Information Security Analyst resume example with 11 years of experience

Jessica Claire
, , 609 Johnson Ave., 49204, Tulsa, OK 100 Montgomery St. 10th Floor
Home: (555) 432-1000 - Cell: - - -

Highly driven, detail-oriented, and experienced IT professional with thorough knowledge and understanding of FISMA, Risk Management Framework and information Assurance with strong hands-on experience. Experience includes System monitoring, Auditing, Risk Assessment, Audit Engagements, Testing Information security Controls and cybersecurity.


CompTIA Security +

EC-Council Certified Ethical Hacker (CEH)

AWS Certified Solutions Architect - Associate

AWS Certified Security - Specialty

ITIL V4 Foundation Certificate in IT Service Management

Certified Information Systems Auditor (CISA)

Functional Skills

FISMA, FIPS, HIPAA and HITRUST, Security Assessment and Authorization (SA&A), NIST Risk Management Framework (RMF), Access Control, Audit and Accountability, Certification and Accreditation, Compliance Testing, Risk Assessment, Change Management, Configuration Management, Contingency Planning, Policies and Procedures, Implementation Statements, Incident Response, Network Security, System Security Plans, eAuthentication, STIG, OMB Circular A-130 Appendix III, OMB A-123, GRC Tools-CSAM/ Archer, NIST 800-53, NIST 800-30, NIST 800-37, NIST 800-34, NIST 800-18, NIST 800-60, NIST 800-53A, NIST 800-171, NIST 800-39, NIST 800-66, NIST 800-100 and NIST 800-137 FIPS 199 and FIPS 200.

  • Reporting and documentation
  • Contingency Planning
  • Nessus
  • Information Systems
  • Regulatory Adherence
  • Windows OS
  • NIST
  • RMF
  • Information Security
  • Risk Mitigation
  • Amazon Web Services
  • Configuration Management
  • Risk Assessment/ Impact Analysis
  • MS Office (MS Excel, Word, PowerPoint)
  • Network and System security
  • Customer Service
Education and Training
Expected in 06/2020
Bachelor of Science: Cybersecurity And Information Assurance
Western Governors University - Salt Lake City, UT
08/2017 to Current
Information Security Analyst Hd Supply Las Vegas, NV,
  • Evaluate security assessment documentation and provide written recommendations for security authorization to the AO.
  • Conducts comprehensive reviews of security authorization documents to ensure the appropriate NIST security guidelines were used during the assessments and the selections of security controls are relevant to the confidentiality, integrity, and availability of the system.
  • Develop deliverables associated with a FISMA security package including, but not limited to: System Security Plan (SSP), Information System Contingency Plan (ISCP), Incident Response Plan (IRP), Continuous Monitoring Plan, and RTM.
  • Performs Security Control assessment using NIST 800-53A guidance and as per continuous monitoring requirements.
  • Ensure security assessments are completed for each IS.
  • Analyzes and update Systems Security Plans (SSPs) based on NIST Special Publications and conduct annual self-assessments.
  • Uploads Plan of Actions & Milestones (POA&Ms) into CSAM and validate artifacts provided to remediate.
  • Initiates a POA&M with identified weaknesses and suspense dates for each IS, based on findings and recommendations from the SAR.
  • Provide support for documentation initiatives as related to System Security Plans (SSP), Security Assessment Plans (SAR), Continuity of Operations Plans (COP), Incident Response Plans (IRP), and Security Test and Evaluation (ST&E) standards.
  • Create, oversee, and update policies, information, standards, and guidelines on a regular basis.
  • Worked closely with clients for the duration of projects.
  • Maintains a central repository and up-to-date tracking report of information and official files for all information systems and enterprise-wide audits.
  • Ensure that the information systems are built with security in mind.
08/2013 to 08/2017
Information Security Analyst Hd Supply Laurel, MD,
  • Ensured proper system categorization using NIST 800-60 and FIPS 199.
  • Selected and implemented appropriate security controls for information system based on NIST NIST 800-53 rev 4 and FIPS 200.
  • Developed system Security Plans (SSPs) to provide an overview of information system requirements and described the controls implemented meet these requirements.
  • Reviewed and updated POA&Ms in CSAM tool. Worked with system Administrators to resolve POA&Ms, gathering artifacts, and also created mitigation memos and corrective action plans to assist in closure of POA&Ms.
  • Guided System Owners and system teams through the ATO process, using NIST 800-37.
  • Created, reviewed and updated Incident Response Plans (IRPs), Security Assessment Plans (SAR), Contingency Plan (CP) and POA&M for approval by the Authorization Official.
  • Analyzed and updated System Security Plan (SSP), Risk Assessment Reports (RAR), Privacy Impact Analysis (PIA), System Security Test & Evaluation (ST&E), and POA&M.
  • Conducted Contingency Plan tests using the table top and/ or functional method at least annually and updated the plan.
  • Ensured configuration management processes are followed to ensure that any changes do not introduce new security risks.
06/2010 to 08/2013
IT Help Desk Support Cu*Answers, Inc. Las Vegas, NV,
  • Provided telephone support to over 6000 end-users, troubleshooting, diagnosing, resolving, and documenting hardware, software, and network-related technical issues.
  • Maintain an inventory and database of IT related assets, including hardware, software, and peripherals.
  • Documented all issues and generated reports detailing common problems and error trends.
  • Managed client antivirus and anti-spam tools.
  • Filled in for in-house IT services as needed, installing new desktop systems for developers, project managers, and quality assurance team members.
  • Created, updated and managed issued tickets utilizing remedy-ticketing systems.
  • Escalated issues to the proper help desk associate when necessary and followed up on any escalated issues, all within a timely manner.
  • Created new user accounts, updated and troubleshooted user accounts and workstations in active directory.
  • Assisted in technical support process refinement to improve customer service and support.
  • Consulted via telephone to understand user problems, run through testing scripts and ask probing questions to locate root causes.
  • Configured new employee work stations, including all hardware, software and peripheral devices.

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • Western Governors University

Job Titles Held:

  • Information Security Analyst
  • Information Security Analyst
  • IT Help Desk Support


  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: