| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Phone: PHONE NUMBER AVAILABLE EMAIL AVAILABLEUnited State Citizen with ACTIVE DOD SECRET CLEARANCE PROFESSIONAL SUMMARYI am a Retired Veteran, initiative-taking, effective communicator, results, and detail- oriented, IT savvy professional with tremendous IT skills and experienced in working with sensitive and confidential information. Ability to implement robust IT software tools, complying with organizations SOP in securing data and systems. An IT Security Analyst and NIST 800-53 Control assessor with over 5 years of combined experience in Federal Information Security Management Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), National Institute of Standards and Technology (NIST), Risk Management Framework (RMF) processes, Risk Assessment (RA). Thorough understanding of NIST 800-53 Rev 4 and 5 security controls. Audit projects including Security Audit, RMF, and HIPAA. An IT professional with experience in vulnerability management, security control implementation, assessment and authorization, POA&M management, continuous monitoring, as well as risk assessment. Understanding of information technology concepts.EDUCATION/ PROFESSIONAL CERTIFICATIONSPMPLean Six SigmaCSMCompTIA Security+Master of Science, Organizational Leadership Columbia Southern UniversityBachelor of Science, Management University of PhoenixRisk Management Framework Cybersecurity Systems Information University CYBER SECURITY TRAINING/SKILLS/STANDARDS/SOFTWARENIST Guidelines Publications Certification and Accreditation (C&A) HIPAA & PRIVACY ACT training. IT Security Compliance Vulnerability Assessment Network Vulnerability Scanning Information Assurance System Risk Assessment System Development Life Cycle System Security Plan (SSP) SharePoint LAN NIST SP 800-53 SP 800-53A SP 800-37 NIST SP 800-171 Risk Management Framework (RMF) Windows Microsoft Office. Department of the Army July 2004 - June 2024Conducts assessment of the security and privacy controls implemented by an Information System Officer to determine the overall effectiveness of the controls and the vulnerability state of components, applications and databases residing within the system boundary.Performs vulnerability/risk assessment analyses to support A&A activities and to enforce compliance.Conducts vulnerability scanning using Nessus scanning tool.Develops solutions to security weaknesses in the Requirement Traceable Matrix (RTM) and SAR, while working on POA&M remediation and Corrective Action Plan (CAP).Maintains and manages Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), Security Test and Evaluation(ST&E), Plan of Action and Milestones (POA&Ms), Security Assessment Report (SAR), and other relevant security documentations for the system.Analyzes and updates System Security Plan (SSP), Risk Assessment (RA), Privacy Impact Assessment (PIA), System Security Test and Evaluation.Provides security control assessor (SCA) services, such as assisting with the Assessment and Authorization process, scanning, documentation, reporting and analysis analyzing current threats to information security and systems.Ensures all supporting artifacts and results will be documented appropriately and in a timely manner. Adheres to the NIST Risk Management Framework (RMF) to support the A&A process, including analyzing the development of supporting policies, procedures, and plans, designing, and implementing security controls, testing, and validating security controls, and analyzing and tracking corrective action plans.Performed application controls testing related to data protection, logical access, programming, problem management, contingency planning and back-up, data transmission, input, and output and processing controls.Executes day-to-day deliverables that support the ongoing compliance needs related to IT policy, compliance, and risk, as well as any new regulatory requirements.Worked with Data Engineers and Analysts to transform raw and curated data into analytic solutions.Worked with visualization and analysis tools to build, publish, and maintain data models leveraged in reporting and business analysis.Worked with the broader analyst community to gather, scope, and prioritize analytic opportunities.Worked as part of senior IT team to expand data sets, transform data, publish, and present business intelligence, while following Agile Developmental methodology.Developed, produced, and managed reporting for internal and external purposes.Generated insights from data observations around emerging trends, performance, and areas of opportunity.Supported the development and expansion of the Patient Transfer Center, which included managing data requests, performing, and presenting opportunity analyses to key stakeholders.Maintained resource library for referrals to multiple agencies namely, Ombudsmen, patient advocate, substance abuse treatment, and financial services.Acted as liaison between IT, Data Governance and Assurance and the military community.Managed electronic health records using Healthcare Artifacts and Image Management Solution (HAIMS) and Armed Forces Health Longitudinal Technology Application(AHLTA).Worked with cross-functional teams, including IT, human resources, contract, and security to address potential compliance issues and achieve data privacy program initiatives and provide as needed support to other programs within Ethics & Compliance. |
