Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Edward Coleman

Colorado Springs,CO

Summary

An experienced Information Security Analyst knowledgeable in Security Assessment, implementation of the Risk Management Framework (RMF) Steps, applicable OMB policy, and NIST guidelines and standards on Federal Information Systems to ensure compliance with FISMA. Ability and knowledge to utilize security controls to mitigate vulnerabilities to achieve confidentiality, integrity, and availability of organizational information, and information systems; integrating risk management activities into organizational processes and System Development Lifecycle (SDLC) - Strong work ethics, detail-oriented team player with excellent interpersonal communication and presentation skills. IT professional with 3 years of experience developing and implementing security solutions in fast-paced environments. Skilled in SSP, SAR and POA&M with proven history of delivering exceptional risk management support.

Overview

3
3
years of professional experience
1
1
Certification

Work History

Information Security Analyst (Remote)

Inter-Con Systems Inc
06.2022 - 06.2024
  • Reviewing, maintaining, and ensuring all Assessments and Authorizations (A&A) documentation are included in system security package.
  • Conducting security assessment interviews to determine Security posture of System and to develop Security Assessment Report (SAR) in completion of Security Test and Evaluation (ST&E) questionnaire using NIST SP 800-53A required to maintain Company Authorization to Operate (ATO), Risk Assessment, System Security Plans, and System Categorization.
  • Performing information security risk assessments and assisting with internal auditing of information security processes.
  • Assessing threats, risks, and vulnerabilities from emerging security issues and also identified mitigation requirements.
  • Developing and conducting ST&E (Security Test and Evaluation) according to NIST Special Publications.
  • Providing recommendations regarding selection and implementation of controls that apply security protections to systems, processes, and information resources using NIST 18 family of security controls.
  • Working with support and security coordination team to ensure compliance with security processes and controls.
  • Developing Security Authorization documents and ensuring System Security Plan, Security Assessment Plan, Plan of Action and Milestones (POA&M), Contingency Planning and artifacts are maintained and updated in accordance with NIST guidelines.
  • Assisting System Owners and ISSO in preparing Assessment and Authorization Package for IT systems, ensuring management, operational and technical security controls adhere to formal and well-established security requirement authorized by NIST SP 800-53.
  • Reviewed violations of computer security procedures and developed mitigation plans.
  • Monitored computer virus reports to determine when to update virus protection systems.

Information Security Analyst

Howard County Government
01.2021 - 06.2022
  • Designated systems and categorized its C.I.A using FIPS 199 and NIST SP 800-60.
  • Conducted Self-Annual Assessment (NIST SP 800-53A).
  • Performed Vulnerability Assessment and ensured that risks were assessed, evaluated and proper actions were taken to limit their impact on Information and Information Systems.
  • Developed System Security Plan (SSP), Security Assessment Report (SAR) and POA&Ms that were presented to Designated Approving Authorizing Official (AO) in order to obtain authority to operate (ATO).
  • Conducted periodic IT risk assessment and reviewed security controls for any deficiencies in accordance with NIST 800-53AR4.
  • Developed POA&M for deficient security controls reported to Information System owner for appropriate mitigation actions.
  • Conducted security controls assessment to ensure controls are implemented to comply with standards.
  • Initiated and led information security awareness and training program in order to inform employees of their roles in maintaining matured security posture.
  • Contributed in weekly change management meetings in order to evaluate change requests (systems or application) that could lead to approval or denial of requests, validated testing results from testing environments and promoted changes to production environment.
  • Conducted weekly review of security logs and vulnerability scans on Operating Systems, Databases, and Applications.
  • Identified, respond to, and report security violations and incidents as encountered to ensure that senior management is kept apprised of all pertinent security systems issues.
  • Performed library functions such as archiving and filing of final SA and RA documents, Process/Procedure documents, inventory and maintenance.
  • Validated and remediated vulnerabilities.

Education

Bachelor of Arts - Criminal Justice

University of Maryland - College Park
College Park, MD
05.2011

Skills

  • Vulnerability Management
  • Assessment
  • FISMA
  • NIST Special Publications
  • Risk Management Framework RMF
  • Customer Service/ Client Relations
  • Risk Assessment
  • Authorization Package (SSP, SAR, POA&M)
  • Customer Service
  • Data Security
  • Deadline-Driven
  • Microsoft Hyper-V Server
  • Professional Appearance

Certification

  • CompTIA Security+
  • Oracle Certified Associate (OCA)
  • Oracle Certified Professional (OCP)
  • Certified Information System Security Professional (CISSP) In-view
  • Governance Risk and Compliance (GRC) In-view


Timeline

Information Security Analyst (Remote)

Inter-Con Systems Inc
06.2022 - 06.2024

Information Security Analyst

Howard County Government
01.2021 - 06.2022

Bachelor of Arts - Criminal Justice

University of Maryland - College Park

Similar Profiles

  • Andre Alvarado

    Andre AlvaradoAndre Alvarado

    Unarmed Security Officer at Inter-Con Security Systems Inc.Unarmed Security Officer at Inter-Con Security Systems Inc.

  • Tyler Bradley

    Tyler BradleyTyler Bradley

    Security Officer at Inter-Con Security Systems Inc.Security Officer at Inter-Con Security Systems Inc.

  • Osvaldo Gutierrez

    Osvaldo GutierrezOsvaldo Gutierrez

    Security Officer at Inter-Con Security Systems Inc.Security Officer at Inter-Con Security Systems Inc.

  • JANET C. CALKINS

    JANET C. CALKINSJANET C. CALKINS

    Chief, Executive Actions, Commanders Action Group (TS/SCI) at Headquarters Space Operations CommandChief, Executive Actions, Commanders Action Group (TS/SCI) at Headquarters Space Operations Command

  • Amy Wall

    Amy WallAmy Wall

    Adjoint Instructor at University of DenverAdjoint Instructor at University of Denver

CREATE PROFILE
Edward Coleman