| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateK. ATSOMESilver spring, MD EMAIL AVAILABLEProfessional ProfileSkilled Information Security officer, knowledgeable in risk management framework (RMF), systems development life cycle (SDLC), and vulnerabilities management using FISMA, and applicable NIST standards. Organized, Solutions-focused, deadline-focused, team oriented, work well independently, or in team providing all facets of computer supports with in-depth knowledge and understanding of numerous software packages and operating systems. A proven project and team lead with aptitude for good customer service, leadership, excellent communication (both oral and written), and presentation skills. Specialized in providing IT security expertise and guidance in support of security assessments and continues monitoring for government and commercial clients.EducationMaster of Science (MS) in Computer Science (In Progress), University of Maryland Global CampusBachelor of Science (BS), University of Maryland Eastern Shore, Princess AnneCertificationCompTIA Security+Certified Information Security Manager (CISM)Skills, Qualification & Technical ExpertiseTenable Nessus Vulnerability Scanner, Microsoft 365, Mac, Microsoft Windows, VMware, Linux, CSAM, eMass, Splunk, Tripwire, SharePoint, Qualys, Remediation, ServiceNow, Active Directory, Trend Micro.Developed and maintained compliant security, implementing policies, procedures, and standards.Collaborated with cross-functional teams to develop comprehensive security policies, procedures, and guidelines.Stayed up-to-date with the latest trends, technologies, and industry standards in cybersecurity, focusing on Access and Identity management.Analyzed and created report of risk finding in our environmentImplementation of policies and procedures to ensure the integrity of electronic Protected Health Information (ePHI)Collaborated with cross functional team and analyzed complex technical concept to non-technical stakeholders.Monitoring applications, activity logs resources and resolved issues within the agency utilizing cyber security best practices and approved tools. Proven ability to work independently and collaboratively in a fast-paced, client-facing environment. Assisted in vulnerability scanning and assessment using tenable Nessus and also generated report and collaborated with the impacted department for remediation.Developed and documented standard operating procedures and work instructions for security tools like tenable Nessus and splint taking into consideration business continuity and security.Professional ExperienceNOAA, Suitland, MD-USA 1/2022 - PresentInformation System Security OfficerEnsured compliance with ATO requirements and relevant frameworks (FISMA, RMF, NIST).Coordinated with Offensive and Defensive Cyber teams in exercise or contingency operations.Conducted cybersecurity monitoring and reporting to maintain compliance with regulatory standards.Reviewed Authority to Operate (ATO) packages for completion and compliance with cybersecurity requirements. Provided Information Assurance (IA) and Cyber Security support for IT systems.Reviewed RMF Packages for completeness and technical accuracy, ensuring compliance with NIST 800-53 and other relevant standards.Updated and reviewed Assessment and Authorization (A&A) Packages to include Core Docs, Policy & Procedures, Operations and Maintenance Artifacts, SSP, SAR, SAP, FIPS 199, FIPS 200, POA&M, CPTPR, BIA, PTA, PIA, and moreCollected Operation and Maintenance artifacts on an ongoing basis so that Security Control Assessment (SCA) is seamlessReviewed assessment documentation, ensuring thoroughness and accuracy in documenting security controls and assessments.Assessed designs for compliance with NIST 800-53 and DOD policies, contributing to the enhancement of security measures.Collaborated with cross-functional teams to develop comprehensive security policies, procedures, and guidelines.Created and validated Plan of Actions and Milestones (POA&Ms) to address identified security vulnerabilities.Developed and executed comprehensive change management plans, including communication strategies, training programs, and stakeholder engagement activities.Ensured compliance with DoD and Army Instructions, Directives, Policies, and Regulations, maintaining Certification & Accreditation (C&A) artifacts and documentation.Assisted with security assessments and provided continuous monitoring evidence for various environments, including corporate, commercial regulated, FedRAMP and DOD.Supported FedRAMP or FISMA authorization processes by preparing teams, updating documentation, and responding to requests from the FedRAMP PMO, Agency, or CISO.Managed cloud infrastructure on AWS and Azure, ensuring compliance with FedRAMP and NIST standards.XZENTIA IT SOLUTIONS & SERVICES 6/2016 12/2021Information Security AnalystHosted Boot Camp, training and hands-on projects.Mentored junior team members, fostering knowledge sharing and continuous learning.Monitored IT systems using Splunk to secure breaches and conducted risk analyses.Reviewed and resolved security issues in collaboration with client IT teams.Collaborated with cross-functional teams to develop comprehensive security policies, procedures, and guidelines.Managed cloud infrastructure on AWS and Azure, ensuring compliance with FedRAMP and NIST standards.Supported Assessment and Authorization(A&A) activities and validated security plans for NIST compliance.Managed vulnerabilities using Nessus and reviewed security logs for compliance.VINDS INC 8/2015 6/2016Information Security AnalystCoordinated SCA activities and held kick-off meetings with stakeholders.Developed and updated security plans and POA&Ms.Managed vulnerabilities using Nessus and prepared security documentation.Executed the Information Assurance Vulnerability Management (IAVM) process, coordinating vulnerability scans, and security analysis.Implemented security governance processes in line with NIST, ISO, and OMB guidelines. |
