I am specialized in areas such as Cybersecurity, Information Assurance (IA), Security Assessment & Authorization (SA&A), Risk Management, System Monitoring, Regulatory Compliance, Physical and environmental security, Project Management, Incident Response, and Disaster Recovery. I possess a strong managerial skill, excellent in relation to building and developing a strategic partnership. I am an expert in FISMA compliance, Security Training, developing security policies, procedures and guidelines. I am highly adaptive and have superior analytical and organizational skills as well as familiar with a wide variety of applications. I am a fast learner, have the ability to multi-task. I can also work independently and as a contributing team member. I have strong verbal and written communication skills. I have over Five (5) years of experience in information security.
A proven project and team lead with an aptitude for good customer service, leadership and excellent communication (both oral and written) skills. Functional areas of expertise include but not limited to:
-Conducted kick off meetings to collect systems information (information type, boundary, inventory, etc.) and categorize systems based on NIST SP 800-60.
-Conducted security control assessments to assess the adequacy of management, operational privacy, and technical security controls implemented. Security Assessment Reports (SAR) were developed detailing the results of the assessment along with the plan of Action and Milestones (POA&M).
-Developed system security plans to provide an overview of federal information system security requirements and described the controls in place or to meet those requirements.
-Created and updated the following Security Assessment and Authorization (SA&A) artifacts; FIPS 199, Security Test and Evaluations (ST&Es), Risk assessments (RAs), Threshold Analysis (PTA), Privacy Impact Analysis (PIA), E-Authentication, Contingency Plan, Plan of Action and Milestones (POAMs).
- Prepared Security Assessment and Authorization (SA&A) packages to ascertain that management, operational and technical security controls adhere to NIST SP 800-53 standards.
-Performed vulnerability assessment, making sure risks are assessed and proper, actions taken to mitigate them.
-Conduct IT controls risk assessments including reviewing organizational policies, standards and procedures and providing advice on their adequacy, accuracy and compliance with industry standards.
-Developed risk assessment reports. These reports identified threats and vulnerabilities. In addition, it also evaluates the likelihood that vulnerabilities can be exploited, assesses the impact associated with these threats and vulnerabilities, and identified the overall risk level.
Developed, reviewed and updated Information Security System Policies, System Security Plans and Security baseline in accordance with NIST, FISMA, OMB App. III A-130 and industry-best security practices. Applied appropriate information security control for Federal Information System based on NIST 800-37 rev1, SP 800-53 rev4, FIPS 199, FIPS 200 and OMB 130 Appendix III. Conducted systems and network vulnerability scan in order to identify and remediate potential risks.
Analyzing and defining security requirements for a variety of IT issues.
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:
Job Titles Held: