CSAM and validate artifacts provided to remediate.
- Initiates a POA&M with identified weaknesses and suspense dates for each IS, based on findings and recommendations from the SAR.
- Provide support for documentation initiatives as related to System Security Plans (SSP), Security Assessment Plans (SAR), Continuity of Operations Plans (COP), Incident Response Plans (IRP), and Security Test and Evaluation (ST&E) standards.
- Create, oversee, and update policies, information, standards, and guidelines on a regular basis.
- Worked closely with clients for the duration of projects.
- Maintains a central repository and up-to-date tracking report of information and official files for all information systems and enterprise-wide audits.
- Ensure that the information systems are built with security in mind.
- Ensured proper system categorization using NIST 800-60 and FIPS 199.
- Selected and implemented appropriate security controls for information system based on NIST NIST 800-53 rev 4 and FIPS 200.
- Developed system Security Plans (SSPs) to provide an overview of information system requirements and described the controls implemented meet these requirements.
- Reviewed and updated POA&Ms in CSAM tool. Worked with system Administrators to resolve POA&Ms, gathering artifacts, and also created mitigation memos and corrective action plans to assist in closure of POA&Ms.
- Guided System Owners and system teams through the ATO process, using NIST 800-37.
- Created, reviewed and updated Incident Response Plans (IRPs), Security Assessment Plans (SAR), Contingency Plan (CP) and POA&M for approval by the Authorization Official.
- Analyzed and updated System Security Plan (SSP), Risk Assessment Reports (RAR), Privacy Impact Analysis (PIA), System Security Test & Evaluation (ST&E), and POA&M.
- Conducted Contingency Plan tests using the table top and/ or functional method at least annually and updated the plan.
- Ensured configuration management processes are followed to ensure that any changes do not introduce new security risks.
- Provided telephone support to over 6000 end-users, troubleshooting, diagnosing, resolving, and documenting hardware, software, and network-related technical issues.
- Maintain an inventory and database of IT related assets, including hardware, software, and peripherals.
- Documented all issues and generated reports detailing common problems and error trends.
- Managed client antivirus and anti-spam tools.
- Filled in for in-house IT services as needed, installing new desktop systems for developers, project managers, and quality assurance team members.
- Created, updated and managed issued tickets utilizing remedy-ticketing systems.
- Escalated issues to the proper help desk associate when necessary and followed up on any escalated issues, all within a timely manner.
- Created new user accounts, updated and troubleshooted user accounts and workstations in active directory.
- Assisted in technical support process refinement to improve customer service and support.
- Consulted via telephone to understand user problems, run through testing scripts and ask probing questions to locate root causes.
- Configured new employee work stations, including all hardware, software and peripheral devices.
By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy
Your data is safe with us
Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.
Resume Overview
School Attended
- Western Governors University
Job Titles Held:
- Information Security Analyst
- Information Security Analyst
- IT Help Desk Support
Degrees
- Bachelor of Science
By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy