(555) 432-1000 - - resumesample@example.com - -
Self-motivated and passionate Information Assurance Analyst with excellent communication skills. Combines professionalism along with interpersonal skills to accomplish the mission, vision, and goal of the organization. Ability to motivate, lead, and work with other team members to achieve the overall objective of securing IT Systems. Seeking to utilize my background and experience in a progressive and engaging position. Adept attention to detail, and passion for excellence. Skilled at detection of security vulnerabilities and risk while maintaining confidentiality, integrity, and compliance with company guidelines.
Elizabeth City State University - Elizabeth City, NC
- CompTIA Security+ Certified
|
- Reviewed technical and administrative controls and conducted RMF per the NIST 800-53, NIST 800-37 and CNSS 1253 requirements.
- Drafted and reviewed security artifacts including, but not limited to, System Security Plans, inventories, contingency plans, security control traceability matrices, and security assessment reports.
- Conducted Annual assessments of sites on compliance with organizational policy.
- Drafted and managed POA&M for authorized systems with appropriate remediation suspense dates and tracked findings until closure. If the POA&M would never be met, familiar with exceptions and waiver process as well as residual risk acceptance.
- As an assessor for cloud systems, designed the A&A process used for the AWS environment and drafted templates to be used in an agile SDLC.
- Experience with Nexpose Rapid 7 scanning tool, SPLUNK audit log aggregation tool, HP Fortify, Webinspect, as well as McAfee EPO.
- Reviewed and assessed seven different systems of different classification, scope, and mission and determined residual risk and mitigation methods to ensure the system was operating in it\'s most secure state.
● POA&M Preparation and Update. Prepared Plan of Action and Milestones (POA&M), based on the results of the security assessment report (SAR).
● Updated the plan of action and milestones based on the documented changes to the system (including hardware, software, firmware, and surrounding environment) and the results of the continuous monitoring process.
● Supported the remediation actions to correct assessment findings and develops supporting plan of action and milestone (POA&M) reports. Organizes authorization package for ATO of the client’s systems.
● Reviewed vulnerability scanning results and identifies weaknesses in our client’s system and recommends corrective actions. Supports the penetration testing group with information gathering (reconnaissance) and scanning using Nessus and Nmap tools.
● Experienced with interpreting vulnerability reports extracted from Nessus Scanning, prioritizing reports-based security impact level of low, moderate, high.
● Coordinated with various stakeholders to remediate findings on assigned systems.
● Reviewed authorization documentation for completeness and accuracy for compliance.
● Executed, examined, interviewed, and tested assessment methods by NIST SP 800-53A Revision 4 guidelines for executable test procedures.
● Ensured cyber security policies were followed, validated, implemented, and that security controls operated as designed.
● Reviewed information system security plans (SSP) as recommended by NIST SP 800-18 Revision 1 and mandated by OMB Circular A-130 using GRC tool, CSAM.
● Developed security assessment documentation such as Security Assessment Plan and Security Assessment Report (SAR) before and during assessment engagement.
● Supported the assessment team with proper artifact collection during Walkthrough, and evidence references security controls that are in-scope for assessment.
● Engaged in risk assessment activities and policy & procedure (P&P) reviews to identify gaps and risks within the IT environment and or system.
● Provided weekly briefs to senior management on security posture, highlighting high/ critical vulnerabilities, remediation snapshots, and compliant security controls.
- Responded to user operational issues with desktop computers, laptops and mobile electronic devices to enable problem resolution.
- Entered service tickets into incident tracking system to facilitate faster problem identification and resolution.
- Engaged in user support interactions via telephone, chat and email platforms.
- Addressed user customer service concerns and decided when to escalate problems to specialist team members.
- Diagnosed and resolved user system functionality issues to enable completion of desired operations.
- Attended weekly team meetings to enhance product and service knowledge and gain insight into beneficial issue resolution strategies.
- Identified system hardware, network infrastructure and connectivity issues that prevented execution of user-initiated tasks.
- Collaborated with internal partners to effectively resolve user issues.
By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy
Disclaimer
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
How this resume score
could be improved?
Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:
resume Strength
- Personalization
- Target Job
Resume Overview
School Attended
- Elizabeth City State University
Job Titles Held:
- Security Control Assessor (SCA)
- POA&M MANAGER
- Service Desk Analyst
Degrees
- Bachelor of Science
By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy
