Cybersecurity Awareness and Compliance Leader

WILLIAM A ADDO

Alexandra. ***** *****.*******@*****.***. Phone: 929-***-****

Active Secret Clearance

SUMMARY HIGHLIGHT

Results-driven IT professional with over five years of experience in cybersecurity awareness, security assessments, and compliance. Possesses a proven track record in developing and leading security awareness campaigns, ensuring compliance with FISMA, NIST, and other security frameworks. Skilled in designing and implementing training programs, conducting risk assessments, and fostering a culture of cybersecurity vigilance. Adept at coordinating with cross-functional teams, managing information security risks, and supporting continuous monitoring initiatives. Highly effective in delivering presentations and written communications to diverse audiences, ensuring clear understanding of security policies and best practices. CORE SKILLS

● Cybersecurity Awareness Campaigns

● Information Assurance & Security Awareness Training

● Risk Assessment & Mitigation

● NIST SP 800-53, FISMA Compliance

● Security Assessment & Authorization (SA&A)

● Incident Response & Mitigation

● Security Control Implementation & Audits

● Technical Documentation & Reporting

● Security Metrics & Data Visualization

● Stakeholder Engagement & Communication

PROFESSIONAL EXPERIENCE

AMERICAN FRONTIER TECH 2014-2021. DEPARTMENT OF DEFENSE (USS WASP LHD1…. Norfolk VA. IT CYBER AWARENESS (Anti-Terrorism Specialist) 2021-Present

● Develop materials and led information security awareness and training program for compliance and maintaining matured security posture

● Conduct kick off meetings to collect systems information (information type, boundary, inventory, etc.) and categorize systems based on NIST SP 800-60 and NIST 800-53.

● Assess and Verify security controls to check the adequacy of management, operational privacy, and technical security controls implemented. Security Assessment Reports (SAR) were developed detailing the results of the assessment along with Plan of Action and Milestones

(POA&M).

● Develop system security plans to provide an overview of information system security requirements and describe the controls in place or to meet those requirements.

● Create and update Configuration Management Plan (CMP), Security Categorization, Business Impact Analysis (BIA), Risk assessments (RAs), Threshold Analysis (PTA), Privacy Impact Analysis (PIA), E-Authentication, Contingency Plan, Plan of Action and Milestones (POAMs) to ensure the system stays current in a dynamic IT environment to help in easy reauthorization of the system.

● Prepare Security Assessment and Authorization (SA&A) packages to ascertain that management, operational and technical security controls adhere to NIST SP 800-53 standards.

● Perform information security risk assessments and assist with the internal auditing of information security processes. Assessed threats, risks, and vulnerabilities from emerging security issues and identified mitigation requirements EDUCATION AND PROFESSIONAL CERTIFICATIONS

● Scrum Master (International Scrum Institute)

● CompTIA Security+ CE

● CompTIA CASP (MASTERY LEVEL)

● CISM

TECHNICAL SKILLS

Scanning Tools: Web Inspect, Nessus, Tenable, Burp-Suite,Jira,Gitlab,Nexus. Applications: MS Office: Word, Power Point, Visio, Web Inspect, Remedy, ServiceNow, RSA Archer, Networking: LANs, WANs, VPNs, Routers/Switches, Firewalls, TCP/IP, Wire Shack, NMAP, Oracle SQL

Contact this candidate