| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
CySA+, SEC+, Scrum Master, Cybersecurity Workforce Certificate, S Clearance- Street Address . PHONE NUMBER AVAILABLE EMAIL AVAILABLESUMMARY OF QUALIFICATIONSSkilled Information System Security Officer with ample experience in Federal Privacy and Data Security Management & Operations, Project Management, NIST 800-53 rev4 and NIST SP 800-37 rev 1, 800-18, 800-53, 800-34, FIPS, FISMA, eMass, ACAS, Security Content Automation Protocol, NIST Family of Security Controls, POA&M, incident Response, and Contingency Planning.Technology: NESSUS by Tenable, Rave by Microsoft, MS-Solve by Microsoft, Nmap, Wireshark.TRAININGeMass certified Acas/ Nessus certified Risk Management Framework NIST Special Publication 800 HIPAA Course Certification Vulnerability Management CertificationDOD Cyber Awareness challenge, The Active Shooter, Domestic Violence - All Hands, Ncis Cntr Intel/Insider Threat, Operations Security, Dod Mandatory Cui Training, Suicide Prevention Gmt,Sexual Assault Prev/Response, U.S. Navy Equal Opportunity, Joint Staff Suicide AwarenessTECHNICAL SKILLSSoftware: Windows, EPIC, Soaring Clinical, T-systems, Excel, Microsoft Office 2016, 2010 and 2007; Server 2008; Linux, Norton Antivirus, Norton Ghost, Remote Desktop and Help Desk Management software, SQL, Active Directory.Hardware: Desktops, laptops, printers, scanners. Format, partition EIDE, SATA, SCSI, and SSD and perform data recovery and imaging.SUMMARY OF PROFESSIONAL EXPERIENCEUnited States NavyIT rate (IT Assistance/Med board) - Information Security Naval Station (NAVSTA) Norfolk March 3, 2021- PRESENTPerform roles/responsibilities of the Information System Analyst for assigned information systemsServe as the lead point-of-contact for all security-related matters to those systemsProvide Systems IT Support for Hardware/Software and Independent Verification and Validation (IV&V)Review existing policies, procedures and guidelines to ensure compliance with NSWCPD and Navy Cyber Security/Information Assurance (IA) PolicyAssist, and when required, conduct vulnerability scans of assigned networks and databasesProvide assistance in the remediation of vulnerabilities identified through network scansCoordinate changes or modifications to hardware, software, or firmware of a system with the applicable cybersecurity entities prior to a changeSupport the performance of periodic reviews of security controls for responsible systemsProvide on-site and off-site system engineers to assist with the acquisition, integration, and certification of systems and components under the purview of the Program. These include Navy-type Navy-owned systemsAssist in the development of a hardware Configuration Management (CM) plan, which is consistent and compatible with current U.S. Navy hardware CM practices. Provide CM reports as required in support of Integrated Product Teams and the project manager.Assist in the development of a Systems Engineering Risk Management Plan including the stand-up and operation of a Risk Management Board (RMB) that is consistent and compatible with current U.S. Navy Risk Management practices where applicableDevelop and maintain a Plan of Action and Milestone (POA&M) for all IA-related tasks and deliverables in accordance with the Security Technical Implementation Guide (STIG)Develop Risk Assessment Reports (RARs) based on vulnerability test results, automated scan reviews, Assured Compliance Assessment Solution (ACAS) scans, and other DoD-mandated assessment-utilities.Input reports in eMass, or deliver in MS Office-products/Visio formats, as appropriateCommunity Resource for Justice (CRJ) Binghamton General Hospital Information Security Analyst Worcester, MA January 2018- March 2021Perform Risk Management Framework (RMF) Using NIST 800-37 as a guide for assessments and Continuous Monitoring.Initiate meetings with various System Owners and Information System Security Officers (ISSO), providing guidance and evidence needed for security controls, and documenting findings of assessment.As a team, we determine Security Categorizations using FIPS 199 as a guide, review, update, and develop Privacy Impact Assessment (PIA), Privacy Threshold Analysis (PTA), and initiate System Security Plans (SSP).Update System Security Plans (SSP) Using NIST 800-18 as a guide; assess Incident Response Plans; create Change Control procedures and drafts; and review updates on Plan of Action and Milestones (POA&Ms).POA&M Remediation: Perform evaluation of policies and procedures, security scan results, and system settings in order to address controls that were deemed insufficient during Certification and Accreditation (C&A).Expertise in National Institute of Standards and Technology Special Publication (NIST SP) documentation: Perform assessments, assist with POA&M creation and remediation, using NIST SP 800-53 Rev.1 and NIST SP 800-53 rev.4.Develop solutions to security weaknesses in the Requirement Traceable Matrix (RTM) and SAR, while working on POA&M remediation and Corrective Action Plan (CAP).Review updates on System Security Plan (SSP) using NIST SP 800-18 guidelines.with multiple clients to perform POA&M remediation. Maintain excellent working relationships with both internal and external clients using good communication skills.Provide security control assessor (SCA) services, such assisting with the Assessment and Authorization process, including A&A, documentation, reporting and analysis analyzing current threats to information security and systems.Identify trends and root causes of system failures or vulnerabilities using NESSUS Vulnerability Scanner, Nmap ports, weak configuration and missing patches.Assist with the Risk Management Framework (RMF) process using NIST SP 800-37 as a guide for assessments and Continuous Monitoring.Perform Security Risk Assessment and risk analysis of resources, controls, vulnerabilities, impact of losing systems capabilities, and threats to the mission objective and provided guidance on vulnerability and malware remediation.Draft/create/review RMF documents such as Configuration Management Plan, Incident Response Plan, Contingency Plan, Security Plans and POA&Ms.TECHNICAL CERTIFICATIONSCybersecurity Workforce Certification.CompTIA Security+ Certified CECompTIA Cyber Security Analyst (CySA+)Scrum Master Accredited CertificateProject Management- Certification CandidateCLEARANCEA citizen of the United States.Secret Clearance (Active).EDUCATIONCybersecurity Workforce- University of Louisville 2023Surface Warfare Institute, Great Lakes.United State Career Institute, Colorado, Accounting Expert Services)-2021B. Ed Social Science (Accounting and Management) U.C.C.-2006Project Management Practitioner (PMP) Certification Candidate |
