An Information System Security professional with a passion for aligning security architecture plans and processes with security standards and business goals. Experienced in vulnerability management, security control implementation, assessment and authorization, POA&M management, continuous monitoring, and Risk Management Framework, Authentication & Access Control, System Monitoring, and Regulatory Compliance in accordance with NIST, FISMA, and industry-best security standards.
CERTIFICATION AND CLEARANCE
CompTia Security Plus
Certified Scrum Master
Clearance: Public Trust
Experience
01/2019 to Current
Information System Security OfficerAtos – Redmond, WA,
Developed and maintained security authorization packages in compliance with FISMA and in accordance with client's requirements.
Develop and maintain System Security Plan, Risk Assessment Report, Security Assessment Plan and Report, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, and Configuration Management Plan.
Verify System Security Plan (SSP), Security Assessment Report (SAR) are current and up to date.
Transferred over 200 plus projects within Xacta Risk Management tools to meet stringent deadlines and constraints while ensuring data integrity.
Assisted incident response team, including directing engineers in triaging security incidents and keeping Security Manager appraised of incident status.
Develop a plan of Action and Milestones (POAMs) in response to reported security vulnerabilities.
Make sure procedures, standard operating procedures are up to date.
Review system audit logs for unauthorized or suspicious activities
Ensure security engineers resolve detected security vulnerabilities and system security documentation is updated.
Review and update system access authorization forms and other documentations to ensure authorizations are available, complete, and properly granted.
Develop, coordinate, test, and train on Contingency Plans and Incident Response Plans.
Document and maintain DISA STIGS, IRS/CIS Benchmark style hardening checklists to establish system security baseline documentation.
Report unusual activities or unexplained access attempts to the system owner and CISO/ISSM.
Worked in both Linux and Windows environments.
Performed root cause analysis to diagnose system faults.
Planned and designed system improvements to meet changing demands.
Review and validate IT system access for employees or contractors separating from agency and upload artifacts into Xacta 360
02/2016 to 12/2018
Information System Security AnalystBooz Allen Hamilton Inc. – Fort Gordon, GA,
Analyzed security procedure violations and developed plans to prevent recurrence.
Make sure procedures, standard operating procedures are up to date. Review system audit logs for unauthorized or suspicious activities.
Report unusual activities or unexplained access attempts to system owner and CISO/ISSM.
Made recommendations to improve security procedures and systems.
Built firewalls and encrypted data to secure confidential information.
Audited networks and security systems to identify vulnerabilities.
Analyzed system risk to identify and implement appropriate security countermeasures.
Designed and implemented plans to secure computer files against breach, destruction or accidental modification.
Designed, implemented and maintained security systems and controls.
Updated virus protection systems based on computer virus reports.
Monitored computer virus reports to determine when to update virus protection systems.
Reviewed violations of computer security procedures and developed mitigation plans.
07/2021 to 12/2021
Database AnalystAscension Health – Inlet Beach, FL,
Used various statistical methods to analyze data and generate useful business reports.
Developed and implemented security initiatives to protect important company data.
Completed data mining and electronic documentation reviews.
Analyzed and developed technical and functional specifications for databases serving up to 500 employees.
Specified user access levels for each database segment to protect database integrity and company information.
Tested and modified databases to determine and correct issues.
Assessed customer needs and goals through communication and system evaluations to modify existing databases for personalized customization.
Collected information by meeting with database architects and administrators to determine client system limitations for capacity and load for data processing projects.
Defined database design specifications based upon project requirements.
Uploaded antivirus software to protect data from cyber threats and malware.
Communicated with data architects, programmers and engineers to keep projects on track.
Wrote and maintained technical and functional specifications to document database intentions and requirements.
Education
Expected in 03/2021
Master of Science: Cybersecurity Technology University of Maryland Global Campus - Largo, MD, GPA:
Expected in 05/2013
MBA: Business Administration And Management New Mexico Highlands University - Las Vegas, NM, GPA:
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
How this resume score could be improved?
Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:
