Crystal E Email & Phone Number
Who is Crystal E? Overview
A concise factual answer block for searchers comparing this professional profile.
Crystal E is listed as Information System Security Analyst and ATO Management at Index Analytics LLC, a with 242 employees, based in United States. AeroLeads shows a matched LinkedIn profile for Crystal E.
Crystal E previously worked as Information System Security Analyst/ATO Management Lead at Index Analytics Llc and Security Specialist at Next Phase Solutions And Services, Inc.. Crystal E holds Bachelor Of Engineering - Be, Information Engineering from Covenant University.
Email format at Index Analytics LLC
This section adds company-level context without repeating Crystal E's masked contact details.
Review company-level records connected to Crystal E before choosing the right outreach path.
About Crystal E
A Cybersecurity analyst with exceptional experience in federal and commercial projects. Currently supporting Centre for Medicare and Medicaid Services (CMS) and Department of Defense (DOD) on security risk compliance activities. Efficient in Risk Management Framework (NIST-RMF) not limited to audit, assessments, and reporting on FEDRAMP/FISMA-reportable primary application and enterprise-level systems. Expert with NIST SP 800 series and FIPS publications like 800-37, 800-53, FIPS 199, and FIPS 200. Proficient in Gap Analysis, System Development Life Cycle (SDLC), Security Control Assessment, POA&M Management, Penetration Testing, and Vulnerability Scanning. Also, experience in Cyber security operations with professional knowledge in Network protocols, cloud infrastructures, Incident handling, Information security, and Vulnerability Management. Provide security solutions for Data, Networks and organizational assets using best practices and customized solutions in a fast – paced, 24/7 Security Operations Centers (SOC). Exceptional experience in malware analysis with an overall objective to ensure confidentiality, integrity and availability of the systems, networks, and data. Good hands-on experience in security operation center (SOC) processes, and Computer Network Defense tools and best practices at Tier one and two levels.
Crystal E's current company
Company context helps verify the profile and gives searchers a useful next step.
Crystal E work experience
A career timeline built from the work history available for this profile.
Information System Security Analyst/Ato Management Lead
Current• I develop ATO packages for assigned systems and this include System Security Plan(SSP), Contingency Plan(CP), Incidence Response Plan(IRP), Information System Risk Assessment (ISRA), Contingency Tabletop Test, After Action Report (AAR), Policies and Procedures documentations, etc. • Prepare assigned system for independent assessment.• Supports new system all the way to their ATO and beyond, making sure the system continues to maintain its security posture with regards to confidentiality, integrity, availability and privacy. I ensure systems are FISMA/FEDRAMP compliant.• Aids project teams in compiling documentations for Security Compliance Audit/Control Adaptive Capability Testing (SCA/ACT), Security Impact Analysis (SIA), Authority to Operate (ATO) and support in recurring and ongoing security assessment requirements.• Supports, implement, maintains, and monitor security and privacy controls in compliance with Federal Risk and Authorization Management Program (FEDRAMP), National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), FISMA requirements and guidance.• I work as a DevSecOps engineer responsible for implementing cloud security during the SDLC phases for our cloud-based applications. • Performs security testing SAST and DAST.• Performs vulnerability/risk assessment analysis to support certification and accreditation.• Collaborates with customers, senior agency officials, ISSOs, AO, system owners and other stakeholders to develop, update and maintain policies and procedures also to implement security solutions.• Manages changes to the system, assess the security and privacy impact of those changes may cause and make recommendations.• Tracks and maintains the completion Plan of Action and Milestones (POA&M), Risk Acceptance Form (RAFs) for weaknesses identified in security tests and audits.• Completes a Security Impact Analysis (SIAs) as part of each sprint within an agile development organization.
