Chris Aryeh

New Kent, VA 804-***-**** adzsl2@r.postjobfree.com www.linkedin.com/in/christopher-aryeh

INFORMATION SECURITY OFFICER

Risk Management Framework (RMF) process consultant who develops and implements security solutions in fast paced environments. Uncovers digital vulnerabilities, reviews digital forensics, analyzes data leaks, configures hardware, implements ethical hacking skills, and designs security processes. As NIST 800-53 Security Control Assessment specialist, delivers exceptional risk management support. Assembles authorization packages using documents like NIST 800 series, FIPS 199 and FIPS 200, FedRAMP, FISMA and industry best standards. SKILLS

Compliance & Governance Risk Management Framework (RMF) NIST Publications, Policy & Procedures Reviews

Incident Response & Malware Analysis Analyzing Data Leaks, Vulnerability Analysis & Cyber Attacks Website & Application Security Assessment POA&M Management Systems Life Cycle Management Hardware Configuration & Software Installation Reporting Risk Assessments & Creating Action Plans Integrating Security Tools & Logging Sources FISMA, FedRAMP and A&A Process TECHNICAL SKILLS

Windows Linux SQL SOX Wireshark Python Oracle FTK Imager Autopsy Fortinet Juniper SRX Palo Alto Networks Security Onion Snort Selenium Jira Tenable Vulnerability Management Archer GRC System

TECHNOLOGY FRAMEWORK APPLICATIONS

FISMA FIPS 199 Project Management NIST standard Risk Management Framework Information Assurance

Identity & Access management Information management NIST SP 800-53 SP 800-53A SP 800-37 FIPS FISMA Risk Management Framework (RMF) FIPS-199 PTA PIA RA SSP CP RTM SAR POA&M ATO ISA MOU Security Compliance Access Windows Word Excel PowerPoint. PROFESSIONAL EXPERIENCE

AT&T, Washington, DC 01/2015 - Current

Senior IT Security Analyst

Maintains/manages Security Authorization and Assessment packages that include System Security Plans (SSP), Contingency Plans (CP), POA&Ms, SAR and other relevant security documentations for the system.

• Assists senior leadership by attaining system Authority to Operate (ATO) through the application of the Risk Management Framework (RMF).

• Performs System Security Categorizations using FIPS 199 and the NIST 800-60 Vol.11 Rev1 guidelines and templates to select provisional impact level assigned to the Confidentiality, Integrity, and Availability (CIA) based on the information type.

• Develops and track Plan of Actions and Milestones (POA&Ms) to ensure remediation closure.

• Assists the ISSO with security documentation reviews and updates; acts as ISSO as needed.

• Coordinates Security Control Testing (SCA) using NIST 800 53A. Rev 4 and develops supporting documentation.

• Facilitates kickoff meetings with System Stakeholders or System owners prior to security assessment to collate pertinent system information according to NIST Requirements.

• Participates in the System Assessment and Authorization process by working with the key stakeholders to ensure complete and accurate ATO packages.

• Supports Security Control Assessments using NIST 800-53A Rev4 as guidance for current federal directives and policies.

Censawireless dba Accessory Station, Inc, Henrico, VA 04/2006 - 12/2014 IT Security Analyst

• Created POA&Ms and track associated mitigation.

• Performed vulnerability scan analysis and coordinated remediation efforts.

• Reviewed and processed monthly vulnerability scan results for assigned systems and worked with the technical teams to ensure vulnerabilities are resolved on time.

• Created and maintained compliance documentation for A&A in accordance with government requirements.

• Reviewed the security controls regarding their adequacy in protecting the information and information system as part of continuous monitoring process.

• Implemented and enforced information systems security policies, standards, and methodologies.

• Evaluated security solutions to ensure they meet security requirements for processing classified information; performed vulnerability/risk assessment analysis to support A&A.

• Managed changes to the system and assessed the security impact of those changes. EARLIER WORK HISTORY

Verizon Wireless - Wireless Analyst

Sprint - Technical Support Lead

Northern Virginia Community College - Computer Lab Assistant EDUCATION

Master of Information Security, Cyber Security Operation Track - Champlain College Bachelor of Science, Sociology & Business - Virginia Commonwealth University Associate of Applied Science, Networking & Information System Technology - Northern Virginia Community College

CERTIFICATIONS

• CompTIA Security+ Certification 02/2023

• Masters in Test Automation Engineer - Edureka Online Exp 2023

• Cybersecurity Certification/Incident Response Certification - Champlain College 05/2019

• Scrum Master Accredited Certification - International Scrum Institute 06/2019 LANGUAGES

English Akan (Twi & Fanti Dialects) Kwa (Ga Dialect).

Contact this candidate