monitor_heart
Information Assurance Analyst Resume
Industry: Information Technology
SpiderID: 85168
Location: Linthicum, Maryland
Posted: 12/23/2025
Position Type: Full-Time Permanent
Available: 2 weeks
Desired Wage:
Work Auth: Yes
Job Level: Experienced with over 2 years experience
Travel: No
Degree: Bachelors
Relocate: No
Objective:
Innovative, award-winning, computer professional with comprehensive knowledge in cybersecurity, diverse programming and management experience focused on process improvement with an emphasis for sharing knowledge and experience with others. Proven ability to design effective software programs and resolve problems resulting in increased productivity and profitability. Continuously strives for and achieves exceptional service in exceeding career-orientated goals.
Experience:
* Develops and maintains system Configuration Management (CM) processes, procedures, and documentation in support of customer requirements. Develops internal configuration standards and trains others to use CM tools as required.
* Tracks and controls change to hardware, software, and documentation throughout the product lifecycle.
* Collaborates with project management and development teams to ensure proper change processes.
* Coordinates, records, and documents activities of the Configuration control Board.
* Implements, manages, and maintains the customer's CM database.
* Conducts audits to ensure compliance with CM policies.
* Provides status reports of all ongoing CM activities to the customer and management.
* Develops and maintains CM tools and support configuration identification, control, reporting, release, and delivery of
products and systems.
* Exercises creative thinking and ideation to advance business performance and deliver innovative, flexible, integrated
solutions to meet customer and changing business needs.
* Stays current on CM processes to provide input for selection and identification of hardware and software configuration
end items that meet customer standards.
* Serves as SCRUM Master in an Agile development environment.
* Obtained Authorization to Operate (ATO) for Risk Management Framework Security package for a client software enclave to allow the client to continue to serve its customers while migrating to a new hosting environment.
* Performed Information Assurance for client on multiple projects simultaneously by gathering and providing necessary information to create the security package for Authorizing Official review and approval.
* Performed Security Technical Installation Guide (STIG) evaluations for software implementation to ensure vulnerabilities are mitigated and don’t allow a way for adversaries to attack the applications.
* Created a STIG tracker to monitor progress on mitigating numerous software application vulnerabilities. This allowed management to evaluate progress of mitigating vulnerabilities across all applications.
* Created a STIG Comparison tool to determine if similar answers to STIGs exist across multiple applications. This tool allowed applications to be consistent in their answers to remediate STIGs and reduce time in addressing STIGs, if another team already had a solution.
* Created a tool to assist developers in addressing STIGs by focusing on consolidated data from multiple sources (scans and STIG checklists) that can be easily filtered. Developers used this tool to review code and determine if a specific vulnerability was fully resolved.
* Updated the Test Result Export and Implementation Plan files to create the System Security Plan and assist in documenting compliance of NIST controls. The Test Results and Implementation Plan are used to determine if vulnerabilities were addressed and to build the security package for review and approval.
* Met with multiple developer teams to discuss and assist in mitigating hurdles by providing an overarching view of progress and shared solutions on multiple applications.
* Led the Information Assurance (IA) weekly status meetings to provide Project Leads with updates on the progress accomplished in meeting the IA Risk Management Framework (RMF) goals.
* Served as the JIRA Administrator on a single project, which creates and tracks the project status using a Kanban board and Plans to report progress to upper management.
* Created Plan of Action and Mitigation (POAM) tracker to ensure all applications have addressed open POAMs before determining NIST control requirements have been resolved.
* Tracks and controls change to hardware, software, and documentation throughout the product lifecycle.
* Collaborates with project management and development teams to ensure proper change processes.
* Coordinates, records, and documents activities of the Configuration control Board.
* Implements, manages, and maintains the customer's CM database.
* Conducts audits to ensure compliance with CM policies.
* Provides status reports of all ongoing CM activities to the customer and management.
* Develops and maintains CM tools and support configuration identification, control, reporting, release, and delivery of
products and systems.
* Exercises creative thinking and ideation to advance business performance and deliver innovative, flexible, integrated
solutions to meet customer and changing business needs.
