it auditor resume example with 7+ years of experience

(555) 432-1000,
Montgomery Street, San Francisco, CA 94105
Career Overview
Seeking Cyber Security Analyst, Information System Auditor and Information Assurance position in growth and work on FISMA, system security monitoring and auditing; risk assessments; audit engagements, testing information technology controls and developing security policies, procedures and guidelines.
  • Cyber security with over 3 years of working experience.
  • Experienced in the development of System Security Plans (SSP), Contingency Plans, Disaster Recovery Plans, Incident Response Plans/Training, Memorandum of understanding and Configuration Management
  • FISMA Reports, Standard Operating Procedures (SOP) in accordance with Federal, Agency and Organizational policy, to include FISMA, NIST, OMB, FIPS instructions
  • Knowledge of MS Excel Spreadsheet and other FISMA tracking systems/tools to implement six steps NIST RMF aim at managing, monitoring and tracking ATO, POA&M, continuous assessment and ongoing authorization.
  • System Security Checklists, Privacy Impact Assessments, POA&M, Authority to Operate (ATO) letters
  • Working knowledge of NIST [.] 18, 115, 137, 30, 34,200, 53Ar4, 60 vol 1&2, NIST 37 RMF, FIPS
Education and Training
UNIVERSITY OF HOUSTON , Expected in : - GPA : In progress with supply chain / cyber security
LONE STAR COLLEGE , Expected in : - GPA : logistics and supply chain / cyber security Houston - TX
Strategy and Planning
  • Developed and communicated Web site usage, security policies and standards to all users.
  • Established policies and procedures for publishing Web pages and applications in conjunction with content creators and sales staff.
Work Experience
Apex Systems - IT AUDITOR
Monroe, NC, 11/2015 - Current
  • Worked on risk assessments based on NIST standards to ensure that security designs sufficiently mitigate risks; and prepared risk assessment reports and provided recommendations to client.
  • Ensured that management, operational and technical controls for securing either sensitive Security Systems or IT Systems are in place and are followed according to federal guidelines (NIST SP 800-53).
  • Knowledge in the development, monitoring, and implementation of a Plan of Action and Milestones (POA&M).
  • Participate in and conduct cyber security investigations involving compromised critical systems.
Engility Corporation - CYBER SECURITY ANALYST
Everett, WA, 2014 - 11/2015
  • Conducted a kick off meeting in order to categorize agency's systems according to NIST requirements of Low, Moderate or High system Conducted IT controls risk assessments that included reviewing organizational policies, standards, procedures and guidelines.
  • Performed daily ongoing (A&A) Assessment and Authorization projects in support of client security system Review and update of the System Security Plan (SSP) using NIST SP 800-18 guidelines.
  • Specialized in areas of Information Technology (IT) such as Network Security, Cyber security, Information Assurance (IA), Security Assessment & Authorization (SA&A), Risk Management, System Monitoring, Developed the audit plan and Performed the General Computer Controls testing of Information Security, Business Continuity planning and Relationship with outsourced Vendors.
  • Led in the development of Privacy Threshold Analysis (PTA), and Privacy Impact Analysis (PIA) by working closely with the Information System Security Officers (ISSOs), the System Owners, the Information Owners and the Privacy Act Officers.
  • Specialized in the entire FISMA Risk Management Framework (RMF), SA&A/C&A and system control assessment processes using FIPS 199/NIST SP 800-60, NIST SP 800-53r4/53A, preparing and reporting SSP, SAP, ST&E, SAR, RAR, PTA, PIA, POA&M, as well as the Fed RAMP and COSO, COBIT, HIPAA Frameworks.
  • Manage vulnerabilities with the aid of Nessus and Microsoft Baseline Security Analyzer (MBSA 2.3) Vulnerability Scanners to detect potential risks on a single or multiple assets across the enterprise network.
 Inter-personal skills, Configuration Management, client, clients, Disaster Recovery, Information Security, Information Technology, letters, logistics, managing, MS Excel, enterprise, Network Security, network, Organizational, policies, problem solving skills, processes, progress, reporting, risk assessment, Risk Management, SAP, Scanners, scanning, SOP, Spreadsheet, SSP, supply chain, written communication skills
Additional Information
I am specialized in areas such as Cyber security, Risk Management, Authentication & Access Control Information Assurance (IA), Certification and Accreditation (C&A),System Monitoring. I am highly adaptive and have superior organizational skills as well as familiar with a wide variety of applications, databases, operating systems and network devices. I am a fast learner, have the ability to multi-task, and can also work independently and as a contributing team member.

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended


Job Titles Held:



By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: