Experience

D-Vine Consulting LLC

• IT Services and IT Consulting
• 1 - 100 Employee

• Information Security Analyst

  • May 2019 - Present

  • Categorize information system using appropriate standards and NIST guidance. • Developed and update system security plan (SSP) in CSAM to provide an overview of federal information systems security requirements and implementation of security controls. Maintain, review and update Information Security System documentations, includes but not limited to System Security Plan (SSP), Plan of Action & Milestone (POA&M), Contingency Plan (CP), Incident Response Plan. Perform Assessment and Authorization in compliance with FISMA/NIST Standards. Create Plan of Action and Milestones (POA&M) in CSAM base on the review of Security Assessment Report (SAR) and vulnerability scan report to track the remediation of identified vulnerabilities to closure. Ensure compliance with regulatory and statutory security requirements like NIST and FISMA in securing information systems. Show less



Vision's Soft Inc

• Information System Security Officer

  • Jul 2017 - May 2019

  Develop and maintain Authorization to Operate (ATO) package for information systems, review existing security artifacts to ensure they comply with organization’s information security requirements and make recommendations for mitigation. Develop and update system security plan (SSP) to provide an overview of federal information systems security requirements and implementation of security controls. Develop and provide input on existing documentation in compliance with security policies and agency guidance including FISMA and NIST special publications. Conduct Assessment and Authorization (A&A) package for General Support System and Major application using the NIST Risk Management Framework (RMF) to ensure compliance with the Federal Information Security Management Act (FISMA). Developed and maintained System Security Plan (SSP) and POA&M to obtain the authority to operate (ATO). Maintain, review and update Information Security System documentations, includes but not limited to System Security Plan (SSP), Plan of Action & Milestone (POA&M). Show less



Tightech Consulting LLC -

• Security Control Assessor

  • Mar 2015 - Jul 2017

  Assess security controls through document reviews, interviews, and tests to ensure compliance with FISMA and NIST standards and determine control effectiveness using NIST 800-53A. Develop and update the Security Assessment Report (SAR) to report system security posture. Analyze and Conduct risk assessment on all proposed and actual system changes. Re-assess remediated controls to validate the remediation status and control effectiveness. Reviewed vulnerability scan report to identify threats and risk to system as part of the assessment process. Show less



StraitSys

• United States
• IT Services and IT Consulting
• 1 - 100 Employee

• Help Desk Support

  • Feb 2012 - Mar 2015

  Assigned issues to appropriate support group for thorough support and prompt resolution. Researched and resolved technical issues maintain technical aptitude and support corporate initiatives and team department goals according to direction of management. Interacted with users to provide and process information in response to problems, inquiries, concerns and/or requests, collaborate with customers to resolve application, phone, printer, or computer problems in real time. Worked closely with clients and staffs to ensure smooth, uninterrupted operation of network client workstations, servers, and perform other assigned duties. Show less