Information Security Analyst Resume Example
Highly driven, detail-oriented, and experienced IT professional with thorough knowledge and understanding of FISMA's and Risk Management Framework with strong hands-on experience. Experience includes System monitoring, Auditing; Risk Assessment, Audit Engagements, and Testing Information security Controls.
CompTIA Security +
EC-Council Certified Ethical Hacker (CEH)
AWS Certified Developer - Associate
AWS Certified Solutions Architect - Associate
AWS Certified Security - Specialty
ITIL V4 Foundation Certificate in IT Service Management
Certified Information Systems Auditor (CISA)
FISMA, FIPS, HIPAA and HITRUST, Security Assessment and Authorization (SA&A), NIST Risk Management Framework (RMF), Access Control, Audit and Accountability, Certification and Accreditation, Compliance Testing, Risk Assessment, Change Management, Configuration Management, Contingency Planning, Policies and Procedures, Implementation Statements, Incident Response, Network Security, System Security Plans, eAuthentication, STIG, OMB Circular A-130 Appendix III, OMB A-123, GRC Tools-CSAM/ Archer, NIST 800-53, NIST 800-30, NIST 800-37, NIST 800-34, NIST 800-18, NIST 800-60, NIST 800-53A, NIST 800-171, NIST 800-39, NIST 800-66, NIST 800-100 and NIST 800-137 FIPS 199 and FIPS 200.
- Evaluate security assessment documentation and provide written recommendations for security authorization to the AO.
- Conducts comprehensive reviews of security authorization documents to ensure the appropriate NIST security guidelines were used during the assessments and the selections of security controls are relevant to the confidentiality, integrity, and availability of the system.
- Performs Security Control assessment using NIST 800-53A guidance and as per continuous monitoring requirements.
- Ensure security assessments are completed for each IS.
- Analyzes and update Systems Security Plans (SSPs) based on NIST Special Publications and conduct annual self-assessments.
- Uploads Plan of Actions & Milestones (POA&Ms) into CSAM and validate artifacts provided to remediate.
- Initiates a POA&M with identified weaknesses and suspense dates for each IS, based on findings and recommendations from the SAR.
- Provide support for documentation initiatives as related to System Security Plans (SSP), Security Assessment Plans (SAR), Continuity of Operations Plans (COP), Incident Response Plans (IRP), and Security Test and Evaluation (ST&E) standards.
- Create, oversee, and update policies, information, standards, and guidelines on a regular basis.
- Worked closely with clients for the duration of projects.
- Maintains a central repository and up-to-date tracking report of information and official files for all information systems and enterprise-wide audits.
- Ensured proper system categorization using NIST 800-60 and FIPS 199.
- Selected and implemented appropriate security controls for information system based on NIST NIST 800-53 rev 4 and FIPS 200.
- Developed system Security Plans (SSPs) to provide an overview of information system requirements and described the controls implemented meet these requirements.
- Reviewed and updated POA&Ms in CSAM tool. Worked with system Administrators to resolve POA&Ms, gathering artifacts, and also created mitigation memos and corrective action plans to assist in closure of POA&Ms.
- Guided System Owners and system teams through the ATO process, using NIST 800-37.
- Created, reviewed and updated Incident Response Plans (IRPs), Security Assessment Plans (SAR), Contingency Plan (CP) and POA&M for approval by the Authorization Official.
- Analyzed and updated System Security Plan (SSP), Risk Assessment Reports (RAR), Privacy Impact Analysis (PIA), System Security Test & Evaluation (ST&E), and POA&M.
- Conducted Contingency Plan tests using the table top and/ or functional method at least annually and updated the plan.
- Ensured configuration management processes are followed to ensure that any changes do not introduce new security risks.
- Provided telephone support to over 6000 end-users, troubleshooting, diagnosing, resolving, and documenting hardware, software, and network-related technical issues.
- Maintain an inventory and database of IT related assets, including hardware, software, and peripherals.
- Documented all issues and generated reports detailing common problems and error trends.
- Managed client antivirus and anti-spam tools.
- Filled in for in-house IT services as needed, installing new desktop systems for developers, project managers, and quality assurance team members.
- Created, updated and managed issued tickets utilizing remedy-ticketing systems.
- Escalated issues to the proper help desk associate when necessary and followed up on any escalated issues, all within a timely manner.
- Created new user accounts, updated and troubleshooted user accounts and workstations in active directory.
- Assisted in technical support process refinement to improve customer service and support.
- Consulted via telephone to understand user problems, run through testing scripts and ask probing questions to locate root causes.
- Configured new employee work stations, including all hardware, software and peripheral devices.
DISCLAIMER
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
How this resume score could be improved?
Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:
- Word choice
- Strong summary
- Typos
Resume Overview
School Attended
- University Of Ghana
Job Titles Held:
- Information Security Analyst
- IT Help Desk Support
Degrees
- Bachelor of Science : Information Technology
Similar Resumes
