Claire Fondong

Lanham, MD *****

240-***-**** – ad27nh@r.postjobfree.com

US Citizen.

Professional summary:

Cyber Security Analyst with 4+ years of experience providing information assurance, engineering, and operational support, including supporting information operations, cyber operations, system administration, and systems security. Proficient in Risk assessment and management using Risk Management Framework (RMF), vulnerability management, Assessment and Authorization. Also worked with HIPAA, PCIDSS, GDPR and ISO27001 standards.

Technical Skills:

Network Security

Erecting Firewalls

Information Assurance

Security Information and Event Management (SIEM)

Threat & Vulnerability Management

Malware Analysis

Penetration Testing

Managing Security Breaches

Plan of Actions & Milestones (POA&M)

Nessus: Vulnerability Scan

IDS and IPS: monitoring intrusions.

Linux

10/2020 to Current

Senior Security Analyst

Dynamic IT Security, Beltsville, MD

Completed System Assessment and Authorization (A&A) process for multiple systems to ensure an Authorization to Operate (ATO) is obtained on schedule.

Categorized information systems following FIPS 199 and NIST 800-60 guidelines.

Advised the Information System Owner (ISO) concerning the impact levels for confidentiality, integrity, and availability of the information in a system.

Drafted, reviewed, and updated Risk Management Framework (RMF) artifacts required for FISMA Compliance and Coordinated with Operations and Maintenance (O&M) teams to drive compliance with Security Controls and requirements.

Conducted security control assessment interviews, examination, and tested procedures to determine the Security posture of the System.

Developed a Security Assessment Report (SAR) in the completion of the Security Test and Evaluation (ST&E) questionnaire using NIST SP 800-53A Rev4.

Reviewed and Assessed privacy controls in compliance with Privacy Impact Analysis (PIA) and Privacy Threshold Analysis (PTA) using NIST 800-53.

Conducted continuous monitoring activities including but not limited to scanning the network (using Nessus), auditing network activity (Log analytics), Plan of action and Milestone (POAM), and evaluating 1/3 security controls.

Assists in reviewing proposed new systems and network designs for potential security risks and vulnerability scanning configuration needs; implement mitigation or countermeasures and resolve integration issues related to the implementation of new systems within the existing infrastructure.

09/2019 to 09/2020

Junior Security Analyst

Dynamic IT Security, Beltsville, MD

.

Worked as a team to write and update security plans according to NIST 800-53 standards.

Conducted a sitewide inventory project for 350 laptops, maintaining accurate records for clients.

Managed Plan of Action and Milestone (POAM) reports and participated in POAM remediation meetings to track progress and ensure high priority vulnerabilities are being attended to by remediation personnel.

Contributed to initiating FISMA metrics such as annual testing, POAM management, and program management.

Performed security categorization (FIPS 199), privacy threshold analysis (PTA), authentication with business owners and selected stakeholders.

Worked with both internal and external auditors to ensure compliance in national and international information security standards (ISO 27001)

05/2018 to 08/2019

Help Desk Agent

Motor Vehicle Administration – Baltimore, MD

Installed, modified, and repaired software and hardware to resolve technical issues.

Used ticketing systems to manage and process support actions and requests.

Documented transactions and support interactions in system for future reference and addition to knowledge base.

Resolved escalated issues by serving as subject matter expert on wide-ranging issues.

Identified and solved technical issues using variety of diagnostic tools and tactics.

Built and provided basic end-user troubleshooting and desktop support on Windows, Linux, and Mac systems.

Education:

●University of Maryland Global Campus; Bachelor of Science in Cybersecurity Policies and Management

●Certification and Authorization Professional (CAP) In-progress

●Risk Management Framework and Security+ Certificate training 2017

Certifications:

CompTIA Security +

Certified Scrum Master.

AWS Solution Architect November 2019.

Contact this candidate