DOD Secret Clearance (Active) | United States DHS Suitability (Active) | Secret Clearance (Active
PROFESSIONAL SUMMARY
An enthusiastic Information Technology professional with 5 years of experience in managing and protecting enterprise information systems, through Assessment and Authorization (A&A) in accordance with the Federal
information Security Management Act (FISMA), with an in-depth knowledge of Risk Management Framework (RMF) using NIST and FIPS standards throughout the System Development Life Cycle (SDLC). Possesses strong
communication skills and comfortable in team-based or single focused roles and detail oriented. I can offer loyalty, strong work ethic and utilize knowledge, experience, abilities, and skills to further benefit the company. Results-driven IT professional with notable success in planning, analysis, and implementation of security initiatives. Strengths in providing comprehensive network design and security frameworks. Certified in [Area of certification].
Security Policy: FISMA/NIST/RMF/FIPS
Tools: Nessus/Xacta 360/eMASS/ACAS/ DISA-STIG POA&M tracking or FISMA Vulnerability scanning tools like Nessus, Weblnspect, Qualys, AppDetective and Fortify c)
IDS/IPS such as Snort IDS, (Silent Note: Others are Cisco IPS, Bro, and Security Onion) d) SIEM tools like Splunk Pentest tools like Kali Linux, Nmap,, WireShark, and Metasploit.
Computer: Microsoft Office Suite, Adobe, Excel, Share Point, Remedy Ticket System.
Networking: LAN/WAN/TCP-IP/INTERNET
Operation Systems: . Windows (XP Office)
Certified Ethical Hacker (CEH)
Ā· Security Plus CE
Ā· Linux (in Progress)
Ā· AWS Certified SJessications Architect
Ā· NCIC Certification
Ā· Splunk Enterprise Certified Admin
⢠Reviewing and Assessing SSP and preparing Authorization Package: System Security Plan (SSP), Security
Assessment Report (SAR), and Plan of Action and Milestones (POA&Ms).
⢠Validate and review RMF documentation in accordance to maintain Authorization to Operate (ATO).
⢠Continuously maintaining a comprehensive list of STIGs applicable to client information systems based on RMF
control selection, system owner/administrator interviews and detailed analysis of Host Based Security System
(HBSS) data (where available), ACAS scans, and reports.
⢠Evaluate information systems for compliance with Defense Information Security Agency (DISA) Security
Technical Implementation Guideline (STIG) and review measures needed to bring systems into compliance.
⢠Generate and review ACAS scans including STIG related findings, upload results to program dashboard. Provide
input to IAO for mitigation POA&Ms and A&A Plans.
⢠Participate in the development and implementation of enterprise-level policy directives and other guidance
materials; disseminates policy directives, including the development of supplemental guidance materials essential
to ensure affected organizations' understanding of implications for their operations.
⢠Analyze current cybersecurity policies, processes, capabilities, authorities, architectures for applicability and
responsibilities; Provide recommendations for improvements on proposed policies and strategies
⢠Experience preparing, processing, assessing, validating and maintaining DIACAP and RMF packages using
eMASS and XACTA tools.
⢠Executing Security Assessment methodology (examine, interview, test) procedures in accordance with NIST SP
800-53A Rev 4.
⢠Conduct Security Assessment interviews to determine the security posture of the system and develop a SAR
containing the results and findings. Provide technical security strategy, standards, and best practices for security
categorizations (Low, Moderate and High) and NIST, FISMA, and other applicable guidance.
⢠Experience with cr The Information System Security Officer (ISSO) supports FISMA compliance. Experienced ISSO working with multiple system Security and Assessment Authorization documentation including SSP, FIPS199, PIA, Risk assessment, etc. Experience working with NIST 800-53, FIPS 199, NIST RMF and some Cloud Systems experience (FedRAMP/ AWS)
By clicking Customize This Resume, you agree to ourĀ Terms of UseĀ andĀ Privacy Policy
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:
resume Strength
By clicking Customize This Resume, you agree to ourĀ Terms of UseĀ andĀ Privacy Policy