Information Security Analyst
CurrentTop Group Technologies is a cybersecurity consulting company focused on Information Technology Security, Risk Assessment, Compliance, Cloud Security, Data Security Breaches, Full Life-Cycle Software Development, Technical Project Management and more. Perform Vulnerability Assessments to ensure that threat risks are assessed and evaluated with a strategic plan of action to limit their impact on the Information Systems. Transform traditional Certification and Accreditation (C&A) programs into a six-step life cycle process consisting of categorization of information systems, selection of security controls, assessment, authorization and implementation of security controls. Prepared Security Assessment and Authorization (SA&A) packages making sure that the operational and technical security controls comply with NIST SP 800-53 standards. Create standard templates for required security assessments and authorization documents, including Risk Assessments, Security Plans, Security Assessment Plans, Reports, Contingency Plans, and Security Authorization. Execute IT control risk assessments; including reviewing organizational policies, standards and procedures to provide advice on their compliance. Develop assessment criteria to identify and prioritize risk interaction, privacy impact conformance with applicable legal, regulatory, and policy requirements for privacy. Create POA&M (Plan of Action & Milestones) document to take corrective actions resulting from ST&E (System Test & Evaluation) Assess program and security controls using Organization IT Security Policy Handbook and NIST Special Publications to provide information necessary to determine their overall effectiveness. Install software, such as firewalls and data encryption programs to protect highly sensitive information, Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.