Jabran Malik

Jabran Malik has a strong background in security analysis and compliance. Jabran has experience managing various applications and infrastructure systems under the Continuous Monitoring phase of RMF (Risk Management Framework) for multiple organizations, including the Department of Justice, the Bureau of Indian Affairs, and the Environmental Protection Agency.

Jabran's work involves developing security authorization packages using standardized approaches and documentation in compliance with government standards such as NIST, FISMA, OMB, and various agency-specific guidelines. Jabran is skilled in working with NIST Special Publications, including 800-37, 800-53, 800-53A, 800-60, 800-18, 800-30, and FIPS guidelines.

In addition to their compliance work, Jabran performs security testing and evaluation using NIST's 800-53A, conducts vulnerability and compliance scans, and analyzes results for false positives. Jabran also conducts overall security assessments of data, system, network, and personnel.

Jabran has experience preparing Security Authorization Reports (SARs) and reviewing findings with system owners for remediation or acceptance. Jabran has worked with various security tools, including Nessus, and has expertise in developing policies and procedures based on NIST requirements and agency-specific standards.

Before joining The Efiia Group in 2019, Jabran worked at Senet International as a Senior Security Analyst, where they managed applications and infrastructure systems under the Continuous Monitoring phase of RMF for the Bureau of Indian Affairs. Prior to that, they worked at the US Department of Transportation as a Senior Security Analyst, handling FISMA compliance oversight activities.

Jabran's earlier experience includes roles at Project Performance Corporation, where they managed applications and infrastructure systems for the Environmental Protection Agency and the US Patent and Trademark Office, and at XaSystems Corporation, where they supported FISMA compliance oversight for the US Department of Agriculture.

Before that, Jabran worked at Hewlett-Packard as an Information Systems Security Officer, where they conducted vulnerability assessments, developed policies and procedures, and monitored system security.

Overall, Jabran Malik's extensive experience in security analysis, compliance, and risk management make him a valuable asset in ensuring the security and resilience of organizations' information systems.

Jabran Malik earned a Bachelor's degree in Information Technology from Western Governors University, where they studied from 2012 to 2017. Prior to that, they attended James Madison High School, but no degree or field of study information was provided for this period.

In terms of certifications, Jabran obtained the following:

- Amazon Web Services Solutions Architect Associate from Amazon Web Services (AWS) in June 2020.

- Professional Scrum Master 1 from Scrum.org in August 2019.

- COMPTIA Advanced Security Practitioner from CompTIA in May 2015.

- Database Design Specialist from CIW in May 2015.

- Windows Server Administration Fundamentals from Microsoft in May 2015.

- Network+ from CompTIA in March 2015.

- MTA Database Fundamentals from Microsoft in June 2014.

- ITIL V3 from PEOPLECERT in May 2014.

- Web Design Specialist from CIW in November 2013.

- Certificate of Cloud Security Knowledge (Guidance V3.0) from Cloud Security Alliance in March 2013.

- Security+ from CompTIA in February 2013.

- A+ from CompTIA in December 2012.

- Web Foundations Associate from CIW in December 2012.

- Certified Information Systems Security Professional (CISSP) from (ISC)² in May 2021.

- AWS Certified Developer - Associate, certification institution not provided, in November 2018.

- ITIL Foundation Level 4 from PeopleCert in September 2019.

- Certified Data Privacy Solutions Engineer, specific details not provided.

- Project+, specific details not provided.

- Windows Operating System Fundamentals, specific details not provided.

Please note that some certification details, such as the institution or the month and year of obtention, were not provided for certain certifications.