SUMMARY An Information Security Professional with proven experience in Risk Management Framework (RMF), Systems Development Life Cycle (SDLC), and Risk Assessment using industry frameworks such as OMB, FISMA, Health Insurance Portability and Accountability Acts (HIPAA), and applicable NIST special publications. Other areas of proficiencies include Customer Relation Management, Emotional Intelligent competencies and Team Building capabilities. SPECIALIZED SKILLS * Leadership/Management * Assessment and Authorization (A&A) of Information Systems * System Security Artifacts Documentation * POA&M Management * Risk Assessment & Management * Systems Development Life Cycle * Information Assurance PROFESSIONAL SUMMARY * Adequate understanding of Federal and international regulatory bodies such as Office of Management Budget (OMB), FISMA Reports, FedRAMP, PCI DSS and ISO. * In-depth knowledge of Risk Management Framework (RMF), Risk Assessment and Security Assessment and Authorization process (SA&A). * Experience reviewing and interpreting vulnerability scanning reports from Nessus etc. * Experience in the development of ATO Package Documents such as System Security Plans (SSP), SAR, POAM, and security documents such Contingency Plans, Incident Response Plans, PIA and Configuration Management etc. CURRENT PROJECT TRAK SYSTEM: Work as team lead in taking TRAK system through the ATO process using the six steps of Risk Management Framework (RMF). Employing applicable NIST Documents in assisting the client during the system categorization, selection of baseline security controls, implementation of security controls, security control assessment, authorization of the system to operate, and continuous monitoring of the system. Providing risk assessment and analysis consults during the RMF steps and SDLC phases of the system.

Highlights:

• Security
• System Security
• Connectivity
• Nessus
• Troubleshooting
• Assessments
• Information Security
• Monitoring
• Sar
• Systems Security