Information Security Analyst
Resume:
GEORGE KWAME SAH
**** ***** *** ** **********, Virginia 22191 ******.****@*****.*** 571-***-****
Am an Information security analyst seeking for new position in an organization that is growth oriented where I can utilize my skills and knowledge in the RMF, Risk assessments and Continuous monitoring process.
EXPERIENCE
Special Skills
Assess program and security controls using Organization IT Security Policy Handbook and NIST Special Publications to provide information necessary to determine their overall effectiveness
Develop and maintain Authorization packages, includes System Security Plans, Configuration Management Plans, Risk Assessment Reports and evaluated existing documents and their accuracy
Support in Risk assessment and result documentation efforts
Participated in security team meetings and rendered other support to IT Security office, which included ensuring appropriate steps are taken to implement information security requirements for all IT systems.
Preparation of System Security Plan for information systems using SP 800 18
Review Security Plans for Information Systems
Ability to work effectively in a team and participate in group initiatives; alongside individually multitask whenever needed.
Great and effective verbal and written communication skills
Professional Experience
Information Security Analyst May 2018 - Present
The Excel Group, Bristol VA
Work in an Integrated Project Team environment requiring interaction with other security analysts, users, and client managers in identifying requirements, specifications and project planning activities.
Create and implement all security documentations required for the certification and accreditation using SP 800 37
Conduct security awareness training and expected rules of behavior for end-users.
Identified and evaluated the technical, management, and operational security controls using SP 800 53A rev 4
Provide and supported procedures for reporting and responding to security incidents.
Reviewing and update System Security Plans of systems for accuracy, consistency and compliance with regulatory policies
Ensured that appropriate steps are taken to implement information security requirements for IT systems throughout their life cycle
Part of a C & A team responsible for coordinating the certification and accreditation process of the General Support Systems and Major application
Create PO&AMs and develop mitigation strategies as required as a team
Maintain and Update PO&AM as plans, and tasks required are being completed
Take part in reviewing and updating monitoring program and strategy
Reviewing and documenting configuration management baselines requirements using SP 800 128
A&A Analyst July 2016 – Jan 2017
Innovative Technology Consulting, Washington DC
Reviewed and edited draft security artifacts as assigned to ensure compliance with SA&A, and FISMA
Transmitted an Addendum with Security Assessment Report to the Authorizing Official for review
Prepare Risk Assessment Report and provide recommendations to clients
Identified and Evaluated technical, management and operational security controls using SP 800 53 rev 4
Participated in the FIPS 199 process using SP 800 60 when system was being categorized.
Assisted in conducting Risk assessment using SP 800-30, including organization policies and procedures
Documented and reviewed MOU, SLA and MOA documents
Provided weekly metrics and reports on the effectiveness of C&A process
Developed and assisted in maintaining Security Authorization Packages (SAP)
Reviewed Remediation Plan documentation containing corrective actions for accuracy
Assisted in documenting and reviewing security controls documentation in the System Security plan using SP 800 53 rev 4
Supported ST& E testing and result documentation efforts
EDUCATION
ACCRA TECHNICAL UNIVERSITY - Accra- Ghana.
Procurement & Supply Chain Management.
COMPUTER SKILLS
Software: Ms Office (Word, Excel, PowerPoint, Access, Outlook)
Systems: Unix and Windows Based Systems
CERTIFICATIONS AND TRAINING
Health Insurance Portability and Accountability Act (HIPAA) and Privacy Act
Certified Authorization Professional (CAP)
Security +
Contact this candidate