Uploaded File
add photo
Carmita
riveracrr@gmail.com
904-568-2300
unit - Joint Forces Headquarters J6
Jacksonville, FL 32202
Lead Sr. Analyst/SME5 (100% Remote)
12 years experience W2
0
Recommendations
Average rating
55
Profile views
Summary

Experience
Lead Sr. Analyst/SME5 (100% Remote)
Information Technology
Jun 2020 - present
Charleston, SC
Cybersecurity Risk Management Framework
  • Serve as Subject Matter Expert (SME) on one or more technologies/skills related to A&A activities
  • Conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs
  • Actively lead and participate in regular A&A status meetings with government SDD stakeholders and contract personnel to facilitate progress and address potential issues of RMF system efforts
  • Participate in sessions aimed at identifying, planning, and executing strategies in response to emerging cybersecurity/RMF policies
  • Develop, update, and/or review RMF documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessment Reports
  • Assess system compliance against NIST, DoD, and DHA security requirements to include the NIST 800-53 controls, and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
  • Produce evidence as necessary to support compliance status of NIST, DoD, and DHA security requirements
  • Work with system administrators, engineers, and developers to create or update system/site policies, procedures, and process guides
  • Submit weekly reports to DHA leadership regarding system/program status Tools utilized
  • eMASS, MS Teams
Compliance
Remove Skill
Cyber Security Analyst, Sr. (Contract)
Jun 2018 - Jun 2020
  • Contractor
  • Work as a 100% remote A&A Analyst assisting customer in preparing for Risk Management Framework (RMF) documentation to achieve Authorization To Operate (ATO).
  • Prepare Control Implementation Plans, validation plans and reports, system security plans, categorization memos, contingency plans, privacy impact assessments, plans of action and milestones (POA&Ms), and various other required artifacts of RMF.
  • Develop mitigations strategies for vulnerability scans and Security Technical Implementation Guides (STIGs)
  • Analyze vulnerability data and create/provide Information Assurance reports for packages utilizing tools such as eMASS, ACAS/Nessus, SCAP Compliance Checker Rollout Systems Jacksonville
Compliance Cyber Security Risk Management Security Analyst
Remove Skill
Class A CDL Driver
Oct 2014 - Jul 2015
Tucker, GA
No skills were added
Remove Skill
Oct 2014 - Oct 2014
Gastonia, NC
Martin Enterprises of the Carolinas Proficient in driving and conducting precautionary maintenance of semi - tractor trailers using air brakes with manual, as well as auto transmissions. Demonstrated ability to drive and safely deliver temperature controlled, and hazmat products throughout the country meeting delivery deadlines.
No skills were added
Remove Skill
Team Lead
Oct 2013 - Oct 2014
Jacksonville, FL
Identification Access Management
  • Manage and supervise the work of a continuously growing, globally located team of 8+ senior level analysts providing tier 2 user account administration support of specialized proprietary trade and sales banking software applications.
  • Assign and assure work and projects are completed in a timely manner.
  • Ensure confidentiality, integrity and availability authentication is being implemented for software applications supported.
  • Provide user administration of 40+ applications globally. Undertake specific functions within the relevant Service Management process as identified for the specific Service Management area.
  • Participate in regular meetings with stakeholders, prepare and document meetings, track progress.
  • Engage with other Service Management groups to understand business requirements. Perform review of specifications.
  • Collect, analyze and produce metrics on process data for KPIs to find improvements. Identify risks and issues related to the area. Provide governance to ensure appropriate planning and reporting.
No skills were added
Remove Skill
Systems Administrator
Information Technology
Apr 2013 - Oct 2013
Jacksonville, FL
  • Contractor
  • Support data splitting project. Create security groups in Active Directory. Complete data migrations and data backups/synchs.
  • Assign ntfs permissions for file shares. Responsible for port configurations on print servers. Platforms supported
  • Windows Server 2000, 2003, 2008r2 and 2012.
  • Provide tier 2/3 support for unresolved and escalated trouble tickets on Windows XP and Windows 7 workstations.
  • Tools/applications utilized: Remedy, Remote Desktop, SCCM remote console, Robocopy, Solarwinds
Data Migration Database Backups Project Management SolarWinds Windows
Remove Skill
Principal Analyst
Information Technology
Oct 2012 - Apr 2013
Huntsville, AL
  • Contractor
  • Provide Information Assurance support to Missile Defense Agency networks, Ballistic Missile Defense Systems, and Missile Defense test systems.
  • Provide the capability and expertise to implement DoD 8500.2, DoDI 8510.1, and other applicable Information Assurance directives, instructions, and guidelines support MDA coordination, management of IA programs at multiple locations with multiple security classifications, multiple networks, multiple enterprise applications, etc.
  • Conduct Controls Validation Tests, Certification and Accreditation, and risk assessments on weapons systems support Federal Information System Management Act (FISMA), Department of Defense Information Technology Portfolio Repository (DITPR), eMASS, and other IA risk management applications and compliance reporting systems.
Compliance
Remove Skill
contract
Information Technology
Jun 2011 - May 2012
Mclean, VA
Infinity Technology LLC
No skills were added
Remove Skill
Feb 2010 - Feb 2010
Last unit - Joint Forces Headquarters
No skills were added
Remove Skill
Edit Skills
Non-cloudteam Skill
Education
Computer Information Systems
Ivy Tech State College 2000
Certifications
Security+ CE, Network+ CE, Certified Ethical Hacker (CEH), Certified Security Compliance Specialist
ADDITIONAL SKILL SET: Risk Management Framework, Assessment & Authorization
Skills
Compliance
2021
3
Cyber Security
2020
2
Risk Management
2020
2
Security Analyst
2020
2
Data Migration
2013
1
Database Backups
2013
1
Project Management
2013
1
SolarWinds
2013
1
Windows
2013
1