Execute Security Control Selection based on the categorization of the information system, security controls are selected based on NIST 800-53 Rev 5. Meetings with the common control providers are conducted to identify system-specific and hybrid controls and tailor the control based on the organization’s mission and needs. Also, work closely with developers, system administrators, and third parties such as vendors and Cloud Service providers (CSP) to ensure that the controls are implemented and document all approved controls in the SSP and Identify potential weaknesses and misconfigurations by performing vulnerability assessments of cloud-hosted applications to warrant robust security measures.Vast knowledge in all aspects of Security Authorization and Continuous Monitoring process using National Institute of Standard Publications 800-30, 800-37 Rev 2, 800-60, 800-53 Rev 5, 800-53(a) Rev 5, 800-171, FIPS 199, FIPS 200. Experience in remediating vulnerabilities and defect fixes by working closely with development leads and engineers.Perform identification and mitigation of cyber security risks through formal assessment activities.Conducting continuous monitoring, risk assessments, monitoring security compliance, practicing security training, and responding to security incidents. Knowledge of Federal regulatory bodies such as the National Institute of Standards and Technology (NIST), Federal Information Security Management Act of 2002 (FISMA), Federal Risk and Authorization Management Program (FedRAMP).Tracking IT security risks by monitoring POA&Ms that exceed the remediation timelines established in the vulnerability, management plan and ensuring valid risk mitigation plans are in place. Provide coordination, tracking, and management through all aspects of the initial and recurring A&A processes.Conducting risk assessments and collaborating with clients to provide recommendations regarding critical infrastructure, network.

Worked collaboratively with Information Security and IT team members to develop and implement forward-thinking strategies for attack monitoring and prevention, aiming for innovative security solutions. Developed key risk and performance indicators to effectively measure the efficiency of the monitoring program and its related processes, ensuring continuous improvement. Formulated and oversaw basic IDS/IPS rules to detect and prevent malicious activities, aiming for proactive threat mitigation. Evaluate threats and vulnerabilities based on Nessus tenable reports and Implement Risk Management Framework (RMF) following NIST SP 800-37. Ensured continuous 24/7/365 real-time surveillance of security tools, dashboards, and email notifications, striving for zero downtime in monitoring operations.Maintained vigilant oversight of security defenses and functionalities for clients, prioritizing proactive threat mitigation strategies.Provided rapid initial analysis, containment, and escalation in significant incidents, aiming for minimal response time and maximum incident control. Efficiently identified and mitigated false positive alerts to maintain system integrity and focus on genuine threats.Managed Malicious/Phishing Email alerts from IronPort and FireEye, adhering to standard procedures for quick resolution.Identified suspicious emails with phishing indicators such as spoofed sender addresses, misspelled domain names, or suspicious attachments.Detected and analyzed phishing emails targeting organizational personnel, identifying common phishing indicators such as suspicious sender addresses, deceptive subject lines, and malicious attachments.Administered and maintained Mimecast and IronPort email security platforms, utilizing them as primary defense mechanisms against email-based threats.Conducted endpoint investigations to determine if any user systems had been compromised by clicking on phishing links or downloading malicious attachments.

Enhanced organizational integrity by formulating security policies, standards, and procedures to sustain alignment with industry regulations and best practices. Tracked the efficacy of existing security controls and protocols, engaging in security audits and assessments. Pinpointed weaknesses in systems and software by conducting security evaluations. Identified potential threats and vulnerabilities in networks, ensuring implementation of mitigation strategies to safeguard critical assets and maintain operational resilience. Implemented VPN solutions to secure remote access for over 500 employees, configuring firewall rules to allow only authorized traffic. Utilized SSL and IPSec protocols to encrypt data transfers, reducing unauthorized access attempts by 30% and ensuring seamless connectivity. Strengthened Active Directory security by configuring Group Policies to enforce multi-factor authentication and restricting administrative access to sensitive resources. Introduced periodic account audits, removing inactive or compromised accounts and reducing security vulnerabilities by 25%. Conducted regular vulnerability assessments using Nessus and Nmap, identifying configuration weaknesses and potential exposure points, enabling the security team to proactively remediate issues before external audits. Configured CloudWatch and CloudTrail logs across all AWS accounts, setting up real-time alerts for unauthorized access attempts or misconfigured security groups. Integrated CloudWatch logs with SIEM solutions to ensure comprehensive monitoring of EC2, VPC, and IAM activities. Conducted quarterly penetration testing using Nessus and Wireshark to uncover network vulnerabilities in critical systems. Implemented automated scans to identify and remediate outdated or unpatched software versions, reducing exploitable vulnerabilities by 45%. Implemented RMF/FISMA controls by developing security documentation, performing risk assessments,