Security Specialist
• Independently develop a variety of C&A deliverables including System Security Plans, Information Security Risk Assessments, E-Authentication Risk Analysis, Privacy Risk Assessments, Annual Assessments, Contingency Plans, Incident Response Plans, and FIPS 199 Security Categorizations, etc.• Work with programs to ensure security functions are implemented throughout all phases of the SDLC for the program(s) that are under their care.• Familiarity and experience with security monitoring tools and interpretation of vulnerability and risk assessment output.• Provide Federal Information Security Management Act (FISMA) support and subject matter expertise.• Recommend system architecture solutions based on industry best practices.• Perform periodic internal audits, vulnerability assessments, and application code testing.• Work with developers to support secure coding practices, explain application-related security findings and how to reproduce them, and make sure information security risks are managed throughout the SDLC phases.• Use automated tools to perform static source code and dynamic security testing to identify vulnerabilities and attack vectors in web applications.• Complete a Security Impact Analysis as part of an agile development organization.• Support, implement, maintain, and monitor security and privacy controls to comply with FISMA, HIPAA, FedRAMP, and NIST RMF requirements and guidance.• Plan, document, implement, assess, maintain, and monitor security and privacy controls following requirements, policies, standards, processes, and procedures documented in the CMS BPSSM, ARS 3.1, TRA, and RMH.• Support audits, assessments, and penetration test-related documentation requests and vulnerability remediate efforts.• Document and maintain a Plan of Action and Milestones (POA&M) for weaknesses identified in security tests and/or audits.• Maintain current knowledge of relevant security and privacy trends and technology
Information Security Analyst
• Developed, updated, and reviewed A &A documentation to include System Security Plan (SSP), Information System Risk Assessment (ISRA), Tabletop test exercise, After Action Report (AAR), Incident Response Plan (IRP), Contingency Plan (CP), Plans of Action and Milestones (POA&Ms), ATO debrief slide and Risk Assessment Reports• Performed security testing using vulnerability scanning tools such as NESSUS, Burp Suite, and Veracode.• Scrutinized all mitigation for vulnerabilities, apply appropriate mitigation to systems and report compliance in the vulnerability management tool.• I supported new system all the way to their ATO and beyond, making sure they are continuing to maintain their security posture and they are FISMA compliant.• Implemented and enforced information systems security policies, standards, and methodologies• Evaluated security solutions to ensure they meet security requirements and document the implementation of security controls in the SSP using NIST 800-53 Rev 4 and NIST 800- 53 A as a guide.• Experienced in assisting with the implementation of an automated CI/CD DevSecOps pipeline.• Supported, implemented, maintained, and monitored security and privacy controls in compliance with FISMA, HIPAA, FedRAMP, and NIST RMF requirements and guidance. • Involved with developing, reviewing, and updating policies and procedures, audit, and compliance with but not limited to RMF, NIST and FISMA. • Worked with developers to refine security checkpoints in the SDLC and ensure information security risks are managed throughout all the phases of the SDLC.• Worked with system administrators to resolve POA&Ms, gather artifacts and create mitigation memos, and corrective action plans to assist in the closure of POA&M. • Utilized GRC tools such as CSAM to create, track, and update remediation on Plan of Actions and Milestones (POA&Ms) for findings identified through security controls assessments, security tests, vulnerability scans, and compliance.
Soc Analyst
• Tremendous knowledge in network security monitoring and incident response, and strong written, technical, and communications skills.• Implemented information system continuous monitoring program in addition to streamlining access configuration management programs to ensure compliance with organization policy and procedures.• Monitored and analyzed network traffic, Intrusion Detection Systems (IDS), security events and logs.• Worked with Security Operation Center Engineers to operate Intrusion detection and prevention systems (IDS/IPS) such as SNORT to analyze and detect Worms, Vulnerabilities exploits attempts. • Monitored events responded to incidents and reported findings. • Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention and malware analysis tools. • Used Splunk to search and analyze email logs to confirm malicious emails were not delivered or are quarantined and malicious attachments dropped.• Communicated with other security analyst to address security threats and incidents and developed follow-up action plans to resolve reportable issues.• Prioritized and differentiated between real intrusion attempts and false positive alerts.• Provide 24 x7 operational support for escalations on a rotating shift basis.
Colleagues at Index Analytics LLC
Other employees you can reach at index-analytics.com. View company contacts for 242 employees →
Alfredo Salas
Colleague at Index Analytics LlcWaterloo, Ontario, Canada
View →
DN
Danielle Norwood
Colleague at Index Analytics LlcCrofton, Maryland, United States
View →
NY
Nikhil Yesupriya
Colleague at Index Analytics LlcBaltimore, Maryland, United States
View →
PH
Philip Heal
Colleague at Index Analytics LlcCape Coral, Florida, United States
View →
TF
Tiffany Fisher
Colleague at Index Analytics LlcCockeysville, Maryland, United States
View →
MM
Mike Masten
Colleague at Index Analytics LlcDenver Metropolitan Area, United States
View →
KD
Kelli Dicks
Colleague at Index Analytics LlcEllicott City, Maryland, United States
View →
IU
Isabella Umberger
Colleague at Index Analytics LlcColumbia, Maryland, United States
View →
MD
Matthew Dillehay
Colleague at Index Analytics LlcCrofton, Maryland, United States
View →
KP
Kenny Pellerin
Colleague at Index Analytics LlcWashington Dc-Baltimore Area, United States
View →
Crystal E education
Frequently asked questions about Crystal E
Quick answers generated from the profile data available on this page.
What company does Crystal E work for?
Crystal E works for Index Analytics LLC.
What is Crystal E's role at Index Analytics LLC?
Crystal E is listed as Information System Security Analyst and ATO Management at Index Analytics LLC.
Where is Crystal E based?
Crystal E is based in United States while working with Index Analytics LLC.
What companies has Crystal E worked for?
Crystal E has worked for Index Analytics Llc, Next Phase Solutions And Services, Inc., Chevron (Anbe Consulting), and Confidential Jobs.
Who are Crystal E's colleagues at Index Analytics LLC?
Crystal E's colleagues at Index Analytics LLC include Alfredo Salas, Danielle Norwood, Nikhil Yesupriya, Philip Heal, and Tiffany Fisher.
How can I contact Crystal E?
You can use AeroLeads to view verified contact signals for Crystal E at Index Analytics LLC, including work email, phone, and LinkedIn data when available.
What schools did Crystal E attend?
Crystal E holds Bachelor Of Engineering - Be, Information Engineering from Covenant University.
Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.
Start free trialCheck these profiles if this is not the Crystal E you were looking for.
View similar profiles