Experience

ORock Technologies, Inc.

• United States
• Information Technology & Services
• 1 - 100 Employee

• Vulnerability Management and Continuous Monitoring Analyst

  • Sep 2021 - Present

  As a Vulnerability Management Analyst for ORock Technologies, I served as a system administrator for Nessus Security Center, Burp Suite, and Crowdstrike. I ensured ORock is aware of current and emerging information security exploits, threats, and vulnerabilities by updating plugins and generating monthly initial, post-patching, and targeted (as requested by engineers or 3PAO) operating system (OS) scans, database scans and web application scans. In addition to running OS, database, and web application scans, I packaged ConMon (POAM, deviation request form with supporting evidence, vulnerability deviation request form, and risk matrix) and briefed sponsors and stakeholders monthly. Every year, I make sure that ORock passes the annual FedRAMp 3PAO audit with no high findings by performing live demonstrations of vulnerability scanning tools with assessors, answering questions and providing audit evidence and artifacts. Show less

• Cyber Security Compliance Analyst

  • Sep 2021 - Present

  As a Compliance Analyst at ORock Technologies, I ensured ORock is in compliance with FedRAMP standards by reviewing and updating security documentation and preparing for audits and annual assessments with 3PAO. I worked on SSP, SSP attachments and Policy and Procedures documents which are also used during the annual audit.