Information Assurance Analyst Sample Resume Format in Word Free Download

Sample Template Example of Beautiful Excellent Professional Curriculum Vitae / Resume / CV Format with Career Objective, Job Description, Skills & Work Experience for Freshers & Experienced in Word / Doc / Pdf Free Download

OBJECTIVE: To secure and maintain an Information Security position with a global agency that will fully utilize my education and skills while providing an opportunity for advancement and growth.

EDUCATION AND CERTIFICATIONS:

MBA; Technology Management; University of Phoenix; May 2007

BS; Management of Information Technology; Capitol College; May 2001 

Certified Authorization Professional (CAP), October 2011

Certified Risk Information Systems Control (CRISC), August 2011

Security + Certification, February 2008

INFOSEC Assessment Methodology/INFOSEC Evaluation Methodology (IAM/IEM), October 2009

RELATED TECHNOLOGIES:

Windows 7, Microsoft Office 2010, MS Project, Visio, eEye Retina, NESSUS, AppDetective, WebInspect, Gold Disk, CA Unicenter, BMC Remedy Service Desk, SharePoint, Trusted Agent FISMA (TAF), Risk Management System (RMS) and Cyber Security Assessment and Management (CSAM).

SECURITY CLEARANCE: TOP SECRET

PROFESSIONAL EXPERIENCE

Federated IT, Inc.

Information Assurance Analyst                                                 May 2012 to Present                                               Washington, DC

• Provide support to the Department of Homeland Security (DHS) Chief Information Security Officer (CISO) and facilitate Federal Information Security Management Act (FISMA) compliance for all DHS Information Systems.
• Initiate the development and implementation of all security authorization packages for new information systems as implemented by the guidance of the National Institute of Standards and Technology (NIST).
• Implement an IT Security Review and Assistance Program to aid the Information Systems Security Officer (ISSOs) in authoring and maintaining C&A documentation.
• Responsible for auditing existing information systems while directing the administration of the Department security policies, activities, and standards.
• Initiate vulnerability assessments of information systems to identify and report potential security breaches and vulnerabilities to the System Owner and Engineering Team in a timely fashion.
• Initiate remediation activities of all weaknesses and deficiencies found as a part of continuous monitoring activities.
• Support the Plan of Action and Milestones (POA&M) process; review and monitor POA&Ms for each system and ensure timely updates into Trusted Agent FISMA (TAF).
• Serve as the CISO team’s liaison for the Privacy Office; track and report all Privacy Threshold Analysis (PTA), Privacy Impact Assessment (PIA) and System of Records Notice (SORN) for each system and other privacy related matters.
• Conduct both network and user activity audits where required; determine security needs, develop and implement solutions.
• Conduct, complete and report on all security authorization and C&A related tasks on a weekly basis.

Knowledge Consulting Group

Information Systems Security Officer (ISSO)                             February 2011 to March 2012                                Washington, DC

               

• Provide support to the Immigration and Customs Enforcement (ICE) Office of Internal Affairs (OIA), Information Assurance Division for the Certification & Accreditation (C&A) Process.
• Responsible for the development, implementation and maintenance of all C&A documentation.
• Identify controls to ensure that all policies and documentation are aligned with the National Institute of Standards and Technology (NIST) and Department of Homeland Security (DHS) IT Security Policy Guidance for general support systems and major applications.
• Maintain an appropriate security management posture for all information systems and assests.
• Support the Chief Information Security Officer (CISO) by ensuring that all security issues are being addresses in configuration reviews and Change Control Boards (CCBs).
• Provide IT security consulting to system owners as to the other security documents; security incident reports, equipment/software inventories, operating instructions, technical vulnerability reports, and contingency plans.
• Initiate Vulnerability Expolitation Test (VET) Requests through the DHS Security Operations Center (SOC) and report system weakness to System Owner and System Development Team.
• Initiate remediation activities of all weaknesses and deficiencies found as a part of continuous monitoring activities. 
• Work with different DHS automated tools to develop related documentation and to track POA&M and vulnerability status.
• Support continuous monitoring initiatives by ensuring that all phases are implemented throughout the entire lifecycle of each system.
• Report all project related issues to the Compliance and Oversight Program Director to work towards a resolution.
• Conduct IT security reviews with system administrators, system owners and system users.
• Attend monthly ISSO training courses at DHS Headquarters or as required.

G&B Solutions Inc.

