| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Cybersecurity AnalystEMAIL AVAILABLEMobile: PHONE NUMBER AVAILABLEBowie MDI'm a dedicated, passionate and accomplished individual with about 6 years experience in Information System Security Analyst with a proven track record of technical and professional skills in vulnerability management, security control implementation, assessment and authorization, POA&M management, continuous monitoring, and Risk Management Framework, Authentication & Access Control, System Monitoring and Regulatory Compliance in accordance with NIST, OMB, FISMA, FedRAMP and industry best security standards. Dynamic IT professional with the ability to adapt well to changing environments and interact well at all levels. Proven ability to lead and direct, solve problems creatively, and make strategic decisions in fast paced environments. I am a US Citizen with a Public Trust clearance.Cybersecurity Analyst: February 2016 PresentW.T Solutions - Greenbelt, MDResponsibilities:Develops risk assessment reports, identifying threats, and vulnerabilities applicable to the system.Evaluates the likelihood that vulnerabilities would be exploited and assess the impact associated with this threat and vulnerabilities.Develops maintain and manage Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), POA&Ms, and other relevant security documentation for existing and new systems.Conducts both technical and non-technical internal audits and testing to validate system operational requirements compliance.Conduct security incident management.Work closely with stakeholders to best align business needs with technical capability/feasibility.Use workflows to develop security artifacts.Documents, organize and implement security control requirements.Conducts kick-off meetings to categorize the system according to NIST requirements of low, Moderate or High System. FIPS 199 and SP 800-60 Vol 1&2.Conducts Security control Assessment to assess the adequacy of management, operational, privacy and technical security controls implemented.Monitor, report and respond to security events.Collaborates with engineers and internal business teams to analyze, design, & deliver innovative technology solutions for a wide variety of business challenges.Develops security documentation such as System Security Plans from artifacts and assessments provided by third parties.Provide Business Impact Analysis and Business Continuity assessments and updates.Analyze and update system security plan (SSP), Risk Assessment (RA), Privacy Impact Assessment (PIA), SystemExperience working in or familiarity with popular cloud platforms and applications such as Azure and AWS.Review, analyze, discuss, and evaluate the implementation of security controls in multiple information system environments, including dynamic cloud services (IaaS, PaaS, & SaaS)Experience with cloud service providers such as AWS, Microsoft Azure and Google cloud.Excellent technical knowledge on the cloud architecture and strong process/project management skills to resolve our issues in timely manner.Work with business units, software developers, security, to design and build applications and services within AWS and/or other cloud providers.Review SOC 2 Reports & SIG and gather evidences to make sure it complies with companys control standardsImplement secure solutions to take advantage of new features and functionality available in cloud environments.Effective verbal, written, and listening communications skills.Security Control AssessorMBA TECH, Upper Marlboro, MD.December 2014 - January 2016Responsibilities:Conducted system security control assessment in accordance with NIST SP 800-53 Rev4, control selection/implementation, and NIST SP 800-53a, security control assessment, to determine control implementation and effectiveness.Review IS security plans and other A&A documents for all applications to determine if mandated procedures and tasks are followed, such as using IACS.Developed and prepared the Security Assessment Plan (SAP), Security Assessment Report (SAR), POA&M.Developed and distributed the Security authorization schedule, based on timeline criteria, reauthorizations, and obtain required signatures for system stakeholders.Prepare written justification, when appropriate, to obtain a written waiver of policy for mandated security featuresDevelop a preliminary Security Assessment Report (SAR).Ensure that all required security authorization activities are completed, and the results are documented in the Information Assurance Compliance System IACS / XACTA toolProvided ATO document review for systems undergoing security authorization, including the: Security Plan, Contingency Plan, Contingency Plan Test, Configuration Management Plan and Remediation Plan, etc.Strong understanding of the NIST SP 800-3X series and SP 800-18, and a working knowledge of all other NIST FISMA issues, as well as federal statute, security-relevant OMB circulars and memoranda, federal information processing standards, and other federal security doctrine.Excellent verbal and written communication skills with the ability to read and analyze dataeffectively to write cogent reports on assessment findings with sound recommendations.Supported the PM by providing information for status reports, status briefings, schedules, project plans, etc., both in written and oral form.Coordinated and worked with the infrastructure and security team in gathering and documenting required artifacts.Education:Bachelors in Computer Science, University of Yaound 1 Ngwakele, Cameroon.CertificationCompTIA Security +, CAP (in Progress)Skill/ToolMicrosoft office (word, PowerPoint, Excel, Outlook) Xacta 360, Splunk, IPS/IDS Snort, Nessus, McAfee, Nmap, Web Inspect, POA&M tools like TAF, & CSAM, GRC, Wireshark. |
