Farid R Nia
Details
Computer Science with Cyber Security Focal Path
University of Virginia
2017 : 2019
Associate of Science - AS
Engineering
Northern Virginia Community College
2015 : 2017
o Protect the confidentiality, integrity, and availability of VA FSC security devices
o Complete all assigned Privacy Threshold Analysis (PTA) and Privacy Impact Analysis (PIA), in accordance with VA Directive 6508
o Provide expert privacy and security advice and consultation in the implementation and risk management of systems and devices contain VA sensitive information
o Work with the Cyber Security team and oversee the development, deploying, and maintenance of cyber security and Privacy systems for the protection of information assets
o Coordinate with Information System Security Officers and System Managers/System Owners to ensure that all data and associated risks are identified and documented in PIA
o Follow the implementation of the Risk Management Framework (RMF) steps and activities to perform the duties of a privacy officer
o Oversee, coordinate, and facilitate compliance efforts, including reviewing VA information privacy practices and procedures for relevance and completeness against privacy and security audits
o Develop and update Standard Operating Procedures (SOPs), policies, and procedures to ensure systems and data are safeguarded from unauthorized access and intrusion
2022 : Present
SAIC
Senior Information Security and Privacy Consultant
o Lead the security operations of five subsystems in cooperation with the DevOps teams, Project Managers, and System Owners
o Provide security and service analytics and compliance across each system and support the development of integrated operational and security dashboards
o Maintain accurate system inventories for information systems to include enterprise platforms/systems, hardware, and unique applications
o Work with the Penetration test team to identify vulnerabilities, remediation strategies, and implement effective safeguards
o Work with the Information Systems Security Manager and System Owners to develop, implement, and manage Plan of Action and Milestones (POA&M) for assigned systems
o Develop, establish, and manage service reporting systems, analysis and trending to Information System Security Managers and System Owners
o Support the collection and reporting of metrics/measures in data calls by the deadlines established by the Office of the Chief Information Security Officer
2020 : 2022
Booz Allen Hamilton (GSA)
Senior Information Security Consultant
Performed diagnosis and resolution of hardware and software issues in person, remotely and via phone.
Upgraded systems to enable compatible software including security applications such as antivirus
Kept systems up-to-date through OS upgrades and monitored networking equipment and servers
2016 : 2020
AMS Real Estate Services
IT Tech support (Remote/onsite)
Assisted with Service Organization Control (SOC) gap analysis and risk assessment
Assisted with performing SOC, Payment Card Industry (PCI) assessment and the related report writing
Researched Security Frameworks (including : SOC, PCI, NIST CSF, NIST 800-53, and ISO 27001)
Created cross mappings of Security Frameworks (including : SOC, PCI, NIST CSF, NIST 800-53, and ISO 27001)
2019 : 2019
Tevora
Consultant Development Program
Set up workstations with computers and installed appropriate software and functions
Ensured security and privacy of networks and computer systems
Performed troubleshooting to diagnose and resolve problems on all locations
Organized and scheduled upgrades and maintenance without deterring the business on all locations
2015 : 2016
Allied Rent A Car
IT Technician (Remote)
Skills
Active Directory, Amazon Web Services (AWS), Authentication Systems, C++, Computer Networking, Critical Thinking, Customer Service, Databases, Digital Signal Processing, General Data Protection Regulation (GDPR), Github, ISO 27001, Java, Leadership, Linux, Malware Analysis, Malware Detection, Management, Microsoft Office, MySQL, Network Security, Network Traffic Analysis, NIST 800-53, NIST CSF, Payment Card Industry Data Security Standard (PCI DSS), PhpMyAdmin, PKI, Programming, Python (Programming Language), Research, Reverse Engineering, Risk Assessment, Sales, Security Information and Event Management (SIEM), Snort, SOC 2, SQL, Teamwork, Threat & Vulnerability Management, Threat Analysis, VirtualBox, Vulnerability Research, Windows, Wireshark, x86 Assembly, Microsoft Excel, Microsoft Word, PowerPoint
About
In my journey from oil/gas safety to cyber security, I have come a long way. These roles might be different on the surface, but their fundamentals are the same. In both positions, my role is to stay vigilant and focused on protection of people and assets. I am ensuring all staff are meeting training requirements. I am also implementing inspection/testing and creating risk assessment and mitigation charts while making sure everyone is following proper regulations to promote safe working conditions.
Coming into a security role after five years of being a safety officer, I had the right mindset but I needed experience and the right knowledge. Working in IT support for several years and getting education in computer science with a focus in cyber security along with certificates such as Security+, CEH, and Cyber Threat Hunting Professional paved my way for this transition.
While not working, I am spending time in my small garden planting/nurturing and connecting with the nature while listening to my favorite audiobooks/podcasts along with versatile music genres including classic rock. I love hiking and camping in the wilds with my family and friends. I believe nature is my “Quantum of Solace.”
Profile Photo
