Description :

1. Managed comprehensive security measures to protect the confidentiality, integrity, and availability of Sports Authority data from external threats.
2. Utilized a defense-in-depth strategy to identify and mitigate potential vulnerabilities within the infrastructure.
3. Served as the primary IT security lead on projects, creating automated solutions that integrated security architecture from the ground up.
4. Performed thorough application security assessments, identifying and addressing threats prior to deployment.
5. Promptly remediated security vulnerabilities in production environments, minimizing risks to organizational data.
6. Conducted continuous monitoring of network systems to detect and respond to malicious activities.
7. Successfully thwarted numerous cyber attacks through proactive security measures and threat intelligence analysis.

Experience

0-2 Years

Level

Entry Level

Education

B.S. IT

Description :

1. Executed security control assessments to evaluate the effectiveness of technical, operational, and management security controls.
2. Authored detailed risk assessment reports identifying potential threats and vulnerabilities, providing actionable recommendations for mitigation.
3. Contributed to the development of a continuous monitoring strategy to maintain ongoing awareness of security threats.
4. Evaluated security controls to inform organizational risk management decisions, ensuring compliance with regulatory requirements.
5. Collaborated with stakeholders to conduct privacy threshold analyses and privacy impact assessments.
6. Formulated system security plans detailing federal security requirements and corresponding controls.
7. Developed security standards and guidelines to maintain compliance with FISMA and NIST standards.

Experience

7-10 Years

Level

Executive

Education

B.S. InfoSec

Description :

1. Developed and maintained information security policies and plans aligned with NIST, FISMA, and OMB standards.
2. Implemented security controls for federal information systems, adhering to NIST 800-37 and SP 800-53 guidelines.
3. Provided expert guidance during security assessments, analyzing business system needs for authorization and accreditation.
4. Conducted Security Control Assessments (SCA) and continuous monitoring in compliance with NIST SP 800-53A.
5. Validated information system security plans to ensure adherence to NIST control requirements.
6. Generated comprehensive SCA documentation including Security Assessment Reports (SAR) and reviewed logs for compliance.
7. Regularly updated AAMP packages to ensure seamless security control assessments and compliance with federal standards.

Experience

7-10 Years

Level

Consultant

Education

M.S. Cybersecurity

Description :

1. Provided expert guidance on security assessments, enhancing compliance with NIST standards.
2. Collaborated in IT security team meetings to shape enterprise security architecture.
3. Executed assessment protocols in accordance with NIST SP 800-53A, ensuring adherence to cybersecurity policies.
4. Validated security plans against NIST control requirements and drafted comprehensive assessment documents.
5. Supported artifact collection and guided clients on meeting assessment criteria.
6. Reviewed security logs to identify anomalies, ensuring compliance with established protocols.
7. Coordinated with IT teams to ensure timely implementation of security controls.

Experience

2-5 Years

Level

Junior

Education

B.S. in Info Sec

Description :

1. Implemented robust security controls to safeguard sensitive data and resources.
2. Conducted comprehensive risk assessments to minimize security and legal exposure.
3. Performed vulnerability scans on systems to identify and remediate risks.
4. Monitored security logs to detect and respond to suspicious activities.
5. Managed web security gateways to control user access and mitigate threats.
6. Executed quarterly user access reviews to enforce strict access controls.
7. Reviewed and updated security policies to align with regulatory requirements.

Experience

10+ Years

Level

Consultant

Education

MS

Description :

1. Administered identity and access management lifecycle, ensuring compliance across enterprise systems using SailPoint.
2. Collaborated with developers and IT teams to integrate new applications into the identity management platform.
3. Monitored identity controls and conducted risk assessments to identify compliance gaps.
4. Managed role-based access control and access requests, ensuring adherence to security policies.
5. Created, modified, and deleted user accounts and privileges in Windows environments via Active Directory.
6. Configured access permissions for security groups across applications and network resources.
7. Automated repetitive tasks using VBScript, enhancing operational efficiency.

Experience

10+ Years

Level

Management

Education

Bachelor Of Engineering

Description :

1. Led information security projects ensuring timely delivery, budget adherence, and quality standards.
2. Evaluated security impacts of new initiatives and provided guidance to maintain security posture.
3. Managed implementation and maintenance of identity management solutions, enhancing user access security.
4. Directed user provisioning and role evaluations, producing entitlement reports for compliance reviews.
5. Acted as a subject matter expert in security discussions with stakeholders and vendors.
6. Ensured compliance with SOX controls, executing security measures consistently.
7. Developed and updated security policies to address evolving threats and business needs.

Experience

10+ Years

Level

Consultant

Education

BS

Description :

1. Collaborated with cross-functional teams to assess and enhance security protocols for Unix server environments.
2. Documented and analyzed current access structures, translating business requirements into effective security solutions.
3. Provisioned new access requirements based on job roles, ensuring secure server communications and account management.
4. Prepared documentation and support files for server migration, ensuring compliance with security standards.
5. Provided on-site support during scheduled migrations, representing the security management team.
6. Resolved post-migration access issues, ensuring minimal disruption to business operations.
7. Tracked and reported on privileged access reductions to meet project compliance goals.

Experience

2-5 Years

Level

Junior

Education

BSc Cybersecurity

Description :

1. Participated in risk assessment meetings to identify vulnerabilities and develop mitigation strategies.
2. Updated System Security Plans (SSP) in compliance with NIST SP 800-18, enhancing security documentation.
3. Reviewed and evaluated security controls to protect organizational data effectively.
4. Applied ISO and COBIT standards to maintain acceptable risk levels within information systems.
5. Developed and enforced policies for management, operational, and technical security controls.
6. Conducted network configuration audits to ensure compliance with regulatory standards.
7. Provided expert analysis on security systems, offering recommendations for improvements.

Experience

2-5 Years

Level

Junior

Education

BSc Cybersecurity

Description :

1. Conducted comprehensive audits of firewall configurations using SolarWinds FSM, ensuring compliance with change control protocols.
2. Managed nodes, rules, and user access in SolarWinds LEM, enhancing security event monitoring and response.
3. Performed vulnerability assessments on servers and network devices using QualysGuard, identifying and mitigating risks.
4. Analyzed web application vulnerabilities with QualysGuard WAS, providing actionable remediation strategies.
5. Monitored endpoint security across devices using Sophos, enforcing policies for antivirus and malware protection.
6. Implemented encryption and device protection policies with Sophos, safeguarding sensitive data across the organization.
7. Configured Barracuda WAF to protect web applications, optimizing security settings and blocking malicious traffic.

Experience

10+ Years

Level

Management

Education

M.S. Cybersecurity

Description :

1. Installed and configured Security Content Automation Protocol (SCAP) software to enhance system security.
2. Applied Microsoft and Windows updates to ensure compliance with security standards.
3. Executed SCAP protocol, documenting vulnerabilities for management review and policy compliance.
4. Utilized configuration management checklists to assess and manage security configurations across devices.
5. Conducted automated network vulnerability scans and configuration assessments to identify security gaps.
6. Compiled data from Information Assurance Vulnerability Alerts (IAVAs) to inform security strategies.
7. Monitored and reported IT security violations, ensuring prompt remediation.

Experience

2-5 Years

Level

Entry Level

Education

BSc Cybersecurity

Description :

1. Acted as a Subject Matter Expert in IT risk management, guiding projects to enhance security posture.
2. Collaborated with business units to evaluate the impact of strategic decisions on security risks.
3. Conducted audits and documented compliance with security policies across departments.
4. Developed and maintained security dashboards to monitor compliance and risk metrics.
5. Designed management reports to provide insights into security performance and vulnerabilities.
6. Led the implementation of the Archer SmartSuite framework for risk management.
7. Revamped the vulnerability management program, improving tracking and reporting of security issues.

Experience

10+ Years

Level

Management

Education

M.S. Cybersecurity

Description :

1. Served as a key liaison to integrate cybersecurity efforts across federal energy regulatory bodies.
2. Reviewed and enhanced FISMA compliance measures, leading to improved governance initiatives.
3. Developed and executed a comprehensive anti-phishing training program, increasing user awareness.
4. Authored a detailed SOW for external vendors to conduct penetration testing on critical networks.
5. Evaluated cloud service providers for security accreditation and operational authority.
6. Established new SOPs for Security Operations Center, enhancing daily operational efficiency.
7. Analyzed DHS cybersecurity assessments to identify and remediate vulnerabilities in systems.

