Security Project Manager
Resume:
CARRIE R. FISHER SECURITY ANALYST II
Summary Of Experience:
Over eight years of experience in Security Authorization Process, Plan of Action and Milestone (POA&M) Management, Federal Information Security Management Act (FIMSA) compliance, and National Institute of Standards and Technology (NIST) guideline application. Three years experience in Assistant Information System Security Officer (AISSO) responsibilities. Over six years developing and participating in Process Improvement Working Groups. Over six years working closely with management in planning, designing, testing, and implementation of Security Authorization Process for project initiatives with the United States Coast Guard and United States Department of Veteran Affairs. Over seventeen years experience in customer service and client communication. Over ten years of expertise in office administration.
Education:
Associates Degree in Business, GPA: 3.8 Deans List (2003-2005) with honors.
Professional Training And Certifications:
Security + Certified 12/02/10
Security University CISSP Training, 2010
7th Annual IT Security Automation Conference 2011
Relevant Skills:
● Managing and executing Security Authorization Process of federal IT systems.
● Creating, Analyzing, and Reviewing System Security Plans, Contingency Plans, Risk Assessment Reports, Security Test and Evaluation Reports, and Security Assessment Reports.
● Continuously monitoring multiple business system POA&Ms.
● Participated in working groups responsible for developing a new Information Assurance
process.
● Acted as Point of Contact for business systems for all Security Authorization Process and security related questions
● Experience in interpreting and applying NIST, OMB, and FISMA publication guidelines.
● Training and mentoring colleagues.
● Clear, concise, and effective oral and written communication with individuals at all levels of the workforce.
Security Clearance:
Level: Secret 2008
Granting Agency: DISCO
Work Experience:
United States Coast Guard 06/08 – 10/15
Enterprise Information Services 06/10 – 10/15
Security Analyst
Coordinated Security Authorization Process's of the United States Coast Guard business systems according to NIST and OMB standards on the Information Assurance team. Managed POA&M’s (Plan of Actions and Milestones) for multiple business systems for Coast Guard. Participated in working groups responsible for developing a new Information Assurance processes. Point of Contact for Security Authorization Process for assigned systems. Worked with Project Control Specialists, Project Officers, and technical staff for all Security Authorization Process related activities. Created System Security Plans, Contingency Plans, Risk Assessment reports, Security Assessment Reports, Security Test & Evaluation Plans, and POA&M spreadsheets for the business systems. Created and Maintained System Security Plans, Contingency Plans, Risk Assessments, Security Assessments Reports, and Security Test & Evaluation Plans. Worked with Functional Area Managers, Project Officers and technical staff for all Security Authorization Process related activities. Assisted systems and made recommendations for completing FIPS-199 system categorization, E-authentication workbook, and privacy threshold analysis
Conducted Security Authorization Process Kick-Off Meetings and POA&M Meetings with multiple business systems.
Managed POA&Ms and provided continuous monitoring for multiple systems. Edited documentation for quality assurance. Assisted in the developing security requirements for products being considered for government purchase. Managed POA&M’s and continuous monitoring for multiple different systems. Acted as Point of Contact for business systems for all Security Authorization Process and security related questions. Assisted in creating templates for the Information Assurance team to improve our processes. Researched NIST and DHS policies and procedures as needed for specific system issues.
Stanley Associates, Inc 09/08 – 04/09
Security Analyst/Assistant Information System Security Officer
Performed Security Authorization Process efforts on the United States Coast Guard business systems according to NIST and OMB standards on the Information Assurance Team. Served as a Security Analyst (SA) and an Assistant Information System Security Officer (AISSO) on the IA Team at the Operation System Center (OSC). Created and maintained System Security Plans, Contingency Plans, Risk Assessments, Security Assessments Reports, and Security Test & Evaluation Plans. Worked with Functional Area Managers, Project Officers and technical staff for all Security Authorization Process related activities. Managed POA&M’s and did continuous monitoring for seven different systems. Edited documentation for quality assurance. Acted as Point of Contact for business systems for all Security Authorization Process and security related questions. Helped develop security requirements for products being considered for government purchase. Researched NIST and DHS policies and procedures for all updates on a continuous basis
Department of Veterans Affairs Office of Information and Technology STG, Inc 06/08 – 09/08
SECURITY AUTHORIZATION PROCESS Specialist
Responsible for travel expenses and payroll for 137 employees, provide cost projections weekly and monthly, create Power Point presentations for a variety of Security Authorization Process documentation, and assist Security Authorization Process project manager on all Security Authorization Process related tasks. Analyze, review, and assist in editing System Security Plans, System Level Control Appendixes, Contingency Plans, Risk Assessments, and Policies for multiple VA facilities during the Certification & Accreditation Effort. Responsible for the review of documentation in accordance with National Institute of Standards and Technology guidelines to provide input and baselines for systems to be in accordance with NIST standards.
United States Department of Veteran Affairs 04/05 – 05/07
Science Applications International Corporation 06/06 – 07/07
Information Engineer/Documentation Analyst
Analyzed & reviewed System Security Plans, System Level Control Appendixes, Contingency Plans, Risk Assessments, and Policies for multiple medical center locations, developed standard operating procedures for the Compliance Validation Division, created basic guidelines and standards for reviewing documents, validated and analyzed several site Plans of Actions and Milestones created from the C & A Effort, reviewed National Institute of Standards and Technology documents and other documents pertaining to information security, verified documented policies matched up with referenced policies in Site Security Plans, created lists of priority for document review assignments, participated in organizational training sessions, worked independently from home at times, and assisted Team Lead in random office tasks pertaining to document review processes.
KRM Associates, Inc 05/05 – 04/06
Senior Information Assurance Administrative Assistant, VHA Security Authorization Process
Served as personal assistant to project manager of the VHA Certification & Accreditation Project, edited Site Security Plans, Contingency Plans, Risk Assessment Reports, and other Security Authorization Process related documents for quality assurance, produced system of organization for security control assessment reports, created checklists and guides for report distribution, tracked report production using spreadsheets, performed multiple data entry tasks utilizing Microsoft Office suites, took minutes at all executive level meetings, prepared travel resource material for over 90 people on over 130 trips, provided budget analysis and in-depth reports, researched and arranged travel accommodations, maintained action item lists for project, scheduled multiple weekly meetings and conference calls, developed memos for project related tasks, answered project-related questions and emails on a regular basis, solved travel related problems, burned multiple CDs containing sensitive data, transferred data from online virtual office environment, worked as a vital and necessary member of a dynamic project team, and provided additional support as needed to the project manager and other senior management on project.
Verizon 7/99 – 08/03
Administrative Secretary/Clerk-Typist
Served as personal secretary to the director, acted in temporary management positions periodically when needed, prepared and completed payroll for employees, made all travel arrangements for employees, managed and maintained all of the office equipment, made travel arrangements for employees, answered multi-line telephone, organized and maintained important company files, compiled numerous reports, ordered office supplies, and organized office.
Contact this candidate