It Security Analyst
Current▪ Developed, reviewed and updated Information Security System Policies, established security base-lines in accordance with NIST, FISMA, FIPS, and industry best security practices.▪ Performed vulnerability scanning with the support of Nessus scanning tool to detect potential risks on a single or multiple asset across the enterprise network. ▪ Updated IT security policies, procedures, standards, and guidelines per the respective department and federal requirements.▪ Performed risk assessments, help review and update, Plans of Action and Milestones (POA&M), Security Control Assessments. ▪ (SA&A) Security Assessment and Authorization using NIST SP 800-53 rev4/FIPS 200 (Security Con-trols), NIST SP 800-53A rev4 (Assessing Security Controls). ▪ Monitored controls post authorization to ensure constant compliance with the security requirements▪ Conduct Annual Assessment based on NIST SP 800-53A▪ Document findings within Requirements Traceability Matrix (RTMs) and Security Assessment Re-ports (SARs).▪ Review and analyze Nessus Vulnerability and Compliance scans for possible remediation.▪ Assess systems of varying scope and complexity and comprised of various technologies. ▪ Create standard templates for required security assessment and authorization documents, including risk assessments, security plans, security assessment plans and reports, contingency plans, and security authorization packages▪ Provide weekly status reports on ongoing tasks and deliverables