Candidate Information | Title | Vulnerability Management Analyst | Target Location | US-DC-Washington | | 20,000+ Fresh Resumes Monthly | |
|
|
| | Click here or scroll down to respond to this candidateExperience SummaryIT Professional with experience in Information System Security, Information Assurance and Advanced Computer Operations.Knowledgeable in all aspects of Security Standards and Risk Management Frameworks, FISMA, HIPPA, FIPS199, NIST guidelines 800-53 Rev 5,800-37, 800-30, 800-39, 800-53B, 800-53A, 800-60 rev1, FIPS 199, 800-171, 800-26 and ISO 9001,27001 standards.Familiar with various security technologies and their functionalities i.e., SIEM, SOAR, IDS, IPS and firewallsUnderstanding of cloud environments and related technologies such as virtual instances, databases, storage, serverless architecture and containers.Knowledgeable of network security protocols, and assessment proceduresFamiliar with and knowledgeable of encryption algorithms and methods as well as their various implementations and configurationsIncident reporting and documentationExperience conducting risk and vulnerability assessmentsKnowledgeable of Compliance and Regulatory Requirements such as GDPR, HIPPA, PCI-DSSFamiliar with the functionality of various network/system scanning tools such as Angry IP, Nessus, Maltego and web application scanners such as Wireshark, nkito, Arachni, OWASP ZAP and Burp SuiteAugments on the job experience with home-based cybersecurity lab. Conduct real world simulations of cyber threats and vulnerabilities to understand the functionality and features of various security controls.CERTIFICATIONSCompTIA Security+ CEAWS Certified Cloud PractitionerCDSE Introduction to the Risk Management FrameworkExperienceFortitude Systems/U.S. Dept of Transportation-Washington, DC-Vulnerability Management AnalystJanuary 2024-PresentCreate and update documentation necessary for system ATOsCreate POA&M documentationWork cross-functionally with Subject Matter Experts (SMEs) to collect system information and specifications to create Standard Operating Procedures (SOPs), memos, control templates. Implement controls from NIST 800-53, ICD 503, RMFDevelop and maintain Assessment and Authorization (A&A) documentationAssist with managing network security postureMonitor, research and analyze security events using SIEM toolsConduct vulnerability scans and endpoint assessments in the Common Operating Environment (COE) utilizing Tenable Nessus and Big Fix tools.Create Vulnerability Remediation Management tickets utilizing Service NowChoice Enterprise Technology, LLC -Gaithersburg, MD- Information Assurance OfficerAugust 2020-January 2024Implementing, oversight, and maintaining security configuration, practices, and procedure for information systems.Implement controls from NIST 800-53, ICD 503, and applying them to the design and implementation of information technology solutions to achieve or maintain Authority to Operate (ATO)Experience with Cisco Adaptive Security Appliance firewall and IDS.Understanding of various security vulnerabilities and able to implement firewall, switch and VPN functions.Develop RMF security documentationAssist in the development and implementation of security controls to protect information systems throughout the environmentConduct compliance and vulnerability reviews and scans of operating systemsInvestigate security breaches and participate in incident responseMonitor, research and analyze security events using SIEM toolsConduct risk assessments and investigations, execute appropriate risk mitigations.Analyze penetration testing and current event reports and convert to proactive monitoring/prevention strategiesPerform security analyses of operational and development environments, threats, vulnerabilities, and internal interfacesNational Institutes of Health-Gaithersburg, MD, Warehouse Specialist/Purchasing AgentSeptember 2017-August 2020Process and prepare customer orders for shippingMaintain customer data in order processing system (POTS)Monitor and manage warehouse inventory stock levels,Prepare invoices for customer ordersCompleted NBS Internal and External Requisitioner CourseCreate internal order requisitionsRoute Requisitions for approvalIdentify receiving requirements and enter NBS receiving informationU.S. Secret Service Washington, DC-IT Asset ManagerMay 2017-September 2017Receive and process incoming and outgoing materialDeliveries and pick-ups between various U.S. Secret Service FacilitiesMonitor, maintain and distribute warehouse inventoryMaintain and adjust information regarding warehouse inventory utilizing the Sunflower Asset Management System,Assist U.S. Secret Service employees with retrieving and storing materialsReceive, document and prepare government accountable property for distribution and disposalAllen Impact/GWA Office Products, Warehouse Lead/ Assistant SupervisorAugust 2014-April 2017Handle and sort warehouse materialsMonitor and track inventoryProcess orders, prepare for shipping and arrange for delivery to customers,Utilize various types of warehouse machineryMonitor and direct workflow in case of supervisors absence (supervised 12+ employees)Truck loading and receivingCoordinate customer deliveries,Proficient with various shipping software applications (UPS, DHL, FedEx etc.)Proficient knowledge of the Microsoft Dynamics AX inventory and business management system.EducationUniversity of the District of Columbia -2019-2021Information Technology |