| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
SNR. SECURITY CONTROL ASSESSORDetailsAlexandria, VA Street Address , United StatesPHONE NUMBER AVAILABLEEMAIL AVAILABLEProfileDedicated and results-driven Security Control Assessor (SCA) with 10+ years of experience in evaluating and enhancing security controls to safeguard critical systems and data. Adept at conducting comprehensive assessments, identifying vulnerabilities, and implementing risk mitigation strategies to ensure compliance with industry standards and regulations. Proven expertise in specific security frameworks, such as NIST SP 800-53 or ISO 27001. Strong analytical, communication, and problem-solving skills, coupled with a passion for maintaining the highest levels of cybersecurity. Committed to helping organizations maintain a robust security posture in an ever-evolving threat landscape.SkillsRisk Management: Risk assessment and risk mitigation analysis, Information Assurance & Privacy, RMF, System / Network vulnerability analysis, Testing IS Controls, Cloud Cybersecurity (NIST SP 800-Series, FIPS 199, FIPS 200).Regulatory Compliance: HIPAA, FedRAMP, NIST SPs, PCI-DSS, ISO 27001, CMMC, Contingency planning.Policy and Compliance Review: SOPs, ISAs, MOUs, test results, firewall policy, Ports & Protocols, Plug-ins.Networking: Public and Private IP addressing.Security Tools: Nessus Scan [Tenable io], Web Inspect, STIG.Software: Microsoft Office Suite 2016: Word, Outlook, Excel, Visio, PowerPoint, Teams, Virtualization, Windows and Linux Operating Systems, SharePoint, Risk Vision, Splunk.Server: Windows Server 2016.GRC Tools: RSA Archer, eMASS, CSAM, ServiceNow.Soft skills: Strong oral and technical writing skills, team player, detail-oriented, ability to work independently, strong leadership and organizational skills.Employment HistorySnr. Security Control Assessor at Global Scalable Technologies LLC, Calverton, MDAPRIL 2021 PRESENTCreated post assessment reports and recommendations for relevant security findings.Conducted security control testing, analyzed Body of Evidence (BoE) documentation and test results, documented risk and recommended countermeasures.Provided an assessment of the severity of weakness or deficiencies discovered in the information system and its environment of operation and recommended corrective actions to address identified vulnerabilities.Executed vulnerability/compliance assessment tools and evaluated results for systems undergoing security assessment.Provided documentation to the customer which describes all identified system risks, planned test procedures taken and test results.Provided enhancement capabilities and SOPs to assessment operations for execution and implementation.Security Control Assessor at Cerner Technologies, Kansas City, MOJANUARY 2014 MARCH 2017Identified potential problems in the organization's implementation of the Risk Management Framework.Developed a security assessment report (SAR) in accordance with the scope and schedule defined in the SAP.Created post assessment reports and recommendations for relevant security findings.Entered assessment data in Cyber Security Assessment and Management (CSAM) database used by the federal customer.Experienced in writing information system security documentation (System Security Plans (SSP), Plan of Action and Milestones (POA&Ms), PTAs, PIAs, CMPs, CPs, and IRPs).Executed vulnerability/compliance assessment tools and evaluated results for systems undergoing security assessment.System Analyst at Quadrint, Inc., Herndon, VAMAY 2012 DECEMBER 2014Performed network asset management, including maintenance of network component inventory and related documentation and technical specifications information.Supported and designed department project assignments and small system implementation.Provided input to solution development efforts.Maintained schedules and completed assignments as directed.Tracked information system resources for assigned projects.Reported on project time-lines and documented performance.Developed work products, documented operational and business objectives, best technology capabilities and task level resource requirements.Maintained project task plans, documentation and communications.EducationBSc. Information Systems & Operations Management & Entrepreneurship, George Mason University, Fairfax, VADean's List: Spring 2018ASSOCIATE OF SCIENCE: Business Administration, Northern Virginia Community College, Annandale, VADean's List: Spring 2015CertificationsCompTIA Security + CE - ActiveAWS Cloud Architect - Associate (SAA) - ActiveCertified Information Security Auditor (CISA) - ActiveCertified Information Security Manager (CISM) - ActiveClearance LevelEligible for SecretEligible for Public TrustWork StatusUS Citizen |
