Your Name

• Review IT security policy, procedure, standards, and guidelines in accordance with NIST guideline and security practices.
• Review System Security Plan (SSP)
• Develop plans of Action and Milestones (POA&M) to adhere to the changing requirements and ensure the changes are implemented accordingly.
• Conduct needed assessment of Cyber Security controls in difference networks to identify noncompliance and mitigate the vulnerabilities based on the criticality.
• Schedules, tracked and managed quarterly POA&M review processes
• Developed, reviewed, and assessed security Assessment and authorization (A&A) security documentation.
• Conduct Security assessment on assigned system to ensure FISMA compliance following NIST SP 800 publications especially NIST 800-53 .
• Prepared and reviewed Authorization to Operate (ATO) package (i.e. SSP, SAR, and POA&M) for major systems.
• Monitors controls post authorization to ensure continuous compliance with the security requirements.

Conducted security assessment interviews to determine the Security posture of the System

• Knowledge of third party tools such as ServiceNow ,and Jira.

• Coordinate employees awareness and training, conduct phishing campaign using tool like knowBe4.
• Review IT security policy, procedure, standards, and guidelines in accordance with NIST guideline and security practices.
• Review System Security Plan (SSP)
• Develop plans of Action and Milestones (POA&M) to adhere to the changing requirements and ensure the changes are implemented accordingly.
• Conduct needed assessment of Cyber Security controls in difference networks to identify noncompliance and mitigate the vulnerabilities based on the criticality.
• Schedules, tracked and managed quarterly POA&M review processes
• Developed, reviewed, and assessed security Assessment and authorization (A&A) security documentation.
• Conduct Security assessment on assigned system to ensure FISMA compliance following NIST SP 800 publications especially NIST 800-53 .
• Prepared and reviewed Authorization to Operate (ATO) package (i.e. SSP, SAR, and POA&M) for major systems.
• Monitors controls post authorization to ensure continuous compliance with the security requirements.
• Conducted security assessment interviews to determine the Security posture of the System

• Coordinate employees awareness and training, conduct phishing campaign using tool like knowBe4.
• Monitors, tracks, and reports control implementations.
• Optimization of Third-Party Risk Management Process (TPRM) to meet organization goal and Industry standard .
• Review and maintain policies and procedures to make sure it aligns with organization standard .
• Review vendor security questionnaire and supporting artifacts to evaluate vendor security posture.
• Complete inherent risk/ categorization /tiering of all newly submitted third parties/vendors.
• Collaborate with different teams and prospective third parties during vendor onboarding .
• Execute due diligence and ongoing monitoring of vendors.
• Stay informed about latest developments in vendor risk management field.
• Monitor risk findings, remediate resolution including development and execution of corrective action plans, and ensure follow-on reporting and monitoring.
• Prepare and complete risk assessments and assist with policy, regulatory and accreditation audit preparation.
• Coordinate employees awareness and training, conduct phishing campaign using tool like knowbe4.
• Knowledge of Tenable Nessus, and Qualys to perform vulnerability scanning.
• Review and refine vulnerability findings to reduce false positives and other issues.
• Communicate vulnerability findings to teams responsible for remediation.
• Prioritizing vulnerabilities discovered along with remediation timeline(s).
• Work with technical teams across organization to ensure assets are appropriately covered by Vulnerability Management program.
• Assess new vulnerabilities, investigate solutions, and recommend controls to minimize risks that could arise .