* Stays current on CM processes to provide input for selection and identification of hardware and software configuration
end items that meet customer standards.
* Serves as SCRUM Master in an Agile development environment.
* Obtained Authorization to Operate (ATO) for Risk Management Framework Security package for a client software enclave to allow the client to continue to serve its customers while migrating to a new hosting environment.
* Performed Information Assurance for client on multiple projects simultaneously by gathering and providing necessary information to create the security package for Authorizing Official review and approval.
* Performed Security Technical Installation Guide (STIG) evaluations for software implementation to ensure vulnerabilities are mitigated and don’t allow a way for adversaries to attack the applications.
* Created a STIG tracker to monitor progress on mitigating numerous software application vulnerabilities. This allowed management to evaluate progress of mitigating vulnerabilities across all applications.
* Created a STIG Comparison tool to determine if similar answers to STIGs exist across multiple applications. This tool allowed applications to be consistent in their answers to remediate STIGs and reduce time in addressing STIGs, if another team already had a solution.
* Created a tool to assist developers in addressing STIGs by focusing on consolidated data from multiple sources (scans and STIG checklists) that can be easily filtered. Developers used this tool to review code and determine if a specific vulnerability was fully resolved.
* Updated the Test Result Export and Implementation Plan files to create the System Security Plan and assist in documenting compliance of NIST controls. The Test Results and Implementation Plan are used to determine if vulnerabilities were addressed and to build the security package for review and approval.
* Met with multiple developer teams to discuss and assist in mitigating hurdles by providing an overarching view of progress and shared solutions on multiple applications.
* Led the Information Assurance (IA) weekly status meetings to provide Project Leads with updates on the progress accomplished in meeting the IA Risk Management Framework (RMF) goals.
* Served as the JIRA Administrator on a single project, which creates and tracks the project status using a Kanban board and Plans to report progress to upper management.
* Created Plan of Action and Mitigation (POAM) tracker to ensure all applications have addressed open POAMs before determining NIST control requirements have been resolved.
Education:
BBA Management Information Systems Loyola University of Maryland
Akylade Certified Cyber Resilience Fundamentals (A/CCRF) Cert No: 3B9ACA36 03/2024 – 03/2027
* Demonstrated foundational understanding of the NIST Cybersecurity Framework (version 2.0), including the core functions: Govern, Identify, Protect, Detect, Respond, and Recover.
* Focused on applying cyber resilience principles in business environments, stakeholder communication, and aligning cybersecurity strategies with organizational objectives.
Comptia Security+ 12/2024 – 12/2027
Akylade Certified Cyber Resilience Fundamentals (A/CCRF) Cert No: 3B9ACA36 03/2024 – 03/2027
* Demonstrated foundational understanding of the NIST Cybersecurity Framework (version 2.0), including the core functions: Govern, Identify, Protect, Detect, Respond, and Recover.
* Focused on applying cyber resilience principles in business environments, stakeholder communication, and aligning cybersecurity strategies with organizational objectives.
Comptia Security+ 12/2024 – 12/2027
Skills:
* Risk Management Framework (RMF) * National Institute of Standards and Technology (NIST) Requirements * Security Technical Implementation Guides (STIG) * STIG Viewer * eMASS * Information Assurance * AS9100 * Capability Maturity Model Integrated (CMMI) for Development and Services * Common Information Model (CIM) * Department of Defense Architecture Framework (DoDAF) * Earned Value Management * E-Commerce (Java, JavaScript, XML, Oracle, Perl, CGI) * HTML * Information Technology Infrastructure Library (ITIL) * ISO 9001:2000 * KONFIG * Microsoft Office Suite * Microsoft Project * Photoshop * Productivity Management * Rational ClearCase * SharePoint * Software Configuration Management * Stress Management * Team Foundation Server (TFS) * UNIX * Version Manager * Excellent verbal and written skills
Reference:
Available upon request.
Candidate Contact Information:
JobSpider.com has chosen not to make contact information available on this page.
Click "Contact Candidate" to send this candidate a response.
Click "Contact Candidate" to send this candidate a response.