Waqar Sultan

Bachelor's

Information Technology (IT)

Booz Allen Hamilton

Senior Cybersecurity consultant

Implementation and maintenance of the Risk Management Framework (RMF) for projects. ▪ Proficient in implementing and managing HIPAA-compliant policies and procedures. ▪ Proficient in implementing and maintaining policies and procedures for safeguarding PHI and PII ▪ Comprehensive understanding of the Health Insurance Portability and Accountability Act (HIPAA) rules and regulations ▪ Draft, review, and update Risk Management Framework (RMF) artifacts required for FISMA. ▪ Conducted comprehensive risk assessments to identify potential threats, vulnerabilities, and impacts. ▪ Developed and implemented security controls based on NIST SP 800-53 guidelines and industry best practices. ▪ Wrote security policies documentation governance for DoD major applications. ▪ Utilized eMASS database for all risk management. Used STIG viewer. ▪ Maintained documentation and records related to the RMF process, security controls, and compliance activities. ▪ Experienced in conducting risk assessments and audits to identify potential privacy and security vulnerabilities. ▪ Tracked, reported, and provided recommendations on Plan of Action & Milestones (POA&M) ▪ Knowledge of testing tools such as Nessus/ACAS, SCC, DISA STIGs / STIG Viewer, etc ▪ Implemented Vulnerability Management Function on sandbox networks: Discover, Prioritize, Assess, Report, Remediate, Verify ▪ Conducted vulnerability assessments with Nessus; remediated vulnerabilities.