ADEBOWALE AJIBOLA

Agency Overview: Department of the Interior, Washington DC

40Hrs/ Week

GS-2210-13

Salary: $128,619

• Responsible for the development, implementation, and maintenance of assigned Systems Security Plans and related documentation for each supported Network system.
• Experience in interfacing with Project Managers, Information System Owners, Stakeholders via Team calls delivering high level summary on Information system progress and status reports.
• Provide Team call video presentation on approved scheduled Reading Room for our IBC's OS/Applications on SSPP, SAR's, POA&M's Review to our External Clients and Agency Partners.
• Develop, review, and maintain security authorization documentation, including SSPP, SAR, RAR ensuring security control baselines (low/moderate/high impact per FIPS 199 & FIPS 200) are correctly implemented.
• Ensure Compliance with Federal Security Standards and adhere to FISMA, FedRAMP, NIST RMF (Risk Management Framework).
• Reduced cyber risks by conducting regular vulnerability assessments.
• Provide High Level Executive Summary updates on the Continuous Monitoring Security Posture of Assigned IBC/OS to the Authorization Official(AO) during Monthly and Quarterly briefings,
• Worked closely with System Owners of assigned Cloud SaaS system, collaboratively engage with CSP to ensure that the security posture of our applications is maintained and secured. Consistently tracking and evaluating CSP's Data Updates and or uploads in the FedRAMP Repository. Including identifying any critical vulnerability and if any to address it,
• Supports continuous monitoring of systems