Post Job Free
Sign in

Security Office

Location:
Woodbridge, VA
Salary:
105000
Posted:
June 27, 2020

Contact this candidate

Resume:

CYBER SECURITY ANALYST/COMPLIANCE

Yvonne N. Coleman

***** ******** ***** **********, ** 22193

240-***-**** **************@***.***

mailto:**********@*****.***

Professional Summary

I am a self-motivated and highly steadfast IT individual specialized on diversified Information System Auditing or Information Assurance with focus on System Security Compliance; Authorization and Monitoring; Risk assessments; Audit engagements; and Testing IT security controls to ensure Confidentiality, Integrity, and Availability of the system resources. I possess strong analytical and problem-solving skills garnered from my business management skills. Am a good team player.

Core Skills

5 years knowledge in HIPAA compliance

5 years Knowledge in NIST SP 800 Series, FIPS standards, and Risk Management Framework.

5 years Knowledge in FISMA compliance, Assessment and Authorization Process.

10+ years knowledge in Microsoft Word, Word processor, Outlook, Teams, Excel, One note, Sharepoint.

Excellent verbal, written and Oral communication.

CISSP in Progress

Software/Artifacts

MS Office (Word, Excel, PowerPoint, Access, Outlook), MS Project, CSAM, FIPS 199, SORN, E-Authentication, PTA, PIA, RA, SSP, CP, SAR, POA&M, ATO,NIST SP 800-53A, NIST SP 800-60, FIPS 199, NIST SP 800-18, NIST SP 800-34, NIST SP 800-34, NIST SP 800-137, NIST SP800-30, ISA, MOU,

Professional Experience

KAISER PERMANENTE August 2015 – current

Security Compliance/Analyst

Fulton, MD

Document all HIPAA compliance cases for review.

Document all customer inquiries using HP CHATS.

Knowledge on visiting member enrollment process including extension of visiting member benefits.

Assist with password reset and rebooting of customer web portals.

Access and review member PII for HIPAA compliance.

Knowledge in the PCI Data Security Standards.

Perform Assessment & Authorization using NIST SP 800* guidelines

Ensure confidentiality, integrity, and availability of electronic Protected Health Information (ePHI) -PII

Provide IT teams with evidence, develop test plans, testing procedures and document test results with exceptions.

Plan, document, implement, assess, maintain, and monitor security and privacy controls in accordance with requirements, policies, standards, processes, and procedures documented in the NIST 800-53 family of security controls

Develop a variety of Assessment & Accreditation (A&A) deliverables including: System Security Plans, Configuration Management Plan, Contingency Plans, Incident Response Plans, etc.

Play key role in organization attaining ATO standards. Implemented, maintained, and monitored security and privacy controls in compliance with HIPAA, HISTRUST, FedRAMP in healthcare industry and NIST RMF requirements and guidance.

Execute all other Cybersecurity monitoring and reporting to ensure compliance to include the development and maintenance of POA&Ms.

Document and maintain a Plan of Action and Milestones (POA&M) for weakness

Input and maintain artifacts for the program’s products and systems into the CSAM

Design, review, or otherwise assist teams in implementing systems that met governmental agency Cyber Security policy and regulations.

PII SERVICES, LLC October 2013 to June 2015

Cyber Security Analyst

Washington, DC

.

Prepare and maintain all Assessment & Accreditation(A&A) artifacts and documentation for the program’s products and systems in accordance using NIST.

Knowledgeable in all the steps of the RMF but my current role centers on step 4

Experience performing Assessment & Accreditation(A&A) using NIST 800 60 vol 2

Experience working on systems to attain ATO

Facilitate kickoff meetings, analyze authorization documents and associated artifacts against authorization requirements to identify gaps, establish a schedule to address outstanding authorization requirements, and coordinate directly with system team stakeholders Design and conduct walkthroughs, formulate test plans, test results and develop remediation plans for each area of the testing.

Meet with the IT teams to gather evidence, develop test plans, testing procedures and document test results with exceptions.

Develop a Business Contingency Plan and maintain solid relationships with outside vendors.

Plan, document, implement, assess, maintain, and monitor security and privacy controls in accordance with requirements, policies, standards, processes, and procedures documented in the NIST 800-53 family of security controls

Independently develop a variety of Assessment & Accreditation (A&A) deliverables including: System Security Plans, Configuration Management Plan, Contingency Plans, Incident Response Plans, etc.

Support, implement, maintain, and monitor security and privacy controls in compliance with FISMA, HIPAA, FedRAMP, and NIST RMF requirements and guidance. Execute all other Cybersecurity monitoring and reporting to ensure compliance to include the development and maintenance of POA&Ms.

Document and maintain a Plan of Action and Milestones (POA&M) for weakness

Input and maintain artifacts for the program’s products and systems into the CSAM

ADMINISTRATIVE OFFICE OF THE US COURTS

Office of Court Administration – District Court Administration Division Sept 2012 – Sept 2013

Word Processor II

Washington, DC

Distributed mail and internal correspondence.

Created and maintained new filing systems.

Organized Director's calendars, travel arrangements, meetings, and events;

Provided administrative support for the Office of Court Administration Division as a whole.

Modified, reviewed and processed and tracked outgoing correspondence in the District Court Administration Division.

Provided secretarial assistance for the District Court Administration Division Chief and the Office of Court Administration Assistant Director's Office as needed.

Conducted library and computer searches to gather program related information.

Cataloged and Indexed Court Interpreting Documents in Excel Spreadsheet.

Provided status updates for ongoing projects and activities within the Court Interpreting Program.

Assisted with significant Issue of the Office of Court Administration.

Assisted with the Administrative tasks of Request to Exceeds Fee Schedule for Federal Court Interpreters.

Education

Colorado Technical University

Colorado Springs, CO

Bachelor in Cyber Security

REFERENCES AVAILABLE UPON REQUEST



Contact this candidate