Security Analyst Administrative Secretary

CARRIE R. FISHER

***** ********** ***. ****** ****, WV 25413 /540-***-****/ Carrierfisher79@gmail. com SUMMARY O F E XPERIENCE :

Over eight years of experience in Security Authorization Process, Plan of Action and Milestone Management, Federal Information Security Management Act (FIMSA) compliance, and National Institute of Standards and Technology (NIST) guideline application. Three years of experience in Assistant Information System Security Officer (AISSO) responsibilities. Over six years developing and participating in Process Improvement Working Groups. As well as Six years working closely with management in planning, designing, testing, and implementation of Security Authorization Process for project initiatives with the United States Coast Guard and United States Department of Veteran Affairs. Over seventeen years of experience in customer service and client communication. Over ten years of expertise in office administration.

EDUCATION :

Associates Degree in Business, GPA: 3.8 Deans List (2003-2005) with honors. PROFESSIONAL T RAINING A ND C ERTIFICATIONS :

● Security + Certified 12/02/10

● Security University CISSP Training, 2010

● 7 th

Annual IT Security Automation Conference 2011

RELEVANT S KILLS :

● Team leadership

● Active listening

● Forward thinking

● Managing and executing

● Creating, Analyzing, and Reviewing Process Improvement Plans

● Training and mentoring colleagues.

● Clear, concise, and effective oral and written communication with individuals at all levels of the workforce.

SECURITY CLEARANCE :

Level: Secret 2008

Granting Agency: DISCO

WORK E XPERIENCE :

Mckesson Corporation 11/19 -Present

Lead Material Handler

Leading Non-Con and Sort dock employees to successfully ensure medical supplies are delivered with the highest standards. Coordinating all trucks to be loaded properly while ensuring all bills are printed and put in their respective trailers. Listening and guiding employees to strive to succeed within the company. Inspecting and validating that the correct orders are being fulfilled at the highest quality. United States Coast Guard 06/08 –

10/15

Enterprise Information Services 06/10 – 10/15

Security Analyst

Coordinated Security Authorization Processes of the United States Coast Guard business systems according to NIST and OMB standards on the Information Assurance team. Managed POA&M’s (Plan of Actions and Milestones) for multiple business systems for Coast Guard. Participated in working groups responsible for developing a new Information Assurance processes. Point of Contact for Security Authorization Process for assigned systems. Worked with Project Control Specialists, Project Officers, and technical staff for all Security Authorization Process related activities. Created System Security Plans, Contingency Plans, Risk Assessment reports, Security Assessment Reports, Security Test & Evaluation Plans, and POA&M spreadsheets for the business systems. Created and Maintained System Security Plans, Contingency Plans, Risk Assessments, Security Assessments Reports, and Security Test & Evaluation Plans. Worked with Functional Area Managers, Project Officers and technical staff for all Security Authorization Process related activities. Assisted systems and made recommendations for completing FIPS-199 system categorization, E-authentication workbook, and privacy threshold analysis Conducted Security Authorization Process Kick-Off Meetings and POA&M Meetings with multiple business systems.

Managed POA&Ms and provided continuous monitoring for multiple systems. Edited documentation for quality assurance. Assisted in the developing security requirements for products being considered for government purchase. Managed POA&M’s and continuous monitoring for multiple different systems. Acted as Point of Contact for business systems for all Security Authorization Process and security related questions. Assisted in creating templates for the Information Assurance team to improve our processes. Researched NIST and DHS policies and procedures as needed for specific system issues. Stanley Associates, Inc 09/08 – 04/09 Security Analyst/Assistant Information System Security Officer Performed Security Authorization Process efforts on the United States Coast Guard business systems according to NIST and OMB standards on the Information Assurance Team. Served as a Security Analyst

(SA) and an Assistant Information System Security Officer (AISSO) on the IA Team at the Operation System Center (OSC). Created and maintained System Security Plans, Contingency Plans, Risk Assessments, Security Assessments Reports, and Security Test & Evaluation Plans. Worked with Functional Area Managers, Project Officers and technical staff for all Security Authorization Process related activities. Managed POA&M’s and did continuous monitoring for seven different systems. Edited documentation for quality assurance. Acted as Point of Contact for business systems. Department of Veterans Affairs Office of Information and Technology STG, Inc. 06/08 – 09/08 Security Authorization Process Specialist

Responsible for travel expenses and payroll for 137 employees, provide cost projections weekly and monthly, create Power Point presentations for a variety of Security Authorization Process documentation, and assist Security Authorization Process project manager on all Security Authorization Process related tasks. Analyze, review, and assist in editing System Security Plans, System Level Control Appendixes, Contingency Plans, Risk Assessments, and Policies for multiple VA facilities during the Certification & Accreditation Effort. Responsible for the review of documentation in accordance with National Institute of Standards and Technology guidelines to provide input and baselines for systems to be in accordance with NIST standards.

United States Department of Veteran Affairs 04/05 – 05/07 Science Applications International Corporation 06/06 – 07/07 Information Engineer/Documentation Analyst

Analyzed & reviewed System Security Plans, System Level Control Appendixes, Contingency Plans, Risk Assessments, and Policies for multiple medical center locations, developed standard operating procedures for the Compliance Validation Division, created basic guidelines and standards for reviewing documents, validated and analyzed several site Plans of Actions and Milestones created from the C & A Effort, reviewed National Institute of Standards and Technology documents and other documents pertaining to information security, verified documented policies matched up with referenced policies in Site Security Plans, created lists of priority for document review assignments, participated in organizational training sessions, worked independently from home at times, and assisted Team Lead in random office tasks pertaining to document review processes. KRM Associates, Inc 05/05 – 04/06 Senior Information Assurance Administrative Assistant, VHA Security Authorization Process

Served as personal assistant to project manager of the VHA Certification & Accreditation Project, edited Site Security Plans, Contingency Plans, Risk Assessment Reports, and other Security Authorization Process related documents for quality assurance, produced system of organization for security control assessment reports, created checklists and guides for report distribution, tracked report production using spreadsheets, performed multiple data entry tasks utilizing Microsoft Office suites, took minutes at all executive level meetings, prepared travel resource material for over 90 people on over 130 trips, provided budget analysis and in-depth reports, researched and arranged travel accommodations, maintained action item lists for project, scheduled multiple weekly meetings and conference calls, developed memos for project related tasks, answered project-related questions and emails on a regular basis, solved travel related problems, burned multiple CDs containing sensitive data, transferred data from online virtual office environment, worked as a vital and necessary member of a dynamic project team, and provided additional support as needed to the project manager and other senior management on project.

Verizon 7/99 – 08/03 Administrative Secretary/Clerk-Typist Served as personal secretary to the director, acted in temporary management positions periodically when needed, prepared and completed payroll for employees, made all travel arrangements for employees, managed and maintained all of the office equipment, made travel arrangements for employees, answered multi-line telephone, organized and maintained important company files, compiled numerous reports, ordered office supplies, and organized office.

Contact this candidate