Security Information

OLUSEYI ADELEGAN

**** ******* ***** ***********, ** 20785

Cell Phone: 240-***-****

Email: *********@*****.***

PROFESSIONAL SUMMARY

Result-oriented Information Security Analyst with extensive experience in Risk Management Framework (RFM) and Federal Information Security Management Acts (FISMA) focusing on Confidentiality, Integrity, and Availability of Information System. Proficient in implementing cost effective controls to meet corporate security requirements. Energetic, resourceful, innovative and team player attracted to challenging opportunities with excellence communication and abilities to meet customer expectations in providing quality management system services.

EDUCATION/CERTIFICATION

BS. Computer Science, Fed College Abeokuta, Nigeria 1999

A.A.S Information Technology, Prince George’s Community College 2017

CERTIFICATION

CompTIA Advanced Security Practitioner CE (CASP) COMP001020804895 2016

CompTIA Security+ CE COMP001020804895 2016

CompTIA+ C COMP001020804895 2015

SKILLS

Information Assurance

FISMA, RMF, and NIST 800 – Series

ISO 9001 training

Project Management and Support

System Development Life Cycle (SDLC)

OMB A-130 Appendix III, FISMA, NIST SP 800-37 rev1, 800-53rev4, 800-53A, 800-30, 800-18, 800-60, FIPS 199, and FIPS 200

Strong work ethics, ability to work independently and collaboratively.

CORE COMPTETENCIES

Extensive experience with NIST Publications SP 800-18, SP 800-37 rev 1, SP 800-53 rev 4, SP 800-53A, SP 800-60, FIPS 199 and FIPS 200.

Proficient use of Cyber Security Assessment Management (CSAM) tools version 3.0 for security assessment.

Performs Security Control Assessment with NIST security baseline.

Updates System Security Plan (SSP) and selects security baseline in accordance with NIST, FISMA, and OMB A – 130 Appendix iii.

Develops, reviews, and updates Security and Privacy Control Policies, Procedures, and Standards guidelines according to Department and Federal requirement.

Monitors security control post authorization to ensure continuous compliance with the security requirement.

Performs risk assessments, develops, reviews, and updates System Security Plan (SSP) and Plan of Action and Milestones (POA&M).

Coordinates and manages team activities during assessment engagements.

Conducts internal and external security audits

EXPERIENCE SUMMARY

Scientific Systems & Software International (SSSI), Baltimore, MD

Information Security Analyst

January 2016 – Present

Performs security control assessment for Department of Labor on Mine Safety and Health Administration (MSHA) Standardized Information System (MSIS) with NIST800-53A.

Conducts interview with MSIS Information System Owner (ISO), Information System Security Officer (ISSO), and Privacy Officer.

Reviews and updates MSIS security controls policies, procedures, and standards guidelines according to Federal and Department requirements.

Develops, reviews, and updates System Security Plan (SSP) for MSHA Standardized Information System (MSIS) Major Application based on the security control baseline (NIST 800-53 rev4 and NIST 800-18).

Uploads MSHA Standardized Information System (MSIS) Assessment Result into CSAM Version 3.0.

Develops, reviews, and updates MSIS Plan of Action and Milestones (POA&M).

Reviews MSIS Privacy Threshold Analysis (PTA) and Privacy Impact Assessment (PIA).

Prepares MSIS authorization packages which include SSP, SAR, and POA&M.

Cybersoft Technologies Corporation, Lanham, MD

IT Compliance Analyst

November 2014 – January 2016

Categorized Legal Employee Access Privacy System (LEAPS) information based on FIPS 199 (Standards for Security Categorization of Federal Information and Information Systems) and NIST 800-60 Vol I & II.

Selected and applied appropriate information security controls for LEAPS System based on FIPS 200 (Minimum Security Requirement for Federal Information and Information System), NIST special publications 800-53 rev4 (Security and Privacy Control for Federal Information Systems and Organizations), and OMB A-130 Appendix iii.

Reviewed and updated LEAPS Plan of Action and Milestones (POA&M)

Coordinated and managed team activities during assessment engagement.

Performed security assessment on LEAPS system with NIST 800-53A

Monitored LEAPS security control post authorization to ensure continuous compliance with the security requirement.

Developed, reviewed, and updated LEAPS System Security Plan using NIST 800-18.

Reviewed and updated LEAPS Security Controls Policies, Procedures, and Standards.

.

Prince George’s Community College, Largo MD

Tech Support

June 2013 – May 2014

Documented speech software and hardware problems reported by the users.

Monitored and evaluated web content and back-up system

Trouble shoots speech software for students.

Trained and instructed students on how to use the software.

Maintained daily performances of the speech software and computer.

Maintained proper documentation of activities in the lab.

Informed supervision of any reoccurring problems with the speech software and hardware.

Atman Printing Limited, Lagos, Nigeria

Data Analyst

March 2000 - July 2009

Handle and maintained confidentiality of PII documents.

Developed, implemented data collection and increased statistical efficiency of its quality.

Collaborated with departmental heads to modify and improve overall monitoring of the information system.

Managed relationships and service level with business partners

Conducted inventory and documentation of routine actions.

Contact this candidate