Information Assurance Engineer Resume Samples

Description :

1. Assumed the role as Information Assurance Engineer to identify and resolved all vulnerabilities within network, ensured systems were in compliance with DIACAP and 8500 guidelines for Army Human Resource Systems (AHRS) program.
2. Maintained the Information Assurance Vulnerability Alert (IAVA's) that were released by the NOSC and reported all findings via NetOpsReporting (NRTool).
3. Managed over 75 user accounts in the Army Training Certification & Tracking System (ATCTS) and updated user profiles, verified training and ensured users were aware of the IA training they were required to complete Army Reg. 25-2 to remain IA compliant.
4. Led all phases of the ReAccreditation efforts; selected ACA, created SOP's and prepared a DIACAP package in which received a 3-year Authority to Operate (ATO).
5. Prepared a project plan to monitor scheduled task completions, tracked resources and maintained efficient reaccreditation efforts.
6. Led for System Center Configuration Management (SCCM) 2007 build process and requested port access.
7. Assisted with the re-accreditation Defense Information Assurance Certification Accreditation Package (DIACAP) package for new Approval to Operate (ATO) for all AHRS systems.
8. Ran all retina scans for all the servers at Ft.

Experience

2-5 Years

Level

Junior

Education

Bachelor's

Description :

1. Responsible for 31 platforms.
2. Conducted extensive manual security inspections on several servers with varying functionalities in both unclassified and TS enclaves.
3. Servers included web servers, hypervisors, database servers, and servers that host custom applications.
4. Utilized automated security scanning tools such as Retina Network Security Scanner, SPAWAR's SCAP Compliance Checker tool, and Nessus scanners.
5. Assisted in converting DIACAP documentation to RMF and NIST 800-53 standards covering systems in differing security enclaves.
6. Wrote bash scripts to ensure Red Hat systems comply with DoD STIGs.
7. Utilized multiple tools such as sed and awk, coupled with regular expressions, to modify the content of configuration files to the desired settings.

Experience

2-5 Years

Level

Junior

Education

Bachelor

Description :

1. Identified network vulnerabilities using scanning tools.
2. Coordinated with Information Assurance Officer (IAO) and Information Assurance Manager (IAM) to mitigate risks and improve security posture.
3. Certified FASFAC/SCORE network as (.mil), awarded Authorization to Operate (ATO).
4. Implemented security controls.
5. Acted as liaison for Defense Information Security Agency (DISA) generated analysis reports, and submitted Plan of Action and Milestones or DAA Risk Acceptance (DRA) reports.
6. Reviewed Security technical implementation Guides, NIST, and ISO standards.
7. Translated standards and incorporated them into the system as security controls.
8. Achieved regulatory compliance which lead to system certification and accreditation.
9. Planned risk reduction activities with Information Assurance Officer (IAO) and Information Assurance Manager (IAM).

Experience

10+ Years

Level

Senior

Education

Masters

Description :

1. Conducts network security monitoring and intrusion detection analysis using the Air Force's selected intrusion detection tool; ArcSight ESM 4.0.
2. Implements Network and Asset Models to build a custom business-oriented view within an ArcSight ESM environment.
3. Utilizes both standard and custom reference resources such as the online ArcSight Knowledge Base and Reference Pages available within the ArcSight ESM product to research and document selected events and event management processes.
4. Navigates the ArcSight ESM Console and Web Components to effectively Correlate, Investigate, Analyze, and Remediate both exposed and obscure vulnerabilities to give situational awareness and real time incident response.
5. Customizes an ArcSight ESM environment by creating Active Channels, Data Monitors, and Dashboards to visually manage security event data sources in an enterprise environment.
6. Utilizes ArcSight ESM Stock Content, such as standard Filters, Rules, Active Lists and Reports, which make ArcSight ready to use upon initial installation.
7. Designs and implements custom Filters, Rules, Session Lists and Active Lists, along with Integrated Case Management and Workflow, to identify, categorize, and, if needed, escalate events of interest and manage event data streams flowing into ArcSight ESM - Management and configuration of McAfee HBSS v.

