ADESANYA SIJUWADE

678-***-****

ad2tdz@r.postjobfree.com

**** ************* **, *************, ** 30127

OBJECTIVE

Experienced and knowledgeable information security professional with security strategies in developing and securing enterprise data and application, providing effective solutions to safeguard business continuity. Very knowledgeable and experienced with security concepts, policies, and regulations.

SKILLS & ABILITIES

Information Assurance, cyber security,

Software

Incident Response, Disaster planning & recovery

Wireshark, MacAfee

Vulnerability Assessment, POA&M, Security Assessment, HIPAA, COBIT, ISO

Big Fix, CyberArk, Nessus, ePO, Splunk and ForeScout

NIST 800 34, 37,53, 54, GRC, EO, FISMA, RMF, Risk Vision,

VMware, Amazon Web Services (AWS) Google

FedRAMP, Cloud, office 365, SaaS, PaaS, IaaS

Private, community, Hybrid & public cloud

EXPERIENCE

March 2019 – Present Information Assurance Analyst

Onmax Solution, Bowie, MD

•Determined enterprise information assurance and security standards.

•Developed and implements information assurance/security standards and procedures.

•Coordinated, developed, and evaluated security programs for the organization.

•Recommended information assurance/security solutions to support customers’ requirements. Ensure system security requirements are addressed during all phases of the system life cycle.

•Created and tracked POA&M requirements for resolving security findings.

•Performed vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.

•Ensure that all information systems are functional and Secure.

February 2016 – March 2019 Information System Security Engineer

Akins Tech Services, Atlanta, GA

•Worked as part of a team that performed System Certifications, Annual Assessments, and Continuous Monitoring Assessments.

•Experienced in performing system risk management following the NIST risk management framework.

•Conducted security assessment on assigned systems to ensure FISMA compliance following NIST SP 800 publications especially NIST 800-53 rev4 and Federal Information Processing Standards (FIPS 199).

•Evaluated security controls on information system platforms that include Windows, Linux, UNIX, Databases and Networks.

•Experienced in conducting Security Test and Evaluation (ST&E) of systems. These include performing security Test and Evaluation assessments on several different systems using both automated and manual security tools (Nessus, Web inspect).

•Coordinated with project lead to plan time, prioritize tasks and use assigned resources.

•Reviewed technical and administrative controls and conduct RMF per the NIST 800-53, NIST 800-37 requirements.

•Drafted and reviewed security artifacts including, but not limited to, System Security Plans, inventories, security control traceability matrices, control allocation tables and security assessment reports.

•Conducted Annual assessments of systems on compliance with organizational policy.

•Collaborated with the ISSO to draft and manage POA&M for authorized systems with appropriate remediation suspense dates and track findings until closure.

•Evaluated and created System Security Plans (SSP), Contingency Disaster Recovery Plans (DRP), Risk Assessment Reports (RAR), security Assessment Reports (SAR) and Executive Summaries.

October 2013 – Febuary 2016 Information Assurance Analyst

Innovate Power Technologies, Manassas, VA

•Used the NIST Risk Management Framework (RMF) to conduct assessments of Information security controls to measure the effectiveness of controls and identify control gaps.

•Identified, assessed, and prioritized identified vulnerabilities/ risks.

•Ensured compliance to guidance, standards, and regulations such as NIST Publications, FIPS, Fed RAMP, and other federal regulations and policies.

•Compiled Reports on compliance with internal policies, controls, and standards and as such Provided recommendations for remediation of identified deficiencies.

•Prepared Security Authorization Packages, including documentation such as Authorization Official Out-briefs, Security Authorization Recommendations and Security Authorizations memorandums.

•Collected evidence, artifacts, and document findings to support conclusions.

•Tracked and reported on Plans of Action and Milestones (POA&Ms) using CSAM.

•Coordinated third-party risk assessments and IT audits.

•Managed remediation efforts and reported on the status of control deficiencies.

EDUCATION

February 1991

Onc Draughtsmanship, Federal Polytechnic, Ado-Ekiti

February 1992

Ond Civil Engineering, Federal Polytechnic

AWS Certified Cloud Practitioner (CLF). Jan, 2022

CompTIA Security+ Certified, Dec, 2023

Contact this candidate