| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Washington DC Street Address Tell Phone: PHONE NUMBER AVAILABLE EMAIL AVAILABLECORE COMPETENCIES-Security Policies and Procedures - Vulnerability Management-Project Teamwork & Communication - Risk Assessment & Compliance- Documentation Development and Review - NIST SP Street Address -137, 800-37, 800-115, 800-30, - Microsoft word, Excel, Visio and PowerPoint 800-60, 800-53, 800-53A, FIPS199, 800-70TECHNICAL SKILLSAWS, Microsoft Azure, Office 365, Windows Server 2012/2016, Windows 10.Effectively creates and maintains relevant cloud systems documentation and user guides.Vulnerability and penetration tools like Nessus, Nmap, Wireshark, and Metasploit.Security Content Automation Protocol (SCAP).Symantec endpoint protection and KnowBe4.Operates Security Tools, monitoring, response, and reporting, including IPS/IDS, Firewall, and Advanced Malware Protection.Network Security Systems: Network Access Control (NAC), SIEM Solution, Data Governance, Multifactor Authentication, Patching and Remote Access, Vulnerability Scanning, Log Aggregation Tools, Security Operations Center (SOC), Firewall.PROFESSIONAL EXPERIENCECYBERSOFT TECHNOLOGIES CORPORATION, WASHINGTON DC JANUARY 2017 TILL DATETITLE: - SECURITY CONTROL ASSESSORResponsible for all phases of C&A to ensure compliance and provide guidance on IT Security requirements to assigned stakeholders.Conducts the ST&E Execution via document examination, interviews, and manual assessments.Performs first-level incident response and assures service resolution for cloud systems.Hold kick-off meeting with system owner, ISSO, and other stakeholders to discuss assessment activitiesPerform vulnerability assessment of information systems to detect deficiencies and validate compliance using a management tracking tool. (CSAM)Provides direct support to cloud operating environments daily, including the software installation, configuration, upgrades, security patches, and planned maintenance as required.Ensure security policies and recommendations comply with NIST, FISMA, organizational guidelines, and professional best practices.Perform Security Categorization (FIPS 199), conduct assessment and review Privacy Threshold Analysis (PTA), E-Authentication, Contingency Plan, and Testing for compliance and completeness.Review and document Security Test & Evaluation (ST&E), Security Assessment Plan (SAP), and Security Assessment Report (SAR).Develop, review, update, and document SAR, SSP, CP, and POA&M.Work with 3PAO, ISSO, ISSM, SA, and development team for assessment of Security Controls.Performed review of system documentation from a service provider and 3PAO (SSP, SAP, SAR, SRTM, RAR, POA&M, architectural documents, etc.)Develop and review Security Assessment Report (SAR), Risk Assessment Report (RAR), System Security Plan (SSP), Plan of Action and Milestones (POA&M), and Security Control Traceability Matrix (SCTM)INSIGHT-TECH SYNERGY, MD MARCH 2013 DECEMBER 2016 TITLE: - INFORMATION SYSTEM SECURITY OFFICERI am creating, maintaining, and reviewing the full scope of documentation required for Risk Management Framework (RMF) assessment & authorization and continuous monitoring.Assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.)Identify, develop, and incorporate common artifacts found in the RMF authorization package, e.g., system architecture and boundaries, hardware and software inventories, risk assessment reports, POA&Ms, data flows, COOP, PPSM accounting, and another necessary system, network, and application documentation.Perform Security Categorization (FIPS 199), Privacy Threshold Analysis (PTA), E-Authentication with business owners and selected stakeholders.Conduct Security Test and Evaluation (ST&E) assessment and populate the Requirement Traceability Matrix (RTM) based on NIST SP 800-53A.Conduct system vulnerability, risk assessments, and reviews.Documents for each system include, but are not limited to System Security Plans, Continuous Monitoring Plans, Contingency Plans, Contingency Plan Tests & After Action Reports, POAM Management PlansResponsible for executing, monitors, tracking, and reporting staff phishing tests. Performed first-level incident response and ensured service resolution for cloud systems.I am creating, maintaining, and reviewing Standard of Procedure (SOP) to support dash one (-1) control policies following NIST SP800-53 rev. 4.Support a Program of Record through a full security assessment and achieve an ATO.SMARTECH TECHNOLOGY, TX APRIL 2011 JANUARY 2012 TITLE: IT HELP DESKResponded timely to user requests for permission changes, file restores, virtual machine restores, new storage, and expansion requests.Installed, modified, and repaired computer hardware and software.Monitored, troubleshoot, and resolved infrastructure issues, performing standard infrastructure procedures such as patching/upgrades and documenting operational procedures.Resolve technical problems with Local Area Networks (LAN), Wide Area Networks (WAN), and other systems.Interact with external technology vendors and internal teams to troubleshoot issues and implement solutions.Provide technical assistance and support for incoming queries and issues related to computer systems, software, and hardware.Installed Windows 7/10, Mac OS X, UbuntuEDUCATIONUniversity of Maryland Global Campus; MSC in Cybersecurity Technology in progressUniversity of Maryland University College; BSC in Computer Networking and CybersecurityPrince Georges Community College; Associate Degree in Applied science CybersecurityPrince Georges Community College; Certificate Program in CybersecurityCERTIFICATIONSAmazon Web Services Certified Developer Associate (AWS) - CertifiedCisco Routing and Switching Associate (CCNA) - CertifiedCompTIA Security + - CertifiedScrum Master Certification - CertifiedMicrosoft Certified Azure fundamentals - CertifiedCertified information security manager (CISM) certified |
