Resume

Sign in

IT SECURITY ANALYST

Location:
Washington, DC
Posted:
January 02, 2020

Contact this candidate

Resume:

ABY M. BA

IT SECURITY ANALYST

PERSONAL INFO

443-***-****

ada6xc@r.postjobfree.com

*** ***** **** ***** *** 2K

Glen Burnie MD 21060

SUMMARY

10+ years’ experience in IT and 5 years in Security Assessments using Authorization & Accreditation

processes, FISMA, FIPS 199 & 200, NIST 800 series, Risk Management Framework, SSP, POA&M, Security

Assessment and Fed RAMP.

Some experience in Vulnerability Scans and Network Administration Principles. Excellent written and verbal communication in English and French.

Strong ability to actively communicate, listen and coach others. Excellent computer skills Linux, Windows, MS Word, MS Excel, MS PowerPoint, NESSUS.

Strong customer service skills.

EDUCATION AND

CERTIFICATIONS

• Bachelor of Business

Management

Major - Marketing

Minor – Management of

Information Systems

GPA – 3.68

• CompTIA Security +

Certified

OTHERS

• CISSP (candidate)

• CSM Scrum Master

Certification (candidate)

EXPERIENCE

CYLOC SOLUTION LLC, Laham - Maryland

IT Security Analyst – Lead FISMA Consultant

May 2014 – Present

• Conduct FISMA-based Security Risk Assessments for various assigned application system including

Interviews, tests and inspections in accordance with NIST 800-53A revision 4.

• Ensure cybersecurity policies are adhered to and that required controls are implemented.

• Validate information System Security Plan (SSP) to ensure NIST control requirements are met.

• Develop resultant Security Control Assessment (SCA) documentation including but not limited to the

Security Assessment Report (SAR).

• Document assessment findings in the Security

Assessment Report (SAR) and produce a Plan Of

Action and Milestones (POA&M) for all controls

having weaknesses or deficiencies.

• Categorize information systems as per their C.I.A.

(Confidentiality, Integrity and Availability) using FIPS 199 and NIST SP 800-60 guidelines.

SKILLS

• MS Office

• FIPS, NIST, FISMA

• NESSUS

• Leadership

• Project Management

• Team Work

• Customer Service

• Communication Skill

• Work Ethic

• Analytical and critical

thinking

• Collaboration and

negotiation skills

• Innovative and creativity

• Recruiting, hiring, training

and motivation staff

• Social media

• Perform comprehensive assessments and review of

management, operational and technical security

controls for audited applications and information

system in conformity with NIST 800-53A Revision 4.

• Review, audited system logs and monitored controls post-authorization to ensure continuous compliance with security requirement.

• Assist in talent acquisition interview process.

• Assist in new hire training programs for the proper understanding and implementation of FISMA rules,

• Conducted kick-off meetings to determine security control assessment framework and completion

timeframe.

• Continuously coach, train and evaluate performance of team members,

• Ensure that awareness and training materials are reviewed periodically and updated when necessary.

SECU OF MARYLAND, Linthicum - Maryland

IT Security Analyst - Consultant

August 2017 – Present

• Provide security expertise and guidance in support of security assessment for non-federal institutions.

• Participate in monthly Information Technology security team meetings to provide guidance and support for the development of enterprise security architecture.

• Execute, examine, interview and test procedures in accordance with NIST 800-171.

• Ensure cybersecurity policies are adhered to and that required controls are implemented.

• Validate Information System Security Plan (SSP) to ensure NIST control requirements are met.

• Develop resultant security control assessment (SCA) documentation including but not limited to the

Security Assessment Report (SAR).

• Assist team member with proper artifact collection and detail to the Board of Directors examples of artifacts that will satisfy assessment requirements.

• Work closely with IT Security team to provide security logs to ensure compliance with policies and procedures and identify potential anomalies.

• Act as the sole Compliance Editor and Enforcer for all organization southeast branches.

• Maintain members’ information security program

compliant with the provisions of the Gramm-Leach-

Bliley Act (GLBA) or the Bank Security Act and prepare annual report on the overall status on the level of compliance.

• Audit activities of security administrators on

examination handbooks, National Institute of Standard and Technology (NIST) 800-171 and cybersecurity

framework.

LANGUAGES

English

French



Contact this candidate