Associate IT Security Analyst Resume
Headline : IT Security Analyst and Authorization professional, Insightful, results-driven with notable success directing a broad range of corporate IT security initiatives while participating in planning, analyzing, security control assessments and implementing solutions in support of business objectives.
Skills : Security Assessment and Authorization, Certification and Accreditation, Security Planning, Vulnerability Scanning, Business Continuity Planning, Risk Assessments, Vulnerability Management, Penetrating Testing, PCI
Description :
- Information security system policies, plans, and baselines were developed and reviewed.
- Provided security expertise and guidance in support of security assessments.
- Reviewed authorization documentation for completeness and accuracy for compliance.
- Ensured cyber security policies are adhered to and that required controls are implemented and facilitated continous monitoring system.
- Implemented and checked information system security plans to ensure Nist control requirements are met.
- Developed sca documentation and Authored recommendations associated with findings on how to improve the customer's security posture in accordance with nist controls.
- Worked hand in hand with the team to have a proper artifact collection and brief to clients examples of artifacts that will satisfy assessment requirements.
- Reviewed security logs to ensure compliance with policies and procedures and identifies potential anomalies.
Experience
5-7 Years
Level
Executive
Education
BS
IT Security Analyst I Resume
Headline : Skilled Information Security Analyst with over 7 years of expertise in Risk Management Framework (RMF), Systems Development Life Cycle (SDLC), and vulnerability management of a wide range of System vulnerabilities and threats. Well-versed in direct and remote analysis with strong critical thinking communication and people skills.
Skills : Assessment and Authorization Certification and Accreditation, IT Security Compliance, Vulnerability Assessment, Vulnerability Scanning, Database Administration, Information gathering, Information Assurance, Risk Assessment Systems, Development Life Cycle
Description :
- Supported client security policies and activities for networks, systems, and applications including vulnerability management, incident reporting, mitigation, and continuous monitoring.
- Worked on all assessment and authorization (a&a) phases and processes.
- Proven ability to support the full life-cycle of the assessment and authorization (a&a) process.
- In accordance with Nist, Fisma, OMB app reviewed and updated the Information system security policies. Used Iii a-130 and industry best security practices.
- Solved unique and complex problems with broad impact on the business.
- Provided time estimates at various levels of confidence for tasks from initiation through development.
- Identify dependencies across programs, milestones, systems, and solutions.
- Recommended it security improvements, to achieve systems confidentiality, integrity, and availability.
Experience
5-7 Years
Level
Senior
Education
BS
IT Security Analyst II Resume
Objective : IT Cyber Security Analyst that specializes in web application security. Looking to do more security penetration testing.
Skills : Web Application Security Tool Set AV, IPS And IDS (FireEye, (Burp Suite Pro, OWASP ZAP, Etc) CheckPoint, Symantic, Etc) Networking Security Tool Set Windows / OSX / Linux (WireShare, NMAP, Etc) SharePoint Python, HTML, CSS, JS, Objective C Back Track / Kali Linux Toolbox Swift 2.0
Description :
- Responsible for end to end security, ensuring that the confidentiality, integrity and availability of all Sports authority data is not breached, infected or compromised in anyway by outside malicious users.
- By utilizing a defense in depth approach and identifying areas of potential weakness.
- Primary IT security lead on high profile integration and implementation projects. Many of these projects helped generate cost effective, automated solutions that required ground up security architecture,.
- Performed full application security assessments and analysis on newly built and existing applications.Because of these efforts, many potential security threats were identified before being released into a production environment.
- Existing production security vulnerabilities were promptly remediated upon discovery, thus greatly reducing the overall security risk within sports authority.
- Continuous monitoring of the sports authority network and internal systems for malicious activity.
- Numerous attacks and security threats targeted at company have been prevented because of these efforts.
Experience
0-2 Years
Level
Entry Level
Education
Business
Information Security Analyst Resume
Headline : Skilled Information Security Specialist with expertise in risk management framework (RMF), systems development life cycle (SDLC), security life cycle, and vulnerabilities management of a wide range of vulnerabilities and threats, fundamental business analysis, and project management. Specialized in providing IT security expertise and guidance in support of security assessments and continues monitoring for government (FISMA & NIST) and commercial clients.
Skills : Risk Assessment, Vulnerability Scanning, IT Security Compliance, Vulnerability Assessment, Impact Analysis - Assessment & Authorization, Security Control Assessment, Security Control Assessment, Nessus Vulnerability Scanner, VMware, Oracle virtual box, CSAM, Accellion/WatchDox secure file solution.
Description :
- Provided security expertise and guidance in support of security assessments.Reviewed authorization documentation for completeness and accuracy for compliance.
- Executed examine, interview, and test procedures in accordance with nist sp 800-53a revision 4.Ensured cyber security policies are adhered to and that required controls are implemented.
- Validated information system security plans to ensure nist control requirements are met.
- Developed resultant sca documentation, including but not limited to the security assessment report (sar).
- Assisted team members with proper artifact collection and detail to clients examples of artifacts that will satisfy assessment requirements.
