Project Manager/task Lead/lead Information Security Engineer Resume
3.00/5 (Submit Your Rating)
TECHNICAL SKILLS
- Nessus
- Cloud computing
- WebInspect
- Kali Linux
- AWS
- Cloud security
- Burp Suite
- Nmap
- Networking
- Policy and procedures writing
- Splunk
- Metasploit
- DHS (TIC)
- Technical writer
- DbProtect
- Management
- Enumeration scans
- Vulnerability scans
- SDLC
- Assessment
PROFESSIONAL EXPERIENCE
Confidential
Project manager/Task lead/Lead Information Security Engineer
Responsibilities:
- Manage a team of 22 security control assessors and ISSOs (including penetration testers)
- Worked with team, ensuring the review of the security architecture of the environment being assessed.
- Worked with multiple network engineers ensuring least functionality being put in place.
- Conducting Nessus scans and Nessus scan analysis, as well as, presenting it to stakeholders while explaining the meaning of the vulnerabilities.
- Perform extensive technical writing regarding policies, procedures and other pertinent documentation.
- Support to the Assessment and Authorization (A&A) Risk Management Framework process for all client managed systems, networks, and enclaves (all security domains); ensure validity and accuracy review of all associated documentation; support remote sites when required
- Assist in centralization of A&A files/documentation and maintain files/library; ensure validity and integrity of all systems
- Create, update, and delete entries in databases utilized for the tracking of system and network compliance
- Ensure that all IA systems are properly documented with Configuration Management processes maintain the security accreditation status of systems/sites including the review of current documentation, site architectures and coordination with sites to ensure the documentation is accurate with the current site architecture, IAW Policy and processes
- Perform, participate and support all assessment and authorization (A&A) efforts for systems, networks, and applications (all security domains) IAW DoD and IC requirements
- Provide coordination for assessment metric submissions
- Provide direct support in development of other A&A related systems bodies of evidence in accordance with current NIST guidance, using the government provide A&A tool (i.e. XACTA)
- Provide security engineering assessments of proposed IT solutions
- Work in coordination with both internal and external systems administrators, configuration management, and network engineers to ensure proper configuration and adherence to security standards in regard to deployment actions
- Serve as Security Controls Assessors for formal Security Test and Evaluation
- Providing guidance regarding remediation and mitigation of identified vulnerabilities
- Provide guidance on the application of security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements, reviewing and determining the adequacy of required documentation
- Development of all supporting test reports and supporting artifacts and plan and action of milestones (POA&Ms) documenting open findings, preparation of formal authorization packages and oversight of the resolution of POA&Ms and development and maintenance of assessment and authorization enterprise schedules and metrics
- Provide support for management and maintenance of assessment and authorization repositories
- Perform security assessments at remote sites
Confidential
Senior Consultant
Responsibilities:
- Conducting scans utilizing Nessus and provide explanation on what the findings mean to the stake holder
- Conducting Burp Suite report analysis
- Attend monthly meetings with the CISO, to discuss methodologies to enhance the assessment process
- Train personnel on the proper way of assessing controls; primarily controls that require great deal of technical understanding
- Supports the Security Assessment and Authorization process of the clients’ systems as a technical Security Analyst
- Assisted Pen testing team with projects in analyzing Burp suite reports
- Work in 3PAO projects where we assisted CSPs to receive ATOs
- Utilizes FedRAMP requirements to assess cloud systems to ensure the proper security requirements are satisfied.
- Reviewed technical security controls and provide implementation responses to meet requirements
- Document findings in the SAR
- Meet with client to discuss findings and process of remediation
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
