THREE YEARS INFOSEC SKILLS SUMMARY
Possess the ability to perform Information Security Risk Assessments and Analysis, Risk Mitigation in extensive networked environments.
Knowledgeable in POA&M.
Knowledge of the RMF process and the compliance with using NIST publications and standards.
Familiar with penetration testing tools and vulnerability scanning.
Working knowledge of NIST 37, 60, 70, 53Ar4, NIST 37 RMF, FIPS 199, FIPS 200, and FISMA guidelines to comply with private agencies.
Experience with Disaster Recovery Plans, Incident Response Plans and System Security Plans (SSP).
Junior Information Security analysts March 2016- December 2018
Analyzed and reported opportunities for security culture enhancement.
Fostered positive security value perceptions across the enterprise.
Demonstrated knowledge to share opportunities to enhance security through improving operations.
Aided in the Performance of Security control assessments as part of Continuous Monitoring NIST SP 800-53 V4 compliance.
Exhibited and promoted collaboration and positive teamwork.
Participated in POA&M remediation meetings with ISSM, System Owners and IT developers to discuss remediation strategies and other IT security and privacy related issues.
Recommended Plan of Actions and Milestones remediation, vulnerability assessment and remediation and incident response.
Assisting in Maintaining Incident Response Plans (IRP) and System Security Plans (SSP).
Provided on-going recommendations for mitigation of all threats and risks related.
Provided information requested by the ISSM for the purpose of SA&A.
Assisted in Performing Federal Information Security Management Act (FISMA) assessments.
Cyber Security Analyst September 2017- December 2018
Milvets Technology Systems INC
Program to gain hands-on experience with security assessment tools and prepare to obtain a DoD 8570 certification.
Risk Assessment skills Incorporated the NIST Standards Publication 800.37 and FIPS-199 as the guide to develop the risk management framework to the information system and guide the development of the security plan and assess the security controls in mitigating vulnerabilities according to federal standards.
Knowledge of CA -1 security control Security Assessment and Authorization Policy and Procedures. Pen Testing: Scanned networks for vulnerabilities using Wireshark and OpenVAS and developed reports for analyzation. Exploited vulnerabilities using Metasploit. Vulnerability assessments: Developed vulnerability assessment reports to clarify evidence with Penetration testing to targeted IP networks.
Information Technology Intern (Cyber Security)
Eminent IT LLC August 2018- March 2019
• Research, assess and analyze documents of NIST Special Publications with meeting requirements of the Federal Information Security Management Act (FISMA).
• Identified and applied security measures to mitigate compliances on how to protect the confidentiality of information.
• Assessing securing controls in accordance security to security standards, frameworks, laws and policies.
• Knowledge of The Federal Information Security Management Act (FISMA) to moderate security risk to federal information and data with compliance to these using publications such as FIPS 199, FIPS 200, and the NIST 800 series.
RMF, FISMA, NIST 800 series, FEDRAMP
Bachelor of Science Cyber Security and Computer Networks- UMUC, Maryland March 2018
Cyber security training program December 2018
Security+ CE January 2020
Actively pursuing CISSP
Ability to prioritize work and meet deadlines.
Ability to work collaboratively in a team.
Good verbal and written communication skills.
Hands on experience with Information security assessments.