Information Risk Analyst August Resume
5.00/5 (Submit Your Rating)
Katy, TexaS
SUMMARY
- ISO 27001/27002, SSAE 18, SOC 2 Type II, Health Insurance Portability and Accountability Act (HIPAA), Federal Information Security Management Act (FISMA) (NIST 800 - 53, NIST 800-60, and FIPS 199 E-Autantication.
- Privacy Threshold Analysis, PIA, Risk Assessment Report, System Security Plan, Contingency Plan, ST&E, NIST SP 800-53A, Security Assessment Report, POA&M, NIST Risk Management Framework, NIST 800-53, NIST 800-53A, NIST 800-30, NIST 800-37, NIST 800-34, NIST 800-18), Payment Card Industry Data Security Standard (PCI DSS)
- Strong customer service skills and good listener.
- Great troubleshooting skills wif teh ability to quickly identify and resolve issues.
- Good people skills, capable of working wif others attitude and opinions.
- Provide support for end users on a variety ranging from hardware, software, network and account management.
PROFESSIONAL EXPERIENCE
Confidential, Katy, Texas
Information Risk Analyst August
Responsibilities:
- Scheduled kick off meetings wif system owners to halp identify assessment scope, system boundary, teh information system's category and attain any artifacts needed in conducting teh assessment.
- Participate in teh FIPS 199 process in which security categorization takes place, and selecting teh technical, operational and managerial controls using NIST SP 800-60 guidelines.
- Provided support for documentation initiatives as related to System Security Plans, Risk Assessment Plans, Continuity of Operations Plans, Incident Response Plans, and Security Test and Evaluation (ST&E) standards
- Ensured that established internal control procedures were in compliance by examining reports, records, documentation and operating practices.
- Worked wif a team of assessors, system owners, and system engineers to assist in teh development, categorization, implementation, assessment, and monitoring of common security controls.
- Ensured that security awareness and training materials are reviewed periodically and updated when necessary.
- Planned and led POA&M teams to remediate teh information system vulnerabilities and prepared authorization packages for ATO (Authorization to Operate).
- Experience wif Risk Management Framework (RMF) and teh ability to apply security risk assessment methodology to system development.
Confidential, VA
Information Risk analyst
Responsibilities:
- Guided System Owners and ISSOs through teh Certification and Accreditation (C&A) process
- Ensured that management, operational and technical controls for securing either Sensitive Security Systems or IT Systems are in place and are adhered to in accordance to federal guidelines (NIST 800-53)
- Supported System Test and Evaluation (ST&E) effort and other IT Security Office duties
- Participated in planning, training, and preparation for contingency and disaster recovery operations.
- Ensuring teh management, operational and technical controls for securing either sensitive Security Systems or IT Systems are in place and are followed according to federal guidelines (NIST SP 800-53)
- Ensured that appropriate steps are taken to implement information security requirements for IT systems.
- Monitor controls post authorization to ensure continuous compliance wif teh security requirements.
- Update teh controls changes from NIST-800 53 rev 3 to NIST-800 53 rev 4 and control assessment changes from NIST-800 53A to NIST 53A rev4.
- Ensure compliance wif Baseline security configurations, IT controls and policy standards.
- Ensured all systems are operated, maintained, and information is disposed in accordance wif security policies.
- Conducted Security Test and Evaluation (ST&E) using NIST 800 53A. Rev 4 and develop supporting documentation to teh result based on security control requirement.
- Supported Security Assessment and Authorization (SA&A) activities, by preparing teh complete ATO package for teh authorization official to make accreditation decision.
- Reviewed and Updated System Security Plans using teh NIST 800-18 as a guide.
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
