Post Job Free
Sign in

Risk Management Information Security

Location:
Ashburn, VA
Posted:
February 11, 2025

Contact this candidate

Resume:

Jasnur Singh

571-***-**** *****.**********@*****.***

COMPETENCIES & PROFICIENCIES

Security controls assessment, vulnerability assessment.

Change Management, Third Party Risk Management

Creating, Modifying and Updating Intrusion Detection Systems (IDS), Vulnerability Management, Incident Response, Authority and Authorization(A&A), POAM, Emass, Splunk

Email security platforms: Barracuda, Mimecast, Proofpoint, CISCO, Zero Trust Architecture (ZTA)

Encryption technologies and DLP, Cloud security, Wiz security platform, Microsoft Office, TrustOnCloud.

Deep understanding of Risk Management Frameworks (RMF)-NIST SP 800-53, NIST SP 800-137, NIST SP 800-171, NIST CSF, SOC1&2, ISO 27001, CMMC Framework, DISA compliance, FedRAMP compliance.

Cybersecurity Governance Risk and Compliance (SOC 1&2, HITRUST), HIPPA Compliance, COBIT

Identity and Access Management (IAM), SIEM, Nessus, ACAS

Training initiatives.

SKILLS

Controls and Frameworks Cloud Security Intrusion detection Vulnerability Assessment Incident Response Risk Management Internet of Things IT Operations Network Performance Cisco IOS Cisco Wireless Network Management Python CMMC Framework Network Security Information Security Security Audits Identity and Access Management/Malware Prevention Microsoft Office Research and Analysis Disaster Recovery Windows MacOS Agile processes

PROFESSIONAL EXPERIENCE

Goldbelt LLC/Information Security Analyst April 2024 to January 2025

Conducted comprehensive security assessments and evaluated existing controls and processes to ensure compliance with industry standards and regulations for various clients.

Identified areas and processes requiring change for clients and developed comprehensive strategic change plans and trained and upskilled the stakeholders.

Conducted efficient IT audit procedures, communicated complex technical issues to relevant staff in simplified terms and provided remedies and recommendations and prepared SOC Reports

Assisted with the development and implementation of Risk Assessments in accordance with ISO, NIST 800-53 and NIST 800-137,COBIT and HITRUST frameworks.

Collected, analyzed, and presented data on technical security solutions and best practices to peers, leadership, and business stakeholders and

Conducted Vulnerability Assessments and developed incident response plans to mitigate security breaches using security software-Wiz Security Platform ACAS, Nessus Edwards Performance Solutions/Cyber Security Analyst-Contract May 2023 to December 2023

Provided guidance to a variety of clients on strategic placement of security controls focusing on their unique needs, business requirements and industry best practices, including third party risk management.

Conducted comprehensive security risk assessments, identified, and prioritized critical risks and recommended security enhancements for risk reduction in accordance with HITRUST and NIST Framework for clients.

Ensured that Email security gateways were configured and updated as well as created and maintained standard Operating Procedures responding to Email Security alerts generated by Proofpoint.

Generated Visio and Power Point diagrams of architectural designs relating to CMMC Framework, to provide documentation of solutions

Performed deep analysis of Access, Change Management, SOC Reporting vulnerability Management and assisted with third party risk assessment using NIST and FEDRAMP Frameworks

Prepared client training modules for email security, Email hygiene and link protection highlighting using industry best practices, Zero Trust Architecture

Cherry Bekaert/Cyber Security Analyst- Contract August 2022 to April 2023

Supported escalations and out or cycle requests on multiple security solutions for the enterprise.

Planned and conducted Data Privacy Support to clients using NIST framework and SOC reporting.

Developed and maintained security policies and procedures in compliance with industry standards and regulations, resulting in a successful audit.

Conducted phishing and vishing training exercises for security awareness training in social engineering attacks.

Assessed security gaps in the operating procedures against policies, standards and best practices.

Performed security education and training in relevant fields like emerging cyber threats, phishing, ransomware, email security and use of available email security platforms, password managers, Internet of Things, Identity and Access Management platforms.

CohnReznick Cyber Security Consultant -Contract Jan 2022 to Aug 2022

Analyzed and developed a plan to upgrade the existing network and computing systems by recommending certain frameworks and controls such as Zero-Trust

● Performed threat analysis in a 24/7 environment, mitigating and managing all threats and risks, gaining 99%security in data.

● Advised clients regarding Information Security protocols, monitored compliance and training initiatives.

● Conducted relevant research, performed data analysis and prepared detailed reports.

● Assisted teams in preparation for ART activities including PI planning, System Demos and Inspect and Adapt Sessions

● Worked effectively in a remote setting via DaaS utilizing collaboration Software and tools like Microsoft Teams and Webex

Booz Allen Hamilton Junior Cybersecurity Analyst June 2020 to April 2021

Assisted with the development and implementation of Risk Assessments in accordance with ISO, NIST 800-53 and NIST 800-137,COBIT and HITRUST frameworks

Conducted efficient IT audit procedures, communicated complex technical issues to relevant staff in simplified terms and provided remedies and recommendations and prepared SOC Reports

Conducted comprehensive security assessments and evaluated existing controls and processes to ensure compliance with industry standards and regulations for various clients. Baltech Solutions, Inc. Infrastructure/Network Assistant May 2018 to Jan 2020

Worked with a network consulting group on the day-to-day design and implementation of client data networks.

Provided networking support for Cisco professional training courses by helping Cisco trainers set up and maintain a variety of lab scenarios using routers, switches, Layer 2 & 3 protocols, and Cisco IOS security (ACLs, TACACS, Port-Security)

EDUCATION, CERTIFICATIONS, AND TRAINING

James Madison University: B.S. 2020 (Computer Information Systems, Certifications: Comp TIA Security+ AWS Certified Solutions Architect Cisco CCNA Security Clearance: Interim SECRET



Contact this candidate