Experience

7-10 Years

Level

Management

Education

M.S. Cybersecurity

Description :

1. Led security certification projects, ensuring compliance with industry standards and regulations.
2. Verified policies and controls in alignment with ISO 27001, ISO 9001, and PCI standards.
3. Organized documentation for PCI and ISO certifications, streamlining the audit process.
4. Identified security gaps in internal policies, enhancing overall security framework.
5. Conducted audits to pinpoint process improvements, increasing operational efficiency.
6. Built strong relationships with internal and external stakeholders to foster a security-first culture.
7. Managed certification body relationships, overseeing audit scheduling and compliance activities.

Experience

7-10 Years

Level

Senior

Education

BS

Description :

1. Conducted thorough risk assessments for various business units, effectively identifying and classifying critical assets.
2. Developed comprehensive risk registers detailing threat events, vulnerability levels, and mitigation strategies.
3. Selected and implemented controls based on cost-benefit analyses, successfully reducing overall risk exposure.
4. Performed ISMS audits, including network and data center evaluations, ensuring compliance with internal policies and external regulations.
5. Facilitated kick-off and closing meetings, ensuring effective communication and documentation throughout the audit process.
6. Executed GAP analyses to identify weaknesses in security controls, leading to actionable recommendations for improvement.
7. Monitored system logs and alerts, proactively identifying potential security incidents and ensuring timely response.

Experience

2-5 Years

Level

Executive

Education

B.S. Info Sec.

Description :

1. Managed asset reporting and ensured compliance with security standards.
2. Conducted detailed analysis of complex security threats and vulnerabilities.
3. Performed security audits and assessments to identify risks and recommend improvements.
4. Reviewed and analyzed legislation impacting information security protocols.
5. Developed incident response strategies and coordinated security operations.
6. Maintained security documentation and compliance records.
7. Provided cybersecurity training and awareness programs for staff.

Experience

7-10 Years

Level

Management

Education

B.S. Info Sec

Description :

1. Collaborated with IT teams to identify and mitigate vulnerabilities in network and application systems.
2. Conducted security impact analyses for configuration changes and system updates.
3. Reviewed and updated key security documentation including SSP and Risk Assessment Reports.
4. Monitored and reported on remediation efforts for vulnerabilities identified via scanning tools.
5. Maintained system security documentation in accordance with NIST and agency policies.
6. Managed user accounts to ensure compliance with security policies and procedures.
7. Provided training and guidance on security best practices to enhance organizational awareness.

Experience

10+ Years

Level

Senior

Education

B.S. Cybersecurity

Description :

1. Oversaw the management of security controls, ensuring compliance with industry standards and best practices.
2. Conducted comprehensive risk assessments to identify vulnerabilities and implement mitigation strategies.
3. Developed and maintained security policies, procedures, and documentation to enhance organizational security posture.
4. Collaborated with cross-functional teams to implement security measures across various platforms.
5. Managed incident response efforts, leading investigations and remediation of security breaches.
6. Trained and mentored junior analysts, fostering a culture of security awareness within the organization.
7. Utilized advanced tools for threat analysis and vulnerability scanning to proactively address security risks.

Experience

10+ Years

Level

Senior

Education

M.S. Info Sec

Description :

1. Developed and enforced security policies for web services, ensuring compliance with NIST standards.
2. Guided project management teams in achieving NIST 800-53 compliance for various systems.
3. Produced and presented project status reports to senior leadership, enhancing transparency.
4. Evaluated and recommended new security products for integration into the security infrastructure.
5. Managed the Assessment and Authorization (A&A) process, ensuring timely approvals.
6. Led incident response efforts, utilizing SIEM tools to analyze and mitigate threats effectively.
7. Conducted regular security audits, identifying and remediating vulnerabilities proactively.

Experience

10+ Years

Level

Senior

Education

M.S. Cybersecurity