Information Security Cybersecurity Analyst
Resume:
ADEWOYE ADEYEMI
Aberdeen, MD ***** / 443-***-****
************@*****.***/ www.linkedin.com/in/adewoyeadeyemi1 SECURITY CONTROL ASSESSOR/CYBERSECURITY ANALYST
Dynamic and certified cybersecurity professional with over 12 years of progressive IT experience and 6+ years in information security, specializing in risk management, security control assessments, and governance, risk, and compliance (GRC) frameworks. Proven ability to support both public and private sector clients in aligning cybersecurity practices with organizational goals, supporting multiple client programs through the RMF lifecycle, delivering independent risk assessments, and guiding Authorizing Officials (AOs) in granting Authority to Operate (ATO). Experience spans federal environments and private sector engagements, delivering security assessments, ATO support, vulnerability management, and continuous monitoring. Skilled in cloud security, FedRAMP compliance, RMF lifecycle, and cross-industry cybersecurity best practices. Adept at briefing senior stakeholders, developing security documentation, and managing risk in Agile environments.
Currently pursuing a Master's in Information Assurance and holding multiple industry-recognized certifications. SUMMARY
● Certified Information Security Manager (CISM)
● CompTIA Security+ (Ce)
● CompTIA CySA+
● CompTIA Security Analytics Professional (CSAP)
● AWS Security Specialist
● Google Cloud Security Engineer
● Project Management Professional (PMP)
● Public Trust Security Clearance
CORE COMPETENCIES
System Security Plans (SSP)
POA&M Management
Security Assessment Reports (SAR)
ISO 27001
Agile Security
Cloud Security (AWS & GCP)
Application Security
COBIT
FedRamp
NIST 800 Series
Governance, Risk & Compliance (GRC)
Risk Management Framework (RMF)
Incident Response
Security Policy Development
Vulnerability Management
RELEVANT WORK EXPERIENCE
Cybersecurity Analyst / Security Control Assessor
Vobalink Incorporated Jan 2022 – Present
● Conduct independent security control assessments for federal and commercial systems in alignment with NIST SP 800-53 and RMF guidelines (800-37, 800-53A).
● Prepare detailed Security Assessment Reports (SARs) and Security Assessment Plans (SAPs), and track remediation using POA&Ms.
● Perform GRC tasks using tools like eMASS and Xacta; advise stakeholders on risk posture and authorization readiness
(ATO/RMF, FedRAMP, CMMC, ISO 27001).
ADEWOYE ADEYEMI
● Execute vulnerability assessments and penetration testing using ACAS, Tenable, and other security tools; document and prioritize findings.
● Create and maintain system-level security documentation, including contingency plans, incident response plans, and continuous monitoring strategies.
● Communicate risk and mitigation strategies to senior leadership and non-technical stakeholders to support informed decision-making.
● Monitor and analyze security alerts, conduct incident investigations, and lead response coordination efforts.
● Train staff on security awareness and best practices to foster a proactive security culture. Cybersecurity Analyst
Top Group Technologies Oct 2017 – Dec 2021
● Provided cybersecurity compliance support to federal and commercial clients across on-prem, cloud, and hybrid environments.
● Authored key security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and Security Assessment Plans (SAPs).
● Conducted security control assessments and supported Assessment & Authorization (A&A) activities in alignment with NIST SP 800-53, 800-53A, 800-37, and FedRAMP frameworks.
● Integrated client-specific requirements with NIST, FedRAMP, and ISO/IEC 27001 controls to meet compliance objectives.
● Led risk assessments, vulnerability scans, and penetration testing to identify and remediate security gaps.
● Managed POA&M adjudication, tracking closure of findings, and preparing systems for ATO certification.
● Supported implementation and continuous monitoring of security controls, including ISCM activities.
● Advised clients on security posture and remediation strategies based on assessment findings.
● Coordinated incident response activities and investigated potential breaches to mitigate impact.
● Planned and monitored security programs, policies, and compliance artifacts across the system lifecycle.
● Researched emerging threats and technologies to enhance long-term security planning.
● Delivered training to stakeholders to promote security awareness and adherence to best practices. Senior IT Project Manager
Top Group Technologies Jun 2012 – Sep 2017
● Directed a team of 23 IT professionals in delivering enterprise-scale projects, including software development, infrastructure upgrades, and cloud migrations.
● Managed full project lifecycle from planning to deployment across a portfolio of IT initiatives, including cybersecurity and secure system implementations.
● Applied Agile methodologies to increase adaptability and drive secure, iterative development cycles.
● Defined project scope, goals, deliverables, and success criteria in collaboration with business and technical stakeholders.
● Developed and maintained project charters, schedules, budgets, and resource plans to ensure on-time, within-scope delivery.
● Identified and mitigated project risks through proactive planning and stakeholder engagement.
● Oversaw project tracking, performance metrics, and milestone reporting to senior management and executive stakeholders.
● Facilitated cross-functional collaboration, coordinated user acceptance testing, and ensured smooth project transitions into production.
● Led post-implementation reviews to document lessons learned and promote continuous improvement.
● Interfaced with C-level executives and clients to communicate status, resolve roadblocks, and ensure strategic alignment.
● Advocated for the integration of cybersecurity best practices into infrastructure, cloud, and software development projects. ADEWOYE ADEYEMI
TECHNICAL SKILLS
Vulnerability Tools Tenable, Burp Pro, Rapid7 Nexpose, Blackduck, Nexus Scanner GRC Tools eMASS, Xacta, ServiceNow GRC, RMPS, ACAS, CFACTS Cloud Security AWS Security Hub, IAM, KMS, GCP Security Scanner, Cloud Audit Logs Code Scanners SonarQube, Checkmarx, Veracode, Fortify, WhiteSource Other Tools Splunk, Jira, Confluence, GitHub, ServiceNow, Terraform EDUCATION
Master of Science (In Progress), Information Assurance University of Maryland Global Campus (UMGC)
Higher National Diploma (HND) in Marketing
The Polytechnic, Ibadan
Contact this candidate