- Reviewed security logs to ensure compliance with policies and procedures and identifies potential anomalies.
- Updated and reviewed a&a packages to include core docs, policy & procedures, operations and maintenance artifacts, ssp, sar, fips 200, fips 199, poa&m, cptpr, bia, pta, pia, and more.
Experience
5-7 Years
Level
Executive
Education
BS
Vulnerability Analyst / IT Security Analyst Resume
Summary : A brilliant and detail oriented Information Security Auditor seeking a position in a growth oriented organization with focus on FISMA, Sarbanes-Oxley 404, system security monitoring and auditing; risk assessments; audit engagements, testing information technology controls and developing security policies, procedures and guidelines.
Skills : Information Assurance (IA), Certification and Accreditation (C&A), Risk Management, Authentication & Access Control, network and cyber security, System Monitoring, Regulatory Compliance, Physical and environmental security, Project Management, Incident Response, and Disaster Recovery.
Description :
- Conducted security control assessment to assess the adequacy of management, operational privacy, and technical security controls implemented. Security assessment reports (sar) were developed detailing the results of the assessment along with plan of action and milestones (poa&m).
- Developed risk assessment report to identify threats and vulnerabilities applicable to smart think systems. This report also evaluates the likelihood of vulnerability being exploited, assesses the impact associated with these threats and vulnerabilities, and identified the overall risk level.
- Assist in the development of an information security continuous monitoring strategy to help in maintaining an ongoing awareness of information security.
- Ensure effectiveness of all security controls, vulnerabilities, and threats to support organizational risk management decisions.
- Lead in the development of privacy threshold analysis (pta), and privacy impact analysis (pia) by working closely with the information system security officers (issos), the system owner, information owners and the privacy act officer.
- Develop a system security plan to provide an overview of federal information system security requirements and describe the controls in place or planned to meet those requirements.
- Responsible for the development of key security standards by performing an in-depth security assessment of information systems in order to maintain fisma compliance by implementing guidelines and standards identified in the national institute of standard and technology (nist) 800 series in facility.
Experience
7-10 Years
Level
Executive
Education
BA
IT Security Analyst III Resume
Objective : Professional, detail-oriented System Security Analyst motivated to continuously learn and grow within the Security field of technology.
Skills : Python Vulnerability Management: Qualys, Nessus, Acunetix, Retina, AppCheck, Nmap Etc. Frameworks: Cobits 5, NIST, OWASP 10, And SANS Etc. Forensic Tool: FKT, Encase Networks: LAN & WLAN Core IT Security Penetration Testing Vulnerability Management Risk Management IT & Forensic Auditing COBIT 5 ISO 27001/2 Awareness IT Governance Threat Analysis Incident Management End-point Security Firewalls (IPS/IDS)
Description :
- Managed process and acted in the lead role for computer security incident response team. Perform and develop procedures for system security audits, network penetration-test, and vulnerability assessments on os, server, database, and other applications.
- Assess threats, risks, and vulnerabilities from emerging security issues and advise pertinent stakeholders on appropriate measures. Conducting, managing and tracking pci vulnerability assessments using acunetix, nessus and qualys web vulnerability tools.
- Undertaking it security compliance policies framework reviews (e. G. Iso 27001/2, nist, sox cobit, hipaa etc. ) for various it platforms. Develop and interpret it security policies, technical security standards, security operating procedures and processes for various technologies to stakeholders.
- Maintaining risk security awareness and solutions to ensure updates within departments on a regular basis.
- Conducting it audit assessments for systems or applications as required, and recommend solution on how to mitigate risk.
- Maintain and create and operate a schedule of vulnerability scanning, including business co-ordination with it stakeholders. Establish vulnerability scanning resolution on server, cloud and desktop environments.
- Collaborate with infrastructure team to analyse possible infrastructure security incidents to determine an event is fit as a legitimate security breach. Monitoring and analysing networking traffics with wireshark to resolve downtime.
Experience
2-5 Years
Level
Junior
Education
MSC
IT Security Analyst (Contractor) Resume
Summary : Skilled Information Security Analyst with expertise in risk management framework (RMF), systems development life cycle (SDLC), risk management, and vulnerabilities management of a wide range of vulnerabilities and threats. Well-versed in direct and remote analysis with Strong critical thinking communication and people skills.
Skills : Assessment and Authorization (A&A), IT Security Compliance, Vulnerability Assessment, Vulnerability Scanning, Risk Assessment, Technical Writing, Project Management and Support, Impact Analysis
Description :
- Developed, reviewed, and updated information security system policies, system security plans, and security baselines in accordance with nist, fisma, omb app. Iii a-130 and industry best security practices.
- Applied appropriate information security control for federal information system based on nist 800-37 rev1, sp 800-53, fips 199, fips 200 and omb a-130 appendix iii.
- Provided security expertise and guidance in support of security assessments. Review, analyze and evaluate business system and user needs, specifically in authorization and accreditation (a&a).
- Facilitated security control assessment (sca) and continuous monitoring activities. Executed examine, interview, and test procedures in accordance with nist sp 800-53a revision 4.
- Ensured cyber security policies are adhered to and that required controls are implemented. Validated information system security plans to ensure nist control requirements are met.
- Developed resultant sca documentation, including but not limited to the security assessment report (sar). Reviewed security logs to ensure compliance with policies and procedures and identifies potential anomalies.
- Updated and reviewed a&a packages to include core docs, policy & procedures, operations and maintenance artifacts, ssp, sar, fips 200, fips 199, poa&m, cptpr, bia, pta, pia, and more. Collected operation and maintenance artifacts on an ongoing basis so that security control assessment (sca) is seamless.
Experience
7-10 Years
Level
Consultant
Education
BS
Cyber Security Analyst Resume
Objective : Insightful, result driven Cyber security analyst with 5 years of experience and expertise in implementing, and reviewing ATO Package documents and re-mediating POAMs. Proven record of evaluating system vulnerability in order to recommend security improvements.
Skills : IT Security Analyst, FISMA, Nessus, NIST, Risk Management And Assessment
Description :
- Conducting meetings with the it team to gather documentations and evidences (kick-off meeting) about the control. Developing and maintaining plan of action and milestones (poa&ms) to remediate findings and get an ato.
- Conducting assessment of controls on information systems by interviewing, examining and testing methods using nist sp 800-53a as a guide.
- Creating, updating and reviewing system security plans using nist 800-18, contingency plans using nist 800-34, incident reports using nist 800-61.
- Conducting risk assessments regularly; ensured measures raised in assessments were implemented in accordance with risk profile, and root-causes of risks were fully addressed following nist 800-30 and nist 800-37.
- Conducting fisma-based security risk assessments by interviews, tests and examining of facts. Supporting clients in creating a memo for findings that has passed scheduled completion date.
- Perform comprehensive security control assessment (sca) and prepare report on management, operational and technical security controls for audited applications and supporting clients in creating risk base decision (rbd) for plan of action and milestones (poa&m).
- Reviewing and updating security artifacts such as system security plan (ssp), security assessment report (sar), security assessment plan (sap), contingency plan (cp), privacy impact assessment (pia), and plan of actions and milestones (poa&m).
Experience
2-5 Years
Level
Junior
Education
BS
IT Audit Security Analyst Resume
Summary : Lead in the development, implementation, and management of security technology processes, procedures and solutions, which include Data Loss Prevention, Endpoint Protection, Vulnerability Management, Content Filtering, Security Information and Event Management (SIEM), Intrusion Detection Systems(IDS) and Intrusion Prevention Systems (IPS).
Skills : Nessus, BurpSuite, NMap, Netcat, Cain & Abel, John the Ripper, Wireshark, incident prevention, detection, containment, eradication and recovery across IT systems
Description :
- Performed security assessment of various web applications using burp suite, zap proxy and nessus.
- Performed security event monitoring of heterogeneous network architecture solutions using mcafee enterprise security manager, mcafee security suite of products such as mcafee endpoint encryption, mcafee dlp - device control, mcafee epo management, mcafee antivirus and anti-malware.
- Performed application white listing using carbon black which is considered the best endpoint security device by many security professionals.
- Performed vulnerability assessment of various online applications to identify the vulnerabilities in input data validation, session management, authentication, authorization, auditing and logging.
- Performed security assessment on the applications, web sites, web applications to determine the security posture.
- Coordinated with development team to ensure closure of reported vulnerabilities by explaining the ease of exploitation and impact of the issue.
- Prepared reports with security breaches and the extent of the damage caused by the breaches to brief higher management and also clients.
Experience
7-10 Years
Level
Senior
Education
CS
IT Security Analyst (Consultant) Resume
Objective : Security Assessment and Authorization (SA&A) professional with 4 years of experience in Risk Management Framework (RMF), Systems Development Life Cycle (SDLC), security life cycle and vulnerability management using FISMA, OMB, HIPAA and applicable NIST standards. Proven enterprise experience in security management, aptitude for good customer service, leadership, and excellent communication and presentation skills.
Skills : Information Technology Management, Security, Data Mining, Project Management, Risk Management, Critical Thinking, Customer Service
Description :
- Provided security expertise and guidance in support of security assessments.
- Participated in weekly IT security team meetings to provide guidance and support for the development of enterprise security architecture.
- Executed examine, interview, and test procedures in accordance with nist sp 800-53a revision 4. Ensured cyber security policies are adhered to and that required controls are implemented.
- Validated information system security plans to ensure nist control requirements are met. Developed resultant sca documentation, including but not limited to the security assessment report (sar).
- Assisted team members with proper artifact collection and detail to clients' examples of artifacts that will satisfy assessment requirements.
- Reviewed security logs to ensure compliance with policies and procedures and identifies potential anomalies.
- Made input in data calls to ensure it security projects are on track. Worked with systems and network administrators to develop implementation statement for security controls.
Experience
2-5 Years
Level
Junior
Education
BS