SEARCH

Information Security Analyst Resume Example

Resume Score: 80%

Love this resume?Build Your Own Now
INFORMATION SECURITY ANALYST
Summary

Highly driven, detail-oriented, and experienced IT professional with thorough knowledge and understanding of FISMA's and Risk Management Framework with strong hands-on experience. Experience includes System monitoring, Auditing; Risk Assessment, Audit Engagements, and Testing Information security Controls.

Certifications

CompTIA Security +

EC-Council Certified Ethical Hacker (CEH)

AWS Certified Developer - Associate

AWS Certified Solutions Architect - Associate

AWS Certified Security - Specialty

ITIL V4 Foundation Certificate in IT Service Management

Certified Information Systems Auditor (CISA)

Functional Skills

FISMA, FIPS, HIPAA and HITRUST, Security Assessment and Authorization (SA&A), NIST Risk Management Framework (RMF), Access Control, Audit and Accountability, Certification and Accreditation, Compliance Testing, Risk Assessment, Change Management, Configuration Management, Contingency Planning, Policies and Procedures, Implementation Statements, Incident Response, Network Security, System Security Plans, eAuthentication, STIG, OMB Circular A-130 Appendix III, OMB A-123, GRC Tools-CSAM/ Archer, NIST 800-53, NIST 800-30, NIST 800-37, NIST 800-34, NIST 800-18, NIST 800-60, NIST 800-53A, NIST 800-171, NIST 800-39, NIST 800-66, NIST 800-100 and NIST 800-137 FIPS 199 and FIPS 200.

Education and Training
2007
University Of GhanaLegon, Accra, GhanaBachelor of Science: Information Technology
Skills
  • Reporting and documentation
  • Risk Mitigation
  • Contingency Planning
  • Amazon Web Services
  • Nessus
  • Configuration Management
  • Information Systems
  • Risk Assessment/ Impact Analysis
  • Regulatory Adherence
  • MS Office (MS Excel, Word, PowerPoint)
  • Windows OS
  • Network and System security
  • NIST
  • Customer Service
    • Experience
    August 2017
    to
    Current
    Concord Crossroads LLCDumfires, VAInformation Security Analyst
    • Evaluate security assessment documentation and provide written recommendations for security authorization to the AO.
    • Conducts comprehensive reviews of security authorization documents to ensure the appropriate NIST security guidelines were used during the assessments and the selections of security controls are relevant to the confidentiality, integrity, and availability of the system.
    • Performs Security Control assessment using NIST 800-53A guidance and as per continuous monitoring requirements.
    • Ensure security assessments are completed for each IS.
    • Analyzes and update Systems Security Plans (SSPs) based on NIST Special Publications and conduct annual self-assessments.
    • Uploads Plan of Actions & Milestones (POA&Ms) into CSAM and validate artifacts provided to remediate.
    • Initiates a POA&M with identified weaknesses and suspense dates for each IS, based on findings and recommendations from the SAR.
    • Provide support for documentation initiatives as related to System Security Plans (SSP), Security Assessment Plans (SAR), Continuity of Operations Plans (COP), Incident Response Plans (IRP), and Security Test and Evaluation (ST&E) standards.
    • Create, oversee, and update policies, information, standards, and guidelines on a regular basis.
    • Worked closely with clients for the duration of projects.
    • Maintains a central repository and up-to-date tracking report of information and official files for all information systems and enterprise-wide audits.
    August 2013
    to
    August 2017
    SPN Solutions Inc.Arlington, VAInformation Security Analyst
    • Ensured proper system categorization using NIST 800-60 and FIPS 199.
    • Selected and implemented appropriate security controls for information system based on NIST NIST 800-53 rev 4 and FIPS 200.
    • Developed system Security Plans (SSPs) to provide an overview of information system requirements and described the controls implemented meet these requirements.
    • Reviewed and updated POA&Ms in CSAM tool. Worked with system Administrators to resolve POA&Ms, gathering artifacts, and also created mitigation memos and corrective action plans to assist in closure of POA&Ms.
    • Guided System Owners and system teams through the ATO process, using NIST 800-37.
    • Created, reviewed and updated Incident Response Plans (IRPs), Security Assessment Plans (SAR), Contingency Plan (CP) and POA&M for approval by the Authorization Official.
    • Analyzed and updated System Security Plan (SSP), Risk Assessment Reports (RAR), Privacy Impact Analysis (PIA), System Security Test & Evaluation (ST&E), and POA&M.
    • Conducted Contingency Plan tests using the table top and/ or functional method at least annually and updated the plan.
    • Ensured configuration management processes are followed to ensure that any changes do not introduce new security risks.
    June 2010
    to
    August 2013
    Inova Health SystemFalls Church, VAIT Help Desk Support
    • Provided telephone support to over 6000 end-users, troubleshooting, diagnosing, resolving, and documenting hardware, software, and network-related technical issues.
    • Maintain an inventory and database of IT related assets, including hardware, software, and peripherals.
    • Documented all issues and generated reports detailing common problems and error trends.
    • Managed client antivirus and anti-spam tools.
    • Filled in for in-house IT services as needed, installing new desktop systems for developers, project managers, and quality assurance team members.
    • Created, updated and managed issued tickets utilizing remedy-ticketing systems.
    • Escalated issues to the proper help desk associate when necessary and followed up on any escalated issues, all within a timely manner.
    • Created new user accounts, updated and troubleshooted user accounts and workstations in active directory.
    • Assisted in technical support process refinement to improve customer service and support.
    • Consulted via telephone to understand user problems, run through testing scripts and ask probing questions to locate root causes.
    • Configured new employee work stations, including all hardware, software and peripheral devices.
    Build Your Own Now

    DISCLAIMER

    Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.

    Resume Overview

    Companies Worked For:

    • Concord Crossroads LLC
    • SPN Solutions Inc.
    • Inova Health System

    School Attended

    • University Of Ghana

    Job Titles Held:

    • Information Security Analyst
    • IT Help Desk Support

    Degrees

    • Bachelor of Science : Information Technology

    Similar Resumes

    View All
    Senior-Information-Security-Analyst-resume-sample

    Senior Information Security Analyst

    Accenture Services Pvt Ltd, Pune

    Huntington Beach, California