JOSEPH PADI

Tel.: 312-***-****, E-mail.: adi5ke@r.postjobfree.com

PROFILE:

A dynamic self-motivated Information Security Engineer with over 5 years of industry experience. Hands on, analytical, detail oriented, insightful and a problem solver who enjoys exploring new systems, tools and networks.

SKILLS & CORE COMPETENCIES:

Experience with NIST, FISMA and FedRAMP;

Experience with Cloud Computing (AWS, Azure);

Strong knowledge of Security Controls (NIST 800 Series, ISO, SOX, PCI, NIST CSF, HIPAA, ISO 2700 1/2);

Penetration Testing & Vulnerability Assessments

Network Security and Threat Analysis (OWASP 10, Routers/Switches, Firewalls, TCP/IP, VPN, IDS/IPS, DLP, SSL/TSS);

Software and Platforms (Linux/Unix, Windows, iOS, Android, Cloud Computing).

PROFESSIONAL CERTIFICATION

CompTIA Security+

MILITARY SERVICE

Branch: NAVY

Service Country: United States

EMPLOYMENT

Information Security Analyst

Unified Cyber Solutions – Rockville, MD June 2018 - Date

Planning, implementing and upgrading security measures and controls to protect systems, networks and data;

Review, manage, and track POA&Ms in Cyber Security Assessment Management (CSAM) for weaknesses identified by audit, internal/external assessments, and vulnerability scanning for all agencies of the Department.

Guided System Owners and system teams through the ATO process, using NIST 800-37. Primary representative to manage process, documentation development to obtain an ATO for IT system.

Upload Plan of Action and Milestones (POA&Ms) into CSAM and validate artifacts provided to remediate POA&Ms.

Performed FISMA compliance audit reviews and documentation.

Review security Certification and Authorization (C&A) documentation including System Security Plan (SSP), Security Assessment Report (SAR), Risk Assessment Report (RAR), Contingency Planning (CP), Privacy Impact Analysis (PIA), and Plan of Actions & Milestone (POA&M) to ensure adequacy.

Perform quality control of documentation submitted for POA&M closure to ensure the documents support the closure of the POA&Ms.

Review security implementation details of controls for systems/applications within CSAM to ensure the descriptions accurately describes the controls.

Perform annual security review of controls of selected systems/applications to ensure controls were accurately assessed.

Cyber Security Analyst

State of Illinois – Chicago, IL May 2017 – June 2018

Defined access controls for application usage and data access using NIST SP 800-53 as a guide;

Identified and evaluated security gaps and helped create security project plans’

Demonstrated thorough understanding of various federation standards and help clients with their federation use-cases;

Modified and updated the user experience based on project requirements;

Worked with clients to develop Identity and Access Management strategies, architectures, and implementation plans;

Installed, configured, and implemented I&AM products and security risk mitigation;

Designed and developed access management policies and workflows;

Documented and finalized Security Assessment Report (SAR) and performed security assessment and continuous monitoring of cloud computing services for multi-agency systems in accordance with FedRAMP security control baselines.

IT Security Analyst

Streamwood Behavioral Hospital – Streamwood, IL February 2015 - May 2017

Assigned ticket severity, prioritized work accordingly, and collaborated with other staff and vendor support resources to resolve issues.

Run security scans, analyzed the output, and converted issues to software improvement tickets

Provided technical assistance and support for computers and hardware both in person and over the phone.

Managed client anti-virus and anti-spam tools.

Managed and followed up with users on their open helpdesk cases.

Coordinated with contractors and vendors to repair office equipment's such as printers, fax, copier and workstations.

Provided customer service support and end-user training via phone and email.

Maintained an inventory and database of IT related assets, including hardware, software, peripherals.

Provided office equipment to office staff as requested through Remedy ticketing systems.

Created, updated and managed trouble tickets utilizing Remedy ticketing system.

Created new user accounts, updated and troubleshooted user accounts and workstations in Active Directory

Contact this candidate