Cyber Security Information

SAM AMIN

EDUCATION

Northern Virginia Community College- Pursuing Associate of Applied Science in Information Security

Woodbridge Senior High School – Graduated

CLEARANCE

DOD Secret Clearance

DHS Public Trust

CERTIFICATIONS

CompTIA Security+ ce

CompTIA Network+ ce

ITIL Foundation v4

Certified Information Security Manager (CISM)

DoD 8570 IAM/IAT Level III

TECHNICAL SKILLS & TOOLS

ServiceNow, Remedy, JIRA, Confluence, eBusiness, eMASS, MCCAST, Archer, CSAM, Vulnerability Scanning, Risk Assessment, Active Directory, Tenable Security Center, ISVM, STIGs, Networking, ACAS, TCP/IP, Risk Management Framework (RMF), VPN Management and Remote Client, NIST 800-53, FISMA, ATO, FedRAMP

CONTACT DETAILS

Phone: 703-***-****

Email: ad5u6j@r.postjobfree.com

Springfield, Virginia

SUMMARY OF QUALIFICATIONS

Experienced Cyber Security Professional with 13+ years in Cybersecurity and Risk Management Framework (RMF). Ambitious and motivated, seeking roles like Information Systems Security Officer (ISSO) and Cyber Security Compliance Specialist. Expertise in diverse cyber risk projects, skilled in asset management, cyber security strategy, RMF, IT Audit, and process improvement, delivering impactful outcomes through operational optimization.

EXPERIENCE

ECS Federal, US Department of Defense — Information Systems Security Officer (ISSO)

OCTOBER 2016 – Present

Defense Healthcare Management System Modernization Program:

–Developed and updated comprehensive security authorization packages in line with FISMA and client needs, covering SSP, Risk Assessment, Security Plans, IRP, SOPs, and POA&M for optimal compliance and security posture.

–Ensured continuous RMF compliance to maintain Approval to Operate (ATO) status for managed systems and applications.

–Initiated and managed Plan of Action and Milestones (POA&Ms) for the timely mitigation of identified security risks.

–Directed continuous vulnerability monitoring for all assigned systems, ensuring vulnerabilities were promptly reported and mitigated.

–Collaborated with leadership to ensure compliance with data security policies, legal, and regulatory requirements in line with organizational directives and RMF standards.

–Fulfilled a broad range of cybersecurity duties as assigned by management, showcasing adaptability and dedication to security excellence.

DHA - Program Analyst (DaaS team):

–Acted as onsite liaison for Project Management Office, ensuring effective communication.

–Conducted site visits to monitor program implementation and facilitate processes.

–Presented weekly status reports to upper management, aiding decision-making processes.

–Organized and led teleconference meetings, creating agendas and documenting discussions.

–Provided administrative support, reviewing Daily Status Reports for project updates.

Environmental Protection Agency:

–Supported ATO effort for several RMF systems and received Approval to Operate (ATO)

–Support included assisting in all six steps of RMF (Categorization, Select, Implement, Assess, Authorize and Monitor)

–Maintained a repository for all system certification/accreditation documentations using the Cyber Security Assessment and Management (CSAM) system

–Reviewed monthly vulnerability scan reports and tracking and addressing weaknesses in POA&Ms as needed

–Conduct gap assessments to identify risks in order to update policy, procedures and standards

TEKsystems, Environmental Protection Agency— IT Remote Sites Asset Manager / ISSO

NOVEMBER 2013 – OCTOBER 2016

–Managed asset lifecycle across 19 EPA sites, optimizing compliance, efficiency, and procurement with innovative management strategies and IT systems.

–Supported several major and minor RMF systems as an ISSO

–Support included categorizing the system, selecting and implementing security controls; creating a comprehensive System Security Plan (SSP), which included over 450 NIST 800-53 controls with PII control overlay

–Developed and enforced asset management policies, streamlined SOPs, and provided expert consultation to enhance operational procedures and product selection.

–Spearheaded IT support initiatives, including inventory management, system updates, troubleshooting, and hardware maintenance, leveraging tools like Remedy, eBusiness, and MS Excel to ensure system reliability and user satisfaction.

–Enhanced IT infrastructure by implementing robust security measures and conducting comprehensive technical support, significantly improving system performance and user experience.

ECS Federal, Environmental Protection Agency— IT Security Specialist (Jr. ISSO)

OCTOBER 2012 – NOVEMBER 2013

–Served as a security engineer and ISSO that manages multiple internally developed systems and commercial off-the-shelf (COTS) products to ensure the implementation of system-level NIST 800-53 security controls within the Secure Systems Development Life Cycle (SDLC) Process

–Communicated and coordinated with the project team developers and Risk Management Framework (RMF) security engineers to incorporate and meet security requirements

KForce/CSC - Environmental Protection Agency— IT Asset Management Specialist

MAY 2011 – OCTOBER 2012

–Managed and updated IT asset inventory, including desktops, laptops, and peripherals, using Remedy, eBusiness, and MS Excel, ensuring accuracy and efficiency.

–Configured and maintained network printers and resolved connectivity issues, enhancing network functionality and user productivity.

–Provided comprehensive technical support, including hardware troubleshooting, system imaging via Ghost Server, and software updates, improving system reliability and performance.

–Administered Active Directory for user support tasks such as password resets and access rights adjustments, streamlining user issue resolution.

–Assisted in diagnosing and repairing IT equipment, maintaining an updated inventory, and ensuring systems were secured with the latest patches and antivirus software.

Contact this candidate