Experience

2-5 Years

Level

Junior

Education

Bachelor's

Description :

1. Serves as an Information Assurance Engineer for the Directorate of Information Management, Information Assurance Division.
2. Monitors Network Security, Communication Security, and Information Systems Security for the Fort Bragg installation.
3. Provides guidance for the security of information processed stored and transmitted on the installation, tenant organizations and serves as liaison with customer organization on various IT related matters.
4. Provides monitoring of network resources IAW AR 25-2, AR 25-1 and AR 380-53.
5. Works with Army and Regional Emergency Response Team (ACERT and RCERT) to support computer network attacks and computer network defense efforts.
6. Aided in the investigation of security violations, recommends corrective actions and submit reports.
7. Received reviews and disseminates Information Assurance Vulnerability Alert (IAVA) messages.

Experience

5-7 Years

Level

Executive

Education

B.A.

Description :

1. Oversees the Enterprise Service Operation Center (ESOC).
2. Improves network security and the operational sustainment of Navy Medicine global networks.
3. Monitors analyzes, detects, and responds to unauthorized activity within the DOD Information system and computer networks.
4. Responsible for providing Tier III support for NMED Perimeter Protection network devices.
5. Analyzes IDS output logs to identify and report MHS network vulnerabilities and network attacks.
6. Extensive knowledge analyzing network devices logs in multiple formats and programs.
7. Adjusts the IDS configuration parameters to reduce the number of false-positive detections.

Experience

7-10 Years

Level

Management

Education

B.S.

Description :

1. Restricted, and Extranet domains.
2. Handled day to day policy changes.
3. Transferred Avecto from a GPO to ePO based policy deployment method.
4. Originated the Avecto Least Privilege program for Servers into the LMDC (Data Center) environment.
5. Reduced the number of local admin accounts by utilizing Avecto Least Privilege.
6. Enterprised Point of Contact for CyberArk.
7. Created new password management solutions to suit customer needs.
8. Implemented CyberArk into Canadian, Australian, and extranet domains.

Experience

2-5 Years

Level

Junior

Education

A.S.

Description :

1. Analyzed system logs and firewall logs and IDS/IPS alarms using ArcSight for low level analysis.
2. Executed robust alarm and event isolation techniques to implement event mitigation for security threats.
3. Provided analysis and developed reporting metrics standards supporting findings and mitigation actions.
4. Accomplish technical leadership for incident response and resolution team in a technical, hands-on role.
5. Performed detailed investigations, response, resolution identification, and root cause analysis.
6. Review and recommend the installation, modification or replacement of hardware or software components and any configuration changes that provide an improved operational security posture.
7. Provided senior management with recommendations for additional controls to prevent future incidents.

Experience

5-7 Years

Level

Executive

Education

M.S.

Description :

1. Collaborated with VA security professionals, stakeholders, and vendors to supported the VA's information security requirements.
2. Developed and maintain security artifacts, regional security policies and procedures, open, update and close POA&Ms and provided recommendations for the improvement of the VA's continuous monitoring and A&A process.
3. Focused primarily on determination, assessment and documentation of security requirements, and less on system configuration and testing.
4. Experienced with the NIST A&A process and supported the development of security documentation compliant with VA 6500 and NIST 800 series of Special Publications (SPs) using Microsoft Office.
5. Ensured compliance with NIST Special Publication 800-53.
6. Developed and analyzed Risk-Based Decisions (RBD's).
7. Operated effectively in a Government customer environment Assess the Cyber Security risk of IT systems documenting them in formal risk assessments and supporting artifacts associated with the A&A process.

Experience

10+ Years

Level

Senior

Education

Bachelor's

Description :

1. Focused on the development, operation, management, and enforcement of IA for systems and networks.
2. Facilitated the development, risk analysis, and vulnerability remediation to help programs maintain an acceptable security posture.
3. Collaborated closely with data owners, information system owners, and users to ensure secure use and operation of information systems and networks.
4. Ensured application of IA policies, principles, and practices in the delivery of organization information technology services.
5. Assessed and helped direct the implementation of identified system patches and fixes associated with technical vulnerabilities.
6. Identified and applied the appropriate level of recommended remediation to system weaknesses or vulnerabilities.
7. Performed risk identification, assessment, response, coordination and monitoring of risks to support risk management activities at all phases of the SDLC.

Experience

5-7 Years

Level

Executive

Education

Bachelors