Information Assurance Specialist                                              June 2010 to February 2011                                   Washington, DC

• Serve as Team Lead for the Department of Housing and Urban Development (HUD) Office of the Inspector General (OIG), Information Systems Division (ISD), Independent Verification and Validation (IV&V) team.
• Serves as the primary interface and point of contact with the Federal representatives on project and administration concerns.
• Responsible for Certification and Accreditation (C&A) of HUD OIG information systems while ensuring conformance to federal standards; including Federal Information Security Management Act (FISMA), Office of Management and Budget (OMB) Circular A-130; and National Institute of Standards and Technology (NIST).
• Support Information Technology Infrastructure Library (ITIL) methodology by monitoring Service Level Agreement (SLA) management and analysis.
• Perform Capital Planning Investment Control (CPIC) Processes by supporting the implementation of OMB 300 and Exhibit 53 initiatives.
• Perform analysis of HUD OIG documentation; such as their IT Security Policies and Operating Procedures.
• Review Statements of Work (SOW) for conformance to security related contracting requirements and provide input as needed.
• Attend bi-weekly meetings with contractor representatives regarding information technology and address any information assurance (IA) issues that may arise. Hold formal and informal technical and non-technical discussions with all levels of staff to discuss system and security related issues.
• Perform gap analysis of the contract requirements to ensure that deliverables are met; plan, organize and provide guidance as necessary.
• Generate various reports/deliverables to include project progress and shortfalls to the Chief Information Officer (CIO) and Contracting Officer Technical Representative (COTR) on a monthly basis; on meeting service level agreements (SLAs) and provide recommendation for bonus or penalties based on these items. Review contractor invoices and ensure oversight as appropriate.
• Research and provide advice to the Information System Security Manager (ISSM) and other government personnel upon request regarding recommended IT hardware and software, along with identified compliance issues as they arise. Ensure recommended new software and technological acquisitions fit with overall program goal and ensure compliance with all applicable policies and regulations.

Science Applications International Corporation (SAIC)

Information Security Analyst                                                     January 2008 to May2010                                      Washington, DC

• Provide support to the Military Sealift Command (MSC) for the DIACAP Certification Process to include threat analysis, vulnerability assessments, Certification Test and Evaluation (CT&E), Security Test and Evaluation (ST&E) and risk analysis.  
• Serve as a member of the Information Assurance (IA) Team by preparing System Security Authorization Agreements (SSAA), Information Assurance Policies and other relevant IA documentation in accordance with Department of Defense (DoD) and Department of Navy (DoN) requirements.  
• Assess system vulnerabilities; determine adequacy of security controls implemented and the level of residual risk.
• Provide the technical capability to analyze problems associated with integration of hardware and software used in current and planned systems and networks.
• Collaborate with Engineering and Operations team to initiate remediation activities for the correction of security deficiencies.
•  Provide the necessary guidance and leadership to ensure that connectivity, interoperability and interface requirements comply with all DoD and Navy programs and policies.
• Identify controls to ensure that they are aligned with DoD 8500-2 IA Controls Guidance.  

Emesec, Inc.

Information Assurance Analyst                                                 May 2007 to December 2007                                  Herndon, VA

• Provided support to the Department of Treasury, Financial Management Service (FMS) Mission Assurance Division (MAD), Information Technology Security Oversight and Compliance (ITSOC) Staff.
• Supported the Independent Verification and Validation (IV&V) Team and ensured FISMA compliance by performing analysis of various FMS documentation such as: System Security Plans (SSPs), Configuration Management Plans (CMs), Contingency Plans (CPs), Security Risk Assessments (SARs), and Plan of Action and Milestones (POA&MS).
• Identified controls to ensure that they are mapped back to the National Institute of Standards and Technology (NIST) 800-53 and standards.
• Contributed to the implementation of the new System Security Plan template for FMS.
• Responsible for identifying, documenting, tracking and verifying corrective actions from opening to closure.

Holloway & Co., PLLC

Jr. IT Auditor                                                                            September 2006 to March 2007                              Washington, DC

• Provided support to the Centers for Medicare and Medicaid Services (CMS) A-123 Self-Assessment team.
• Responsible for identifying, documenting, testing, and the evaluation of the effectiveness of IT-based financial controls used by CMS and their contractors. 
• Analysis of various CMS documentation such as: Security Policy documents, System Security Plans (SSPs), Risk Assessments (RAs), Contingency Plans (CPs), Disaster Recovery Plans (DRs), and previous findings.
• Performed Security Reviews; included Windows OS, Oracle and UNIX security reviews.
• Identified controls that were mapped back to the National Institute of Standards and Technology (NIST) 800-53 standards.
• Reinforce the use of the Security Technical Implementation Guides (STIGs).
• Participated in customer meetings to further clarify the financial reporting processes and to identify any mitigating processes or controls.

