Cyber Security

Fatmata Janga

Rockville, MD

Phone: 781-***-****

Email: adkdic@r.postjobfree.com

SUMMARY

Experience working as a cyber security analyst for which duties entailed; reviewing components, updating Plan of Action & Milestones (POA&Ms) contents for consistency and delivery to system owners and other approving authorities to obtain authority to operate (ATO) as needed. Plan, track, and remediate deficiencies as assigned. Deliver high quality content in a timely manner to meet defined deadlines. FOOD AND DRUG ADMINISTRATION FDA

IT Security Analyst/ Assessor

FEB 2019–DEC 2020

BETHESDA, MD

• Conducted Certification and Accreditation (C&A) on major applications following the Risk Management Framework (RMF) from Categorization through Continuous Monitoring using the various NIST Special Publications in order to meet Federal Information Security Management Act (FISMA) requirements.

• Assisted with developing System Security Plans (SSPs), Suspicious Activity Reports (SARs), and POA&Ms (Plan of Action & Milestone) which were presented to the Designated Approving Authorities (DAAs) to obtain the Authority to Operate (ATO).

• Conducted security assessments on major applications, updated POA&Ms with findings, and monitored for remediation deadlines.

• Performed risk assessments to identify the risk level associated with findings.

• Reviewed artifacts regarding POA&Ms created by the Information Systems Security Officer (ISSO) before closing.

• Assisted in updates of IT security policies, procedures, standards, and guidelines according to department and federal requirements.

• Helped with updating IT security policies, procedures, standards, and guidelines per the respective department and federal requirements.

• Supported cyber security analysis by conducting Vulnerability Management, Security Engineering, Certification and Accreditation, and Computer Network Defense.

• Monitored controls post authorization to ensure constant compliance with the security requirements.

• Reviewed and analyzed Nessus Vulnerability and Compliance scan results for remediation.

• Monitored security tools and correlated reporting and other appropriate information sources to identify incidents, issues, threats, and vulnerabilities.

• Provided daily anomaly and alert reporting from all reviewed tools and sensors.

• Provided Security and Privacy expertise to assist with research and response to security and privacy incidents.

GLOBAL TECH CONSULTING

INTERN

NOV 2017 - SEPT 2018

SILVER SPRING

● Review and assist with developing and documenting approach, for learning activities surrounding data, analysis across systems.

● Documenting solutions that integrate information security requirements to proactively protect information based on NIST requirements.

● Outlining processes for performing audit and security compliance checks, including network penetration testing, vulnerability scans and poa&m reviews.

● Facilitating web-based and classroom based communication and other activities as assigned.

EDUCATION

● B.Sc in Biology

● B.Sc in Psychology

CERTIFICATIONS

● CompTIA Security+ in progress

PLATFORMS

● Windows 7/8/8.1/10, Windows Server 2012 R2, Linux /Red Hat/, FIPS 199, FIPS 200, NIST 800-53 Rev4, NIST 800-30, NIST 800-37, NIST 800-39, SSP, ST&E, SAR, Plans of Action and Milestones

(POA&M), Authorization to Operate (ATO) Letter, MS Office, SharePoint, Nessus Vulnerability

Contact this candidate