Information Assurance Security
Resume:
ADESANYA SIJUWADE
*************@*****.***
**** ************* **, *************, ** 30127
OBJECTIVE
Experienced and knowledgeable information security professional with security strategies in developing and securing enterprise data and application, providing effective solutions to safeguard business continuity. Very knowledgeable and experienced with security concepts, policies, and regulations.
SKILLS & ABILITIES
Information Assurance, cyber security,
Software
Incident Response, Disaster planning & recovery
Wireshark, MacAfee
Vulnerability Assessment, POA&M, Security Assessment, HIPAA, COBIT, ISO
Big Fix, CyberArk, Nessus, ePO, Splunk and ForeScout
NIST 800 34, 37,53, 54, GRC, EO, FISMA, RMF, Risk Vision,
VMware, Amazon Web Services (AWS) Google
FedRAMP, Cloud, office 365, SaaS, PaaS, IaaS
Private, community, Hybrid & public cloud
EXPERIENCE
March 2019 – Present Information Assurance Analyst
Onmax Solution, Bowie, MD
•Determined enterprise information assurance and security standards.
•Developed and implements information assurance/security standards and procedures.
•Coordinated, developed, and evaluated security programs for the organization.
•Recommended information assurance/security solutions to support customers’ requirements. Ensure system security requirements are addressed during all phases of the system life cycle.
•Created and tracked POA&M requirements for resolving security findings.
•Performed vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
•Ensure that all information systems are functional and Secure.
February 2016 – March 2019 Information System Security Engineer
Akins Tech Services, Atlanta, GA
•Worked as part of a team that performed System Certifications, Annual Assessments, and Continuous Monitoring Assessments.
•Experienced in performing system risk management following the NIST risk management framework.
•Conducted security assessment on assigned systems to ensure FISMA compliance following NIST SP 800 publications especially NIST 800-53 rev4 and Federal Information Processing Standards (FIPS 199).
•Evaluated security controls on information system platforms that include Windows, Linux, UNIX, Databases and Networks.
•Experienced in conducting Security Test and Evaluation (ST&E) of systems. These include performing security Test and Evaluation assessments on several different systems using both automated and manual security tools (Nessus, Web inspect).
•Coordinated with project lead to plan time, prioritize tasks and use assigned resources.
•Reviewed technical and administrative controls and conduct RMF per the NIST 800-53, NIST 800-37 requirements.
•Drafted and reviewed security artifacts including, but not limited to, System Security Plans, inventories, security control traceability matrices, control allocation tables and security assessment reports.
•Conducted Annual assessments of systems on compliance with organizational policy.
•Collaborated with the ISSO to draft and manage POA&M for authorized systems with appropriate remediation suspense dates and track findings until closure.
•Evaluated and created System Security Plans (SSP), Contingency Disaster Recovery Plans (DRP), Risk Assessment Reports (RAR), security Assessment Reports (SAR) and Executive Summaries.
October 2013 – Febuary 2016 Information Assurance Analyst
Innovate Power Technologies, Manassas, VA
•Used the NIST Risk Management Framework (RMF) to conduct assessments of Information security controls to measure the effectiveness of controls and identify control gaps.
•Identified, assessed, and prioritized identified vulnerabilities/ risks.
•Ensured compliance to guidance, standards, and regulations such as NIST Publications, FIPS, Fed RAMP, and other federal regulations and policies.
•Compiled Reports on compliance with internal policies, controls, and standards and as such Provided recommendations for remediation of identified deficiencies.
•Prepared Security Authorization Packages, including documentation such as Authorization Official Out-briefs, Security Authorization Recommendations and Security Authorizations memorandums.
•Collected evidence, artifacts, and document findings to support conclusions.
•Tracked and reported on Plans of Action and Milestones (POA&Ms) using CSAM.
•Coordinated third-party risk assessments and IT audits.
•Managed remediation efforts and reported on the status of control deficiencies.
EDUCATION
February 1991
Onc Draughtsmanship, Federal Polytechnic, Ado-Ekiti
February 1992
Ond Civil Engineering, Federal Polytechnic
AWS Certified Cloud Practitioner (CLF). Jan, 2022
CompTIA Security+ Certified, Dec, 2023
Contact this candidate