Security Control Assessor Resume Samples

Description :

1. Played a pivotal role in managing Incidents, identifying Problems, and implementing proactive measures to enhance service quality. 
2. Collaborated with cross-functional teams to drive continuous improvement in service delivery, ultimately ensuring the satisfaction of our internal customers.
3. Led the response to service Incidents and disruptions, ensuring timely resolution and minimal impact on customers.
4. Established and followed incident management processes to classify, prioritize, and coordinate incident resolution efforts. 
5. Worked with IT teams to ensure adherence to the Incident Management process.
6. Collaborated with technical teams to ensure effective incident response and restoration of services in line with the Incident Management Process and SLAs.
7. Controlled ticket lifecycle for the North American region. 

Experience

10+ Years

Level

Senior

Education

Bachelor's In Computer Science

Description :

1. Trained in Independent Verification and Validation (IV&V) of security controls.
2. Welltrained of general attack strategies (MITRE ATT and CK Framework).
3. Trained in NISPOM, ICD 503, NIST SP 800-53, ICD 705, and other ICDs as appropriate.
4. Conducted vulnerability scans and recognized vulnerabilities in security systems (Cloud Environments) ASW, Google, IBM, Azure, and Oracle.
5. Well-trained of network access, identity, and access management e.g. public key infrastructure (PKI).
6. Trained of network protocols such as Transition Control Protocol/Internet Protocol (TCP/IP), Dynamic Host Configuration, Domain Name System (DNS), and directory Services.
7. Assessed the robustness of security systems and designs.

Experience

7-10 Years

Level

Management

Education

Bachelor's In Computer Science

Description :

1. Completed projects, tasks, and associated deliverables on time and with quality.
2. Conducted hands-on security testing, analyzed results, documented risks, and recommends countermeasures.
3. Advised and assisted with the Lifecycle Assessment and Authorization (A&A) process and development of a Systems Security Plan (SSP).
4. Coordinated A&A actions and system testing with appropriate security personnel.
5. Applied working knowledge of Intelligence Community Information Assurance policies and regulations and how they relate to the A&A process.
6. Tested security architectures of cloud-based systems and applications, identifying vulnerabilities and providing security remediation.
7. Contributed to the organization’s overall risk management process by identifying, evaluating, and mitigating security risks.

Experience

7-10 Years

Level

Management

Education

Bachelor's In Computer Science

Description :

1. Tailored assessments and analysis to the necessary levels (classification and organizational).
2. Tracked audit findings and recommendations to ensure that appropriate mitigation actions are taken.
3. Translated data and test results into evaluative conclusions.
4. Understood technology, management, and leadership issues related to organization processes and problem-solving.
5. Understood the basic concepts and issues related to cyber and its organizational impact.
6. Verified application software/network/system security postures are implemented as stated, documented deviations, and recommended required actions to correct those deviations.
7. Worked in a collaborative environment, seeking continuous consultation with other analysts and both internal and external to the organization—to leverage analytical.

Experience

2-5 Years

Level

Executive

Education

Bachelor's In Computer Science

Description :

1. Performed security reviews, identify gaps in security architecture, and develop a security risk management plan to include recommendations for remediation.
2. Prepared and maintained required artifacts, Security Assessment Report (SAR) and associated documentation.
3. Provided input to the Risk Management Framework process activities and related documentation.
4. Recognized a possible security violation and take appropriate action to report the incident, as required.
5. Recommended corrective actions to address identified findings and/or vulnerabilities from an assessment.
6. Reviewed artifacts provided, some of which may be technical or procedural.
7. Reviewed authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network.

Experience

5-7 Years

Level

Executive

Education

Bachelor's In Computer Science

Description :

1. Identified systemic security issues based on the analysis of vulnerability and configuration data.
2. Interpreted and translated customer requirements into operational action.
3. Interpreted patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
4. Participated as a member of planning teams, coordination groups, and task forces as necessary.
5. Participated in the Risk Governance process to provide security risks, mitigations, and input on another technical risk.
6. Performed analysis of security features for system architectures.
7. Performed impact/risk assessments.

Experience

7-10 Years

Level

Management

Education

Bachelor's In Computer Science

Description :

1. Developed assessment plans, including defining the scope, objectives, and methodology for evaluating security controls.
2. Conducted thorough evaluations of security controls, including technical, operational, and management controls, to determine their effectiveness.
3. Identified and assessed security risks associated with information systems, documenting potential threats and vulnerabilities.
4. Reviewed and analyzed security documentation, including policies, procedures, and system security plans, to ensure they meet compliance requirements.
5. Performed security testing and validation activities, such as vulnerability assessments, penetration testing, and security audits, to verify the implementation and effectiveness of controls.
6. Ensured that security controls comply with relevant standards and regulations, such as NIST, ISO 27001, FISMA, and other industry-specific requirements.
7. Prepared detailed assessment reports that document findings, recommendations, and corrective actions required to address identified security issues.

Experience

7-10 Years

Level

Management

Education

Bachelor's In Computer Science

Description :

1. Discerned the protection needs (security controls) of information systems and networks.
2. Ensured plans of action and milestones or remediation plans were in place for findings and vulnerabilities identified during risk assessments, audits, and inspections.
3. Ensured security design and cybersecurity development activities were properly documented (providing a functional description of security implementation) and updated as necessary.
4. Ensured security improvement actions were evaluated, validated, and implemented as required.
5. Demonstrated strong analytical, troubleshooting, and problem-solving skills for security information and event management.
6. Identified cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations.
7. Assisted in preparing for and responding to external audits and assessments conducted by regulatory bodies or third-party assessors.

Experience

5-7 Years

Level

Executive

Education

Bachelor's In Computer Science

Description :

1. Assisted client and team with responses to data calls and audits.
2. Assisted with the preparation of accreditation packages.
3. Collected and maintained data needed to meet assessment reporting.
4. Conducted application vulnerability assessments.
5. Conducted periodic testing of the security posture of the information system.
6. Continuously validated the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
7. Understood how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.

Experience

5-7 Years

Level

Executive

Education

Bachelor's In Computer Science

Description :

1. Assisted the Government in drafting standards and guidelines for the usage of Education and Experience.
2. Trained in security or system engineering in five or more areas, including telecommunications concepts, operating systems, databases/DBMS, middleware, applications, web servers, SANS/Netaps, Active Directory, firewalls, and controlled interfaces.
3. Worked for an established company that values your stable career.
4. Worked with a team that loves their job and making cool stuff.
5. Assessed the configuration management (change configuration/release management) processes.
6. Assessed changes in the system, its environment, and operational needs that could affect the accreditation.
7. Provided guidance and training to organizational staff on security control requirements and best practices.

Experience

7-10 Years

Level

Management

Education

Bachelor's In Computer Science