Risk Management Regulatory Compliance
Resume:
LOLADE ADEMILUYI
Owings Mills, MD 443-***-**** *******.*********@*******.***
PROFESSIONAL SUMMARY
A distinguished Cybersecurity Manager with 10+ years of experience leading comprehensive cybersecurity programs focused on risk compliance, vendor management, and policy management. Demonstrated expertise in managing complex audits, identifying and remediating compliance gaps, with a 95% audit success rate across cybersecurity standards. Proven record of driving cross-functional initiatives to ensure cybersecurity frameworks and risk mitigation strategies aligned with industry standards such as NIST, ISO 27001, and HIPAA. Sought-after for expertise in developing and enforcing security policies that reduce security incidents by 25% year over year while ensuring adherence to organizational and regulatory compliance requirements. CORE COMPETENCIES
• Vendor Risk Management
• Risk Assessment and Mitigation
• Security Policy Development
• Compliance Audits
• Regulatory Compliance
• Third-Party Security Assessment
• Information Security Governance
• Data Privacy & Protection
• Security Documentation & Reporting
• Business Continuity Planning
• Threat Intelligence & Analysis
• Security Awareness Training
EXPERIENCE
Cybersecurity Compliance Manager US Department of Treasury, Internal Revenue Service Jan 2025 – Mar 2025
• Implemented a comprehensive cybersecurity compliance program, ensuring compliance with FISMA and NIST 800-53, resulting in a 15% improvement in audit readiness scores.
• Facilitated the FISMA reporting process, compiling and submitting over 50 System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms), achieving a 100% on-time submission rate.
• Identified 15+ control gaps during internal security audits of IRS systems, collaborating with system owners to implement corrective action plans that remediated 100% of identified risks within 90 days.
• Enhanced incident response protocols in compliance with NIST SP 800-61 by leading security incidents, cutting average response time.
• Developed and maintained governance documents such as risk registers and updated security policies aligned with ISO/IEC 27001, leading to a 20% reduction in non-compliance incidents. Compliance Specialist Northrop Grumman - Baltimore, MD Jul 2020 – Jan 2025
• Collaborated with GSA-appointed ISSP to deliver detailed documentation for FedRAMP PMO approval, ensuring a 100% approval rate for 10+ packages submitted during the fiscal year.
• Addressed and remediated assessor feedback, leading to the timely resolution of 10+ documentation and system issues, and ensuring continuous progress towards ATO approval.
• Managed incident response and compliance workflows through ServiceNow (SNOW), streamlining 50+ incidents per month and ensuring 100% documentation and issue resolution within agreed-upon SLAs.
• Reviewed monthly FedRAMP ConMon deliverables, ensuring accurate CSP reporting and maintaining 100% compliance with FedRAMP's continuous monitoring requirements.
• Finalized and submitted ATO security packages, including implementation statements for applicable controls, ensuring a 30% reduction in submission errors and improving the overall ATO approval time.
• Steered security assessments for U.S. Marine Corps ATO efforts, identifying 25+ critical security controls that needed remediation, contributing to a 100% ATO approval rate for 5+ systems within the designated timeframe. GRC Analyst Accenture Federal Services Feb 2019 – Jul 2020
• Aided federal agency clients with regulatory compliance efforts on FISMA, NIST 800-37/53, and OMB A-123, ensuring that 90% of client systems passed security control audits with minimal findings.
• Implemented continuous authorization processes for 4 federal agencies, streamlining security control assessments and reducing system review time by 30%.
• Coordinated cross-functional teams in designing and implementing remediation plans for high-risk findings, leading to the closure of 95% of vulnerabilities within the first 90 days of identification.
• Presented risk mitigation strategies to senior leadership, facilitating informed decision-making, leading to a 30% improvement in risk management strategies across client systems.
• Created automated risk-tracking tools that reduced manual effort by 40%, improving the accuracy and efficiency of risk management reporting for federal systems.
Security Assessment Lead TekSystems Dec 2017 – Feb 2019
• Managed incident response workflows, coordinating with the security operations team to resolve 30+ security incidents per month, reducing average incident resolution time by 35%.
• Reviewed external assessment outcomes, provided actionable risk-based recommendations, and led the coordination of Plan of Action and Milestones (POA&M) entries.
• Monitored SSA systems in CSAM and Xacta, ensuring ongoing compliance with NIST 800-53, and achieving a 100% success rate during subsequent assessments.
• Pioneered security assessment efforts for SSA applications and systems, ensuring comprehensive compliance with federal standards and achieving 100% accuracy in SSA documentation during audits. Additional Experiences
InfraShield – Independent Information Security Auditor Strix Security – Independent Information Security Auditor Knight Point Systems – Privacy Lead
Camoon LLC - Information Security Analyst
EDUCATION
Masters of Science: Cybersecurity and Information Assurance Western Governors’ University
Bachelor of Science: Communications
State University College, Oneonta, NY
CERTIFICATIONS
Certified Information Systems Manager (CISM)
CompTIA Advanced Security Practitioner (CASP)
Scrum Master Certification
Certified HIPAA Security Specialist (CHSS)
Certified Ethical Hacker (CEH)
ITIL Fundamentals
Certified HIPAA Professional (CHP)
TECHNICAL ACUMEN
Governance Risk and Compliance (GRC) Software: ServiceNow, RSA Archer. Productivity Tools: Google Suites and Microsoft Office Tools (MS Word, Excel, PowerPoint). Standards & Frameworks: ISO 27001, NIST, COBIT, SOX, GDPR, HIPAA, PCI DSS, SOC 2, ITIL, COSO.
Contact this candidate