CIS Global, Inc. (Contract)

Training Coordinator                                                               April 2006 to August 2006                                        Rockville, MD

• Provided operational support to the National Institutes of Health Training Center (NIHTC).
• Managed classroom and training center logistics.
• Monitored training data and ensured quality assurance for each class.
• Maintained system databases and training files.
• Created Standard Operating Procedures (SOP) and other training related documentation.
• Proposed ideas to management for new IT communication dashboard.
• Coordinated advertising and marketing of training activities to the NIH community.
• Responsible for all inquiries concerning course enrollment, class information and other general training center questions.

RS Information Systems (Acquired by Wyle in 2007)

Jr. Security Analyst                                                             November 2005 to April 2006                                 Washington, DC

• Provided support to the Department of Energy (DOE) in the Office of the Chief Information Officer.
• Support the Independent Verification and Validation (IV&V) Team while performing evaluations of IT systems within DOE. This included Security Reviews of Windows OS, Oracle, Web server, CISCO, and UNIX.
• Performed Security Test and Evaluations (ST&E) and risk analysis on DOE IT systems.
• Provided security research for potential security applications and security tools.
• Ensured that all policies and documentation were aligned with the NIST 800-53 standards.
• Reinforced the use of the Security Technical Implementation Guides (STIGs).
• Worked with members of the Computer Security Incident Response Team; gained knowledge of tracking and reporting information security incidents, emergency preparedness and remediation activities.

Sr. Program Assistant                                                         February 2005 to November 2005                      Gaithersburg, MD

• Provided program support to ITISS DOE contract managers and contract staff. 
• Reviewed and ensured timely processing of employee paperwork; expense reports and other HR related forms. 
• Served as back up support to Facility Security Officer; process badge requests for new contract employees. 
• Served as back up support to the Facility/Office Manager; issued office and access keys, provided supplies and other office related information to new employees. 
• Provided conference-planning support for the Cyber Security and Annual Information Management conferences; type correspondence, set up meetings, distribute conference documents, maintain meeting records and contact clients. 
• Entered labor hours and project labor codes into financial plan then reviewed subcontractor invoices for accuracy
• Served as communicative and administrative liaison between contract staff, program management office and headquarters.

Information Systems Support, Inc. (Acquired by CACI in 2005)

Project Control Specialist                                          January 2002 to February 2005                                                            Gaithersburg, MD

• Set up, track and keep up to date Project Financial Reports on all active projects assigned.
• Processed, track and ensure accuracy of timesheets and other direct project costs.
• Tracked period of performance and ensure renewal with no break in service.
• Assisted project managers with drafting and submitting monthly progress reports and financial information.
• Ensured that task and vendor invoices are generated, reviewed for accuracy and processed as required by contract.

Contracts Administrator                                            May 2001 to December 2001                                                  Bethesda, MD

• Prepared and executed delivery order award and modification for low complexity orders.
• Prepared and reviewed contract summaries and executes in accordance with delegated authority.
• Prepared contract and subcontract close out overview and administration.
• Maintained direct line of communication and correspondence with Contracting Officers.
• Served as information resource for Program Management and Project Control.
• Prepared and executed Subcontracts and Consulting Agreements.
• Prepared and submitted company “official” response and inquiries for submission to clients.
• Prepared and submitted delivery order proposals for existing contract vehicles.
• Supported the new business proposal preparation and submission to include; Representations & Certifications, all required Government Standard Forms, Compliance charts and other forms and information as required.  

United States Pharmacopeia

Customer Service Representative                           May 2000 to May 2001                                                                           Rockville, MD

• Provided information to customers about USP products.
• Take orders, researched and resolved problems in an expedient and efficient manner.
• Interacted with distribution, finance, and the marketing department to fulfill the customer’s needs.
• Used the FACTS financial database to process purchase orders.
• Performed data entry of pending orders and distribution of Material Safety Data Sheets.
• Entered orders, logged in credit card orders, and processed invoices.

Download Resume Format