Isaac Abayomi Afolayan
Waldorf, Maryland. 240-***-****. mailto:*************@*****.***
https://www.linkedin.com/in/abayomi-afolayan-38207530
Security Assurance and Authorization professional with hands-on experience in Risk Management Framework (RMF), Vulnerability Management, Security Control Assessment using FISMA, NIST and Industrial Best Practices with in-depth knowledge and understanding of numerous software packages and Operating Systems to proactively develop and deploy strategic solutions for protecting Information Systems/Assets and mission critical projects. Wrote and updated security plans to meet NIST 800.53 standards as a team.
Functional Skills
•Risk Management
•Security Control Assessment
•System Risk Assessment
•Information System Security
•Vulnerability Assessment
•Business System Analysis
•Information Assurance
Technology Summary
•Security Center (Nessus)
•Spunk
•CSAM
•Microsoft 365(Word, Excel, Power Point, MS Teams, Outlook etc) Enterprise Linux/Unix-Based System
Information Assurance Analyst
Information Management Systems Inc. - New Britain, Connecticut
September 2016 – Present
•Review and support Information System Security Officer (ISSO) in the development and maintenance of System Security documentations (System Security Plans (SSPs), System Configuration Management Plan (CMP), Contingency Plan (CP), Control Allocation Tables (CATs), Business Impact Analysis (BIA) Interconnectivity Security Agreement (ISA) and Plan of Action and Milestones (POA&M), for assigned systems.
•Review assessment results, Scans and ensure weaknesses are identified, documented, addressed, and remediated through the Plan of Action and Milestones (POA&M) process, including applicable Waivers, Exceptions, and Accepted Risk (WEAR).
•Schedule, track and manage the monthly and quarterly POA&M review process. Coordinates meetings and tasking with System Owners (SOs), Information System Security Officers (ISSOs) and support remediation of open POA&Ms.
•Participates in client interviews to determine the Security posture of the System and to assist in the completion of the Security Assessment Plan (SAP) using NIST 800-53A test required to maintain System Authorization to Operate (ATO), Risk Assessment (RA), System Security Plan (SSP), and System Categorization. Prepare and document System’s ATO Brief for submission to Authorizing Official (AO) for his adjudication to grant ATO to a new system or for the existing system to continue operation.
•Supports Project manager during the initial Security Assessment and Authorization kick-off meetings to discuss the Certification and Authorization (C&A) process to the stakeholders unfamiliar with the process. Developed System Assessment and Authorization (SA &A) packages in compliance with NIST standards, including System Security Plans, System Categorization documents using FIPS 199, Risk Assessment, POA&M, Contingency Plans, and Private Impact Assessments (PIA).
•Utilize NIST 800-53 Rev 4 and NIST 800-53 A to conduct Security Control Assessment/Testing, determining the Security Control (Management, Operational, and Technical) effectiveness, documenting findings, and providing recommendations for addressing weaknesses or vulnerabilities in a Security Assessment Report (SAR) and determining system compliance with Federal Security Standards.
•Performed threat analysis in a 24/7 environment, mitigating and managing all threats and risks to the company and gaining 99% security in data
•Successfully secured and monitored over 50 websites with 0 major attacks utilizing skills, expertise, and proficiency in cybersecurity and safety.
•Blocking hackers from intruding into the system which has led to an increase in profitability
Help Desk Support
Grand Mission Consult LLC – Hyattsville, Maryland
July 2016 – October 2019)
•Troubleshot issues with internet connectivity, network accessibility (login errors, network drive access, etc.), MS Office (Outlook, Word, Excel, WordPerfect, etc.)
•Monitored interfaces, disk space, and performed system backups.
•Provided help desk support for on workstation and printer problems
•Unlocked user accounts and resetting user password through Active Directory authentication system.
•Responded to requests for technical assistance via phone and email.
•Added sub-templates for users with multiple jobs and directing tickets to the right department to get them solved.
•Scanned sites for malware and security risks regularly, saving over 5,00 computers from unwanted and unwarranted threats and destruction.
•Managed and conducted a site-wide inventory project for 200 laptop computers, maintaining correct and accurate records for company clients.
•Identified over 50 new viruses and hidden malware in under three years, saving the entire company over 5,000 computers from destruction
Police Officer
Pentagon Force Protection Agency – Washington, DC
September 2009 – July 2016
•Enforced laws and regulations within regulated jurisdiction on a daily basis by the use of Federal and State criminal codes and rules.
•Controlled potential violent and disruptive situations with tact and professionalism.
•Conducted vehicle searches at various check points and Monitored visitors that are coming in and out of the facility.
•Monitored visitors that are coming in and out of the facility.
•Verified credentials and vehicle passes to ensure proper access into and on the Pentagon reservation.
•Receive and analyze intelligence reports to reduce threats against Department of Defense officials
•Participated in Anti-terrorism and Force Protection training and exercise programs
•Conducted inquiries and /or investigations and refer matter to appropriate agency.
•Successfully secured and monitored over 50 websites with 0 major attacks utilizing skills, expertise, and proficiency in cybersecurity and safety.
Electrician
United State Navy - Norfolk, Virginia (June 2000 - June 2004)
Education
•Master of Science, Information Technology
Strayer University, Maryland.
Certifications
•Security+
•Certified Ethical Hacker
•Certified Authorization Professional (CAP) - In Progress
Security clearance
Public Trust
Secret Clearance (DOD)