SEARCH

Information Security Analyst Resume Example

Resume Score: 80%

Love this resume?Build Your Own Now
UE
INFORMATION SECURITY ANALYST
Professional Summary

Skilled Information Security Analyst, knowledgeable in risk management framework (RMF), systems development life cycle (SDLC), security life cycle, and vulnerabilities management using FISMA, and applicable NIST standards. 4+ years with information security governance, compliance, and experience assessing information systems following NIST special publications e.g NIST 800-37, 800-53, 800-137, etc.

A proven project and team lead excellent communicator (both oral and written), presentation skills. Specialized in providing IT security expertise and guidance in support of security assessments and continues monitoring for government and commercial clients.

Skills
  • Assessment and Authorization (A&A)
  • Certification and Accreditation (C&A)
  • IT Security Compliance
  • Vulnerability Assessment
  • Network Vulnerability Scanning
  • Information Assurance
  • Systems Risk Assessment
  • Systems Development Life Cycle
  • Nessus Vulnerability Scanner, Microsoft Visio, Excel, Word, PowerPoint, Access, Mac, Microsoft Windows, Linux, VMware, Oracle virtual box, CSAM, Remedy, Active Directory, ServiceNow, Trend Micro, Splunk, and more.
  • Active Directory, Security analysis
  • Auditing, SSP
  • C, Systems Development
  • Clients, Technical Writing
  • Documentation
  • Information Security
  • Microsoft Office suite expert
  • Oracle
  • Organizational
  • Project Management
  • Risk Assessment
  • Symantec Endpoint Protection
  • Designing security controls
Work History
08/2017 - CurrentInformation Security Analyst | Company Name - City, State
  • One of the largest Accounting firms in the US offering a portfolio of advisory, assurance and tax preparation and management services across 26 nationwide offices and internationally as part of the Nexia network.
  • Provide security expertise and guidance in support of security assessments.
  • I conduct NIST SP 800-53A assessments on internal systems through personnel interviews and documentation review. I determine compliance with policies and procedures, recommend corrective actions and prepare findings reports.
  • Support A&A (C&A) activities according to the A&A project plan.
  • I review authorization documentation for completeness and accuracy for compliance.
  • I create POA&Ms and track associated mitigation.
  • Facilitate Security Control Assessment (SCA) and Continuous Monitoring Activities.
  • I continuously ensure cyber security policies are adhered to and that required controls are implemented.
  • I review and process monthly vulnerability scan results for assigned systems and work with technical teams .
  • Developed resultant SCA documentation, including but not limited to the Security Assessment Report (SAR).
  • Assist team members with proper artifact collection and detail to clients examples of artifacts that will satisfy assessment requirements.
  • Reviewed security logs to ensure compliance with policies and procedures and identifies potential anomalies.
  • Develop, update, and review A&A Packages to include Core Docs, Policy & Procedures, Operations and Maintenance Artifacts, SSP, SAR, FIPS 200, FIPS 199, POA&M, CPTPR, BIA, PTA, PIA, and more.
  • Collect Operation and Maintenance artifacts on an ongoing basis so that Security Control Assessment (SCA) is seamless.
  • Upload supporting docs in the System's Artifact Libraries, Google Docs, and CSAM.
  • I track SLAs on audit and continuous monitoring findings.
  • Managed vulnerabilities with the aid of Nessus vulnerability Scanner.
  • Reviewed SAR post assessment; created and completed POA&M's milestones to remediate findings and vulnerabilities.
  • Independently reviewed complex security analysis of existing systems for compliance with security requirements.
  • Monitored security controls post authorization to ensure continuous compliance with the security requirements.
05/2016 - 05/2017IT Security Analyst | Company Name - City, State
  • CoStar Group is a provider of information, analytics and marketing services to the commercial property industry in the United States, Canada, the United Kingdom, France, Germany, and Spain.
  • Facilitated implementation of security requirements and programs across systems Tiers, integrated security programs, and defined the scope and level of detail for system security plans and policies.
  • Developed, reviewed, and updated Information Security System Policies, System Security Plans, and Security baselines.
  • Visit sites to assess the qualification of potential investigative sites, initiate studies, instruct site personnel on the proper conduct of studies; perform ongoing monitoring to assure site adherence to plans and policies, protocol and all relevant regulations; review data and ensure accuracy of data collected; perform close-out visits.
  • Provided security expertise and guidance in support of security assessments.
  • Performed internal audits of the systems prior to third party audits.
  • Reviewed authorization documentation for completeness and accuracy for compliance.
  • Facilitated Security Control Assessment (SCA) and Continuous Monitoring Activities.
  • Ensured cyber security policies are adhered to and that required controls are implemented.
  • Validated information system security plans to ensure control requirements are met.
  • I continuously had to access information systems
  • Maintained data management and storage systems to protect data from compromise.
  • Authored deliverables e.g. System Security Plan (SSP), Security Assessment Report (SAR) , Plan or Action Milestones (POA&M), and Security Impact Analysis (SIA).
02/2013 - 04/2016Principal Support Specialist | Company Name - City, State
  • The Bank of Scotland plc is a commercial and clearing bank based in
    Aberdeen, Scotland. With a history dating to the 17th century, it is the fifth oldest extant bank in the United Kingdom, and is the only commercial institution created by the Parliament of Scotland to remain in existence , I Provided comprehensive IT support to 400 internal users.
  • Participated in ticket documentation creation process.
    Analyzed departmental documents for appropriate distribution and filing.
  • Successfully reduced user callback rate by 20% through accurate
    assessment of root causes of technical issues and consistent
    implementation of appropriate solutions.
  • Earned "Employee of the Month Award" for technical knowledge and
    outstanding customer service.
  • Managed call flow and responded to technical support needs of
    customers.
  • Built and provided basic end-user troubleshooting and desktop support
    on Windows and Mac systems.
  • Worked independently on Sundays providing sole support for international operations Increased departmental efficiency and reduced operational costs by automating several routine database management tasks.
  • Developed solutions to on-going incidents with remote end-user network connectivity issues.
Education
08/2015Robert Gordon University, CityM. Sc: Energy Management
  • Graduated magna cum laude
07/2011Joseph Ayo Babalola University., CityB. Sc: Computer Science
Certifications
  • CompTIA Security+
  • CAP - In Progress
  • Certified Information System Security Professional (CISSP)– In Progress
Build Your Own Now

DISCLAIMER

Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.

Resume Overview

School Attended

  • Robert Gordon University
  • Joseph Ayo Babalola University.

Job Titles Held:

  • Information Security Analyst
  • IT Security Analyst
  • Principal Support Specialist

Degrees

  • M. Sc : Energy Management
    B. Sc : Computer Science

Similar Resumes

View All
Information-Security-Analyst-resume-sample

Information Security Analyst

Plano, Texas