Analyst

Performed comprehensive vulnerability analysis of CMS enterprise systems and produced detailed reports on organizational security posture. Served as Tenable.SC Subject Matter Expert (SME), overseeing enterprise-wide supported enterprise-wide scanning, reporting, and remediation. Leveraged SQL queries to execute and validate vulnerability scans across major systems within CMS environments, improving detection accuracy and data integrity. Utilized tools including Splunk, Forescout, Nessus, Netsparker, Axonius, and DB Protect for continuous security monitoring and assessment. Developed standardized processes for risk acceptance, remediation tracking and security bulletin distribution. Conducted AWS and Oracle cloud vulnerability assessments to strengthen cloud security compliance. Mentored junior analysts, providing technical guidance and leading collaborative problem-solving meetings to improve team performance. Applied CVSS and CVE scoring methodologies for prioritizing remediation of critical vulnerabilities.

Categorized and monitored information systems using the CIA Triad. Reviewed vulnerabilities and assessed risk levels across enterprise systems. Applied RMF processes guided by NIST SP 800-37 and FISMA requirements. Maintained POA&M corrective logs and executed remediation plans. Conducted security policy reviews using Security Requirements Traceability Matrix (SRTM). Supported client security awareness training programs. Managed hardware/software inventory and password access controls. Assisted with communication management and business development support.