Information Security Analyst II Resume
Summary : Information Security Analyst II with over 16 years of professional experience in the Information Security sector with a strong emphasis in Information Assurance, Security Control Assessment, Vendor Security Assessment, Policy Implementation and Security Documentation. Rich experience in providing subject matter expertise in developing, implementing and assessing Information Security programs to validate compliance with FISMA.
Skills : Information Security, HIPAA & Human Resources Compliance, Vendor Risk Management, HIPAA Security Assessments, Policies & Procedures
Description :
- Implementing preventative and detective information security controls to secure the company's data, information, and resources.
- Conducting a risk assessment to minimize the company's security, financial, and legal exposure.
- Conducting vulnerability scanning on internal and external systems to identify and mitigate identified vulnerabilities.
- Monitoring IDs/IPs events log to mitigate malicious or suspicious activities.
- Monitoring and maintaining the web security gateway, investigating and controlling user and suspicious web activity.
- Conducting quarterly user access review to maintain strict access control enforcement.
- Defining, reviewing, and editing the information security policies based on SOX requirements, environmental and operational conditions and changes in technology.
- Reviewing and investigating the suspicious user, server, database, and application login events.
- Working with project teams and developers to validate that the applications throughout the SDLC meet the required security specification before approving for deployment.
- Reviewing and approving the firewall configuration settings on a quarterly basis.
Experience
10+ Years
Level
Consultant
Education
MS
Information Security Analyst I Resume
Summary : An Information Security Analyst I with vast experience of 11 years in Managing and Protecting Enterprise Information Systems, Network Systems, and Operational processes through Information Assurance Controls, Compliance Verifications, Risk Assessment, Vulnerability Assessment in accordance with NIST, FISMA, OMB and industry best Security practices.
Skills : Windows XP, UNIX. Linux, Mainframe, Windows 7, Windows Server 2003 Applications SailPoint, RSA Authentication Manager, Service-Now, CA Service Desk Manager, Mainframe RACF Tools Active Directory
Description :
- Performing administration (provisioning, de-provisioning, account monitoring, access reviews and authentication support) of the identity and access management lifecycle across all enterprise systems via Sailpoint.
- Partnering with application developers and it administrators to onboard new applications and systems into the identity and access management platform.
- Actively monitoring the identity controls and participate in periodic risk assessments to identify compliance issues.
- Experience with role-based access control, access requests, and certifications.
- Performing the creation, modification, and deletion of user accounts and their privileges on windows environment using active directory.
- Set access permission levels to security groups on various applications, network file shares, and servers/desktops.
- Developing scripts using VBScript to reduce the time consumed in iterative tasks incurred in this process.
- Handling incidents, incident tasks, change tasks, event tasks, and problem tasks to fix the issues reported Cahelp desk and service-now.
Experience
10+ Years
Level
Management
Education
Bachelor Of Engineering
Information Security Analyst I Resume
Summary : A very well organized, versatile and well-rounded Information Security Analyst with a mix of Business, Higher Education and DOD contracts making up my 12 years of IT background. An experienced leader able to motivate, supervise and develop teams and individuals to attain both individual and group goals. Excellent communication and analytical skills combined with thoroughness and attention to detail have served me well in my management of small projects.
Skills : Oracle SQL, Microsoft SQL Server, Active Directory, Oracle Identity Manager, VMware, Cognos, Microsoft Office Suite, MS Project; MS Visio
Description :
- Participated in information security projects with the goal of performing them on-time, on budget and with the highest quality standards.
- Ensured that new Tracfone initiatives/projects and Business Change Requests (BCRs) were evaluated for their security impact and that proper security requirements and guidance were provided to maintain the company's security posture.
- Directly involved in the implementation, daily maintenance, and troubleshooting of Tracfones identity management solution (Oracle Identity Manager).
- Represented directed the provisioning of users to several applications and evaluated roles for provisioning and produced entitlement reports for periodic review.
- Represented as the information security group as the information security and technical subject matter expert in meetings with business owners, technical groups, and outside vendors.
- Ensured that SOX controls pertaining to the information security group were consistently executed to ensure compliance.
- Assisted in the development and maintenance of information security policies procedures as necessary to address technology changes, business needs, and evolving security threats.
Experience
10+ Years
Level
Consultant
Education
BS
Information Security Analyst (SOC) Resume
Objective : A proven project-oriented Junior Information Security Analyst with extensive technical expertise and accomplished skill in the security support and implementation of information systems. In-depth experience in the configuration, deployment, data analysis and assessment of IT systems and networks. Experience in analyzing and troubleshooting, computer hardware and software for laptop/desktop systems.
Skills : Active Directory Administration, Tivoli Identity ManagerSupport, Microsoft Windows, Desktop OS Support, Microsoft Windows Server OS, Exchange Server 2003, Microsoft Office 2003, 2007, 2010
Description :
- Worked with various Project Managers and lines of business to plan, develop, document, and implement migrating the lob Unix server environment.
- Gathered information from application support teams to document and present the current access structure, and convert lob requirements into a move forward solution that meets lob goals as well as enterprise remediation goals as required by the project.
- Defined, and provisioned, approved new access requirement changes in the new domain based on job requirements. (server to server communications, end-user grouping and structuring, and non-human account provisioning).
- Prepared needed supporting files needed by SA to perform the server migration.
- Attended and provided support for scheduled migrations representing the Unix enterprise access management (UAM/EAM) team.
- Addressed any post-migration access issues identified by the lob during post migration testing.
- Recorded count for privileged access reduction to meet project requirements.
Experience
2-5 Years
Level
Junior
Education
Diploma
Jr. Information Security Analyst Resume
Objective : Jr. Information Security Analyst with 3 years of experience and a broad knowledge of hardware, software, Unix OS (Unix Solaris), Veritas volume manager/clusters and networking technologies to provide a powerful combination of analysis, implementation, and support. Experience in information security, system/network administration and engineering, hardware evaluation, project management, systems and network security, incident analysis and recovery.
Skills : Operating Systems, Novell Identity Manager, Identity ID Console, ZSecure, Putty Scripting VBScript, Power Term Script, Shell Scripting Programming C, C++, HTML
Description :
- Participating in weekly meetings to identify changes within the operation and IT processes to identify areas of risk and define audit plan base on risk assessment methodology.
- Assisting in updating System Security Plans (SSP) base on the National Institute of Standard and Technology (NIST) SP 800-18 and the conduct of annual self-assessment.
- Responsible for reviewing, analyzing and evaluating the security controls used to protect the data of the organization.
- Applying industry standards like ISO, and COBIT to keep risks at an acceptable level within the information system.
- Developing policy and procedural controls relating to management, operational and technical controls.
- Conducting audits of network configuration to ensure compliance in organization regulatory standards.
- Providing expert analysis and advice on systems and programs related to it security problems and provide recommendations.
- Gathering data to complete Security Test Evaluation (STE) required managing risks and threats in systems.
- Implementing appropriate security controls to mitigate threats, risks and vulnerabilities in the system.
Experience
2-5 Years
Level
Junior
Education
MS
Information Security Analyst Resume
Summary : Information Security Analyst focusing on the application of Confidentiality, Integrity and Availability tools within a company infrastructure. Field of experience is diverse and includes security application deployment, monitoring, and awareness. Worked for a Fortune 500 firm for 14 years as a Data Security Analyst and Information Security Specialist with involvement in risk assessments, audit compliance, security administration and production support activities.
Skills : Security Administration Scripting, Security Project Experience, Windows 2003 & 2008 Security, Technical Instructor Microsoft Courses, Effective Oral And Written Communications
Description :
- Auditing all firewall config files and rules using SolarWinds FSM to make sure any changes made have proper approval along with change control documentation.
- Setting up and maintaining nodes, rules, groups, users and e-mail templates with SolarWindsnds LEM (Log and Event Manager) along with investigating all rules that are fired.
- Analyzing and reporting vulnerabilities found on Microsoft, Linux and Unix servers along with Cisco routers, firewalls, and switches using QualysGuard vulnerability scanner.
- Reporting and analyzing company website vulnerabilities using QualysGuard WAS (web application service).
- Monitoring and reporting on laptops, desktops, and servers for av definitions and virus issues along with setting policies on what software categories are allowed using the Sophos enterprise console.
- Implementing Sophos safeguard policies for file encryption, machine settings, device protection, configuration protection and passphrase.
- Monitoring and reporting on Barracuda WAF along with setting configuration parameters, categories allowed, and specific website blocking.
- Monitoring attacks on our main website using Imperva Incapsula web application firewall. Setting up rules to block countries, domains, and IPs.
Experience
10+ Years
Level
Management
Education
Certification
Information Security Analyst Resume
Objective : Results-driven Information Security Analyst with specified experience of 4 years in System administration, Access Management, and Information Security. Effective skills to proactively complete projects and special assignments on time while working self-sufficiently in a fast-paced environment, all while promoting team solidarity and promoting a strong and positive environment.
Skills : Open Office, VMware Server Symantec / Norton Ghost, Symantec Backup Exec, NDS Solutions, AVG Antivirus Suite, ACT 2000 Basic
Description :
- Installed the Security Content Automation Protocol (SCAP) software on various computers.
- Installed new Microsoft and Windows 7 patches, updates, and benchmarks on various machines.
- Commenced SCAP protocol and reported all findings and vulnerabilities to management for policy compliance evaluation.
- Followed configuration management checklist in order to assess and manage the configurations of desktops, laptops, and servers.
- Used configuration management checklists to define and assess security parameters and configurations that are required by organizational policy.
- Conducted various automated network vulnerability scans, configuration assessments, application vulnerability scans, device configuration assessments, and network discovery on the Assured Compliance Assessment Solution (ACAS) machine.
- Reported and compiled all data with Information Assurance Vulnerability Alerts (IAVAs).
- Identified and reported all Information Technology (IT) security violations.
Experience
2-5 Years
Level
Entry Level
Education
Associates
Information Security Analyst Resume
Summary : Business-focused Information Security Analyst with over 10 years of experience providing subject matter expertise in security program development, information technology management, team management, technical security assessments, auditing, and program/policy development. Specialize in analyzing problems and finding innovative solutions while minimizing operational risk to organizations and maintaining functionality.
Skills : Network Security, Data Loss Prevention, Computer Repair, Software Testing, Networking, DNS, DHCP, Splunk, Titanium Endpoint Security, Active Directory, Windows 7, Risk Management
Description :
- Served as the IT risk management Subject Management Expert (SME) on various projects, as needed.
- Worked with business units to assess the impact of strategic business directions on information security threats, vulnerabilities, and risks.
- Documented, audited and reported on security compliance with the business units and information security management.
- Responsible for building and updating views within select modules and coordinating with other administrators regarding the changes proposed or implemented.
- Designed and created management reports and views within select EGRC modules.
- Added, modified, removed fields, cross-mapped fields from other modules, and created calculated fields.
- Assisted in the implementation, design, and development of the Archer SmartSuite framework.
- Managed Archer GRC software by troubleshooting, coding, scripting, and workflow design.
- Redesigned the vulnerability management program to create working dashboards, streamline exception process and tracked trending metrics against vulnerability standard.
Experience
10+ Years
Level
Management
Education
BS
Information Security Analyst (InfoSec) Resume
Summary : A demonstrated Information Security Analyst with 9 years of experience in information security and risk management with a focus on FISMA, system security evaluation, validation, monitoring, risk assessments and audit engagements. An accomplished analyst with over five years of experience in assessing information security risks and coordinating remediation efforts.
Skills : Fiber Optics, TCP/IP, Visio, Windows Server 2008, Routers, Switches, Word, Excel, Powerpoint, Sharepoint Designer, Information Security, Information Technology, Hardware
Description :
- Executed 6-month detail as a liaison between the office of electric reliability and the office of the Executive Director to ensure cybersecurity efforts are integrated internally and with other parts of the federal energy regulatory commission.
- Reviewed 2009 through 2017 Federal Information Security Management Act (FISMA) requirements and associated controls and made recommendations for improvements that are being adopted as 2017 it governance and information assurance initiatives.
- Designed and implemented 2017 commission-wide anti-phishing training and user awareness campaign.
- Composed 2017 Statement of Work (SOW) as part of a Request for Proposal (RFP) to solicit bids from external vendors to perform threat, vulnerability, and penetration testing on the commission's network.
- Reviewed and made recommendations for accreditation, authorization, and authority to operate for cloud service providers.
- Reviewed, made changes, and developed new Standard Operating Procedures (SOPs) for daily Security Operations Center (SOC) operations.
- Reviewed weekly Department of Homeland Security (DHS) / National Cybersecurity Assessments and Technical Services (NCATS) cyber hygiene assessments to identify known vulnerabilities detected on internet-facing hosts.
- Performed weekly evaluation of Nessus scan on all public facing IP addresses for vulnerabilities and coordinated with IT operations and systems engineering groups to develop plans of action and milestones and remediated vulnerabilities.
Experience
7-10 Years
Level
Management
Education
MS
Information Security Analyst Resume
Summary : Experienced Information Security Analyst with diverse industry experience of 8 years, specializing in IT, Project Management, Training and Customer Service. Professional expertise includes administering and coordinating the configuration, classification of systems roles and applications, vulnerability management, disaster recovery planning and information protection analysis.
Skills : Information Security, ISO, Metrics., Payment Card Industry, Training, PC, Customer Service, Servers, Documentation, Teaching, Training & Development, Firewalls
Description :
- Leading security certification project to achieve/maintain required compliance for the organization.
- Verification of company policies, procedures, and controls in accordance with ISO 27001, ISO 9001, 14001 and PCI standards.
- Collecting, reviewing and organizing pci and iso documentation and supporting evidence required for certification and/or attestation.
- Responsible for identifying it security gaps in internal policies, guidelines and/or procedures.
- Auditing the existing processes and documentation in order to identify opportunities for improvement.
- Establishing relationships and build trust with internal and external security stakeholders.
- Managing relationship with certification body in an effort to and conduct all audit scheduling, financial and administrative activities.
- Overseeing performance evaluation committee responsible for the collection, review, and analysis of information security metrics.
- Revamped the information security management system by streamlining the management review process, continuous improvement process, and interested party communications.
Experience
7-10 Years
Level
Senior
Education
BS