Post Job Free
Sign in

Security Officer Team Member

Location:
Annapolis Junction, MD, 20701
Salary:
90000
Posted:
December 05, 2022

Contact this candidate

Resume:

ADEREMI OYETOLA

678-***-**** Baltimore - Washington DC Metro Area adtvh2@r.postjobfree.com

PROFESSIONAL SUMMARY

Analytical cybersecurity expert with expertise in Internal Controls, IT Risk Management, IT Risk Governance, Vulnerabilities. Proficiency in the FedRAMP security assessment framework, FISMA, and risk management frameworks, as well as extensive experience in compliance, security control assessments, auditing, technical writing, and project management. Expertise in using Plans of Action and Milestones (POA&M), NIST publications to develop and maintain security authorization packages.

A strategic, methodical, and reliable professional, I am focused on developing meaningful relationships, solving issues, creating value, and influencing positive outcomes. Adept at leveraging guidelines and standards such as NIST 800 series (800-53, 800-53A), PCI- DSS, HITRUST CSF, ISO, and (POA&M) frameworks.

SKILLS

• Threat & Vulnerability Management

• Cybersecurity Policy and

Governance

• ICAM Management

• Security Control Assessment

• Auditing and Compliance

• Oral and Written Communication

• Risk Assessment

• Plans of Action, and Milestones

(POA&Ms)

EXPERIENCE

Information System Security Officer (ISSO)

Bego Consulting, Glenn Dale, MD 2019 - Current

• Conducts assessments and Authorization (A&A) documentation (FIPS 199, E- Authentication Worksheet, Security Assessment Plan (SAP), System Security Plan (SSP), POA&M, Risk Assessment and Assessment of Key Controls for assigned systems.

• Develops, reviews, and maintains RMF artifacts for RMF compliance.

• Develops, maintains, and monitors the necessary artifacts for A&A package submission to receive ATC and ATO certifications.

• Performs monthly Nessus vulnerability scans utilizing Security mandated practices and software utilities.

• Work as a key team member of the RMF process for assigned systems to ensure that the controls are adequately categorized, selected, implemented, assessed, authorized, and monitored.

• Develop, update, and/or reviewed RMF documentation to include Security Plans, Implementation Plans, Plans of Action, and Milestones (POA&Ms), and Risk Assessment Reports (RAR).

• Performs system categorization; select, tailor security controls, implement, and test security controls

• Perform continuous monitoring using NIST 800-137 Rev 1 as a guide.

• Established a Plan of Actions and Milestones (POA&M) to evaluate and track security weaknesses as discovered.

System Security/Risk Management Framework (RMF)Engineer National Science Foundation, Alexandria, Virginia 22314 June 2017- August 2019.

• Responsible for the Assessment and Authorization (A&A) documentation (FIPS 199, E- Authentication Worksheet, Security Assessment Plan (SAP), System Security Plan (SSP), POA&M, Risk Assessment and Assessment of Key Controls for assigned systems.

• Create comprehensive security assessment plans to include the Rules of Engagement

(ROE)requirements for identified security controls based on NIST SP 800-53, and agency- specific guidance.

• Work as a key team member of the RMF process for assigned systems to ensure that the controls are adequately categorized, selected, implemented, assessed, authorized, and monitored.

• Perform Nessus ACAS scanning on classified and unclassified systems.

• Ensure risk assessments are completed to determine cost-effective and essential safeguards.

• Reviewed and assessed systems of different classification, scope, and mission and determined residual risk and mitigation methods to ensure the system was operating in its most secure state.

• Selected baseline security controls: applied tailoring guidance and supplemental controls as needed based on risk assessments.

Risk Compliance Officer

Eko Electricity Distribution Company Plc, 2014 – 2017

• Involved in all phases of audit projects, including planning, fieldwork, reporting, and follow-up as if required.

• Participated in management directives- policies standards and procedures evaluation for compliance and perform a gap analysis to ensure alignment and compliance with best practices – COSO, COBIT, NIST, FFIEC, ISO, ITIL.

• Tested the design and effectiveness of internal control by completing a walkthrough of complex business processes and analyzing results.

• Provided support and guidance to management on managing new opportunities effectively and worked around identifying IT / Operational risks to improve process control, efficiency, and effectiveness.

• Conducted enterprise-wide risk assessment efforts, planning, and scoping of IT General and IT Application Controls -ITACs testing.

Completed pre-implementation and risk-based audits to achieve business objectives EDUCATION

• Master of Science (M.S.): Cybersecurity

University of Maryland Global Campus, Adelphi, MD, May 2022

• Bachelor of Science: Electrical Engineering

Olabisi Onabanjo University, Ago Iwoye, Ogun.

CERTIFICATIONS

• CompTIA Security+

• Certified Information Systems Auditor (CISA) – in view



Contact this candidate