Information Security Analyst Resume Example Concord Crossroads LLC

INFORMATION SECURITY ANALYST

Summary

A highly driven, detail-oriented and experienced IT professional with thorough knowledge and understanding of FISMA's and Risk Management Framework with strong hands-on experience. Experience includes System Vulnerability scan, monitoring, Auditing; Risk Assessment, Audit Engagements, and Testing Information Technology Controls.

Certifications

CompTIA Security +

EC-Council Certified Ethical Hacker (CEH)

Amazon Web Services Certified Developer - Associate

Certified Information Systems Auditor (CISA) - In Progress

Functional Skills

FISMA, FIPS, FedRAMP, HIPAA and HITRUST, Security Assessment and Authorization (SA&A), NIST Risk Management Framework (RMF), Access Control, Audit and Accountability, Certification and Accreditation, Compliance Testing, Vulnerability Scans, Risk Assessment, Change Management, Configuration Management, Contingency Planning, Policies and Procedures, Implementation Statements, Incident Response, Network Security, System Security Plans, eAuthentication, OMB Circular A-130 Appendix III, OMB A-123, GRC Tools-CSAM/ Archer, NIST 800-53, NIST 800-30, NIST 800-37, NIST 800-34, NIST 800-18, NIST 800-60, NIST 800-53A, NIST 800-39, NIST 800-66, NIST 800-100 and NIST 800-137 FIPS 199 and FIPS 200.

Education and Training

University Of Ghana | | Legon, Accra, GhanaBachelor of Science in Information Technology2007

Skills

Risk mitigation
Reporting and documentation
Risk Assessment/ impact analysis
Regulatory Adherence
Network asset management
Contingency Planning
MS Office
Amazon Web Services

Windows OS
Nessus
Network and system security
UNIX / LINUX
Configuration management
Active Directory
NIST
FISMA

Experience

Concord Crossroads LLC | Montclair, VAInformation Security Analyst10/2016 - Current

Evaluate security assessment documentation and provide written recommendations for security authorization to the AO.
Ensure security assessments are completed for each IS.
Analyzes and update Systems Security Plans (SSPs) based on the National Institute of Standards and Technology (NIST) Special Publications and conduct annual self-assessments.
Initiates a POA&M with identified weaknesses and suspense dates for each IS, based on findings and recommendations from the SAR
Provide support for documentation initiatives as related to System Security Plans, Risk Assessment Plans, Continuity of Operations Plans, Incident Response Plans, and Security Test and Evaluation (ST&E) standards.
Create, oversee, and update policies, information, standards, and guidelines on regular basis.
Conducts comprehensive reviews of security authorization documents to ensure the appropriate NIST security guidelines were used during the assessments and the selections of security controls are relevant to the confidentiality, integrity, and availability of the system.

SPN Solutions Inc. | Arlington, VAInformation Security Analyst09/2014 - 10/2016

Performed Assessment and Authorization efforts under the NIST Risk Management Framework (RMF).
Developed System Security Plans (SSP) for each system to verify that it addresses the minimum SSP framework.
Created assessment reports and tracked remediation activities using Clearwater Analytics.
Developed security standards and best practices for the organization.
Recommended security enhancements to management or senior IT staff.
Developed and reviewed, Security Assessment Plan (SAP) to assess the security controls.
Generated security documentation, including: security assessment reports; system security plans; contingency plans; and disaster recovery plans.
Prepared POA&M; follow up pre-brief meetings with the System Owner, ISSO and other key stakeholders for each system with open POA&M prior to the official follow-up briefs.
Assessed security controls in accordance with the assessment procedures defined in the security assessment plan through examination, interviews, and testing.
Supported the remediation actions to correct assessment findings and develop supporting plan of action and milestone (POA&M) reports and updated System Security Plan.
Analyzed and updated System Security Plan (SSP), Risk Assessment Reports (RAR), Privacy Impact Assessment (PIA), System Security Test and Evaluation (ST&E) and the Plan of Actions and Milestones (POA&M).
Made recommendations to improve security procedures and systems.
Ensured Configuration Management processes are followed to ensure that any changes do not introduce new security risks.

Inova Health System | Falls Church, VAIT Help Desk Support07/2012 - 09/2014

Provided telephone support to over 6000 end users, troubleshooting, diagnosing, resolving, and documenting hardware, software, and network related technical issues.
Assess security control test plans and conducts in-depth security assessment of information systems that evaluate compliance of administrative, physical, technical, and organizational polices and safeguards in order to maintain HIPAA compliance based on office of Civil Right (OCR) protocols, NIST SP 800-66 and 800-53A.
Documented all issues and generated reports detailing common problems and error trends.
Filled in for in-house IT services as needed, installing new desktop systems for developers, project managers, and quality assurance team members.
Created, updated and managed tickets utilizing remedy-ticketing systems.
Escalated issues to the proper help desk associate when necessary and followed up on any escalated issues, all within a timely manner.
Created new user accounts, updated and troubleshooted user accounts and workstations in active directory.

Resume Overview

Companies Worked For:

Concord Crossroads LLC
SPN Solutions Inc.
Inova Health System

School Attended

University Of Ghana

Job Titles Held:

Information Security Analyst
IT Help Desk Support

Degrees

Bachelor of Science in Information Technology

Information Security Analyst Resume Example

Resume Score: 80%

DISCLAIMER

Resume Overview

Create a job alert for [job role title] at [location].

Similar Resumes