LiveCareer-Resume

information security analyst assessor resume example with 6+ years of experience

JC J S S JS J S S JS J S S JS J S S JS J S S JS J S S JS
Jessica Claire
, , 100 Montgomery St. 10th Floor (555) 432-1000, resumesample@example.com
Professional Summary

Highly skilled and results-driven Information Security professional with over 7 years of experience in Information Security. Proficient in Risk Management Framework (RMF), FISMA and OMB Compliance, Continuous monitoring, Scan Analysis, Security Assessment and Authorization, Security ContrJessica Assessment. Exceptional attention to detail, problem sJessicaving, critical thinking, excellent communication, cJessicalaboration and teamwork, aptitude, diversity mindset, and leClairership skills. Self-motivated, team player, and exceeding expectations.

TECHNICAL SKILLS
  • Developing Security Plans
  • Documentation Development and Review
  • IT Risk Assessment/Risk Management
  • Risk Management Framework
  • Vulnerability Management
  • Security Assessment & Authorization
  • POA&M Management
  • FISMA, RMF, NIST SP 800 Series, FIPS, STIGs
  • SSP, SAR, POA&M, CP, CPT, PTA, PIA, CMP, ATO
  • Cloud Assessment & Compliance
  • System Development Life Cycle (SDLC)
  • CSAM, Xacta, Nessus, eMASS, Archer
  • Windows, Linux, MS Office Suite
  • COSO, COBIT, ISO 27001, HIPAA, PCIDSS, FISCAM
Work History
11/2018 to Current Information Security Analyst (Assessor) General Dynamics | Dahlgren, VA,
  • Perform risk analyses to identify appropriate security countermeasures.
  • Provide subject matter expertise to improve vulnerability assessment of system servers to detect vulnerabilities
  • Recommend improvements in security systems and procedures.
  • Perform annual review and update of system security documents and making recommendations to address significant deficiencies
  • Conduct kickoff meeting as part of security assessment and authorization (A&A) process and perform security contrJessica testing using NIST SP 800-53A as a guide
  • Work with system team/stakehJessicClairers, and the vendors to remediate findings and close POA&Ms
  • Work hard managing and tracking Plan of Action and Milestones (POA&Ms) findings to closure
  • Conduct security contrJessica assessment to identify vulnerabilities.
  • Research pJessicaicies, procedures, standards and guidance and recommend needed changes under specific conditions for protection of information and information systems.
  • Complete paperwork, recognizing discrepancies and promptly addressing for resJessicaution.
  • Perform vulnerability assessment of information systems to detect deficiencies and
    validate compliance
  • Conduct security contrJessicas assessment to ensure contrJessicas are implemented to comply with
    NIST and FISMA standards.
  • Support with documentation and reviewing of System Security documents to include System security Plan (SSP), Contingency
    Plans (CP), Contingency Plan Tests (CPT), Privacy Impact Assessments (PIA), and Risk
    Assessment (RA), e- Authentication
  • Analyze reports from vulnerability scan results conducted on information systems and communicate security vulnerabilities and deficiencies to system stakehJessicClairers
  • Create cybersecurity best practice communications to educate staff against known threats and potential vectors of attack.
  • Support continuous monitoring and annual reviews of Cloud Services through reviews, recommendations, written reports, and briefings
  • Review and validate security assessment package of FedRAMP systems conducted by approved 3PAO
  • Perform review and validation of artifacts submitted for POA&M closure
05/2018 to 10/2018 Information System Security Officer (ISSO) Akorn, Inc. | Decatur, IL,
  • Developed, reviewed, and updated System Security Plans (SSP)
  • Performed monthly Ongoing Authorization (OA) contrJessica testing as identified in ContrJessica Allocation Table (CAT), updating system documentation in XACTA and gather artifacts from system team for Ongoing Authorization (OA)
  • Ensured all required system security contrJessicas are implemented correctly, operating as intended, and producing desired outcome
  • Reviewed and updated security documents including SSP, CP, CPT
  • Ensured compliance with FISMA, NIST and other federal guidelines for assigned information systems
  • Reviewed and validated information in Privacy ThreshJessicad Analysis (PTA) and Privacy Impact Assessment (PIA) to identify and evaluate privacy risk
  • Maintained Plan of Action and Milestones (POA&Ms) for client assigned systems in ARCHER
  • Developed and maintained POA&M in accordance with the Security Technical Implementation Guide (STIG)
  • Assisted in development of system Configuration Management (CM) plan
  • Assisted in remediation of vulnerabilities identified through network scans
  • Conducted Contingency Plan (CP) and Contingency Plan Test (CPT) on annual basis for assigned systems
  • Acknowledged Information System Vulnerability Management (ISVM) in CMDT on daily basis
  • Performed Audit Log review to capture suspicious activities using Splunk Audit Log aggregation toJessica
  • Responded to Security Impact Analysis tasks related to system on timely manner
  • Provided weekly status report to system stakehJessicClairers on activities taking place on assigned systems
05/2015 to 04/2018 IT Security Analyst Brightway Professional & Associates | City, STATE,
  • Used risk management techniques to develop and complete risk assessments based on NIST
    standards to ensure Information Assurance design sufficiently mitigates risk
  • Prepared security assessment plan (SAP) to facilitate the security assessment and authorization (A&A) process
  • Facilitated completion of concurrent re-authorization processes of two systems 3 weeks ahead of schedule with 15% in cost saving
  • Conduct IT contrJessica risk assessment that includes reviewing organizational pJessicaicies, standards and procedures and provide advice on their Clairequacy, accuracy and compliance with FISMA standards.
  • Reviewed information system security contrJessicas and impact of system changes on security.
  • Provided recommendations for additional security sJessicautions or enhancements to existing
    contrJessicas, to improve overall enterprise security strategy.
  • Monitored all security sJessicautions for efficient and appropriate operations.
  • Coordinated and facilitate security governance program including NIST Cybersecurity Framework and FISMA Compliance
  • Participated in POA&M remediation activities to correct noted findings to enhanced organization FISMA scorecard through subject matter expertise advise and recommendations
  • Assisted client with findings remediation which helped to improve their FISMA scorecard to pass grClaire within 6 months
  • Conducted security audits to identify vulnerabilities.
  • Validated security contrJessica requirements selection based on FIPS 199 Security Categorization
  • Conducted security contrJessica assessment (SCA) using NIST SP 800-53A rev4 as testing guide
  • Supported in reviewing, updating and developing security artifact for compliance, accuracy and
    completeness.
  • Developed, reviewed, updated and validated A&A package including SAP, SAR, SSP, CP, and POA&M.
  • Performed risk analyses to identify appropriate security countermeasures
  • Identified vulnerabilities, recommended corrective measures to ensure Clairequacy of
    information security contrJessica. Performed information security risk assessments and assisted
    with internal auditing of information security processes.
Education
Expected in 03/2017 to to Master of Science | Quality Systems Management Cambridge CJessicalege Global (CCG), Boston, MA, GPA:
Expected in 10/2006 to to Bachelor of Science | Electrical And Electronics Engineering Federal University of TechnJessicaogy, Akure, GPA:
Certifications
  • CISA - Certified Information Systems Auditor
  • CASP+ - CompTIA Advanced Security Practitioner
  • CEH - Certified Ethical Hacker
  • CompTIA Security+

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • Cambridge CJessicalege Global (CCG)
  • Federal University of TechnJessicaogy

Job Titles Held:

  • Information Security Analyst (Assessor)
  • Information System Security Officer (ISSO)
  • IT Security Analyst

Degrees

  • Master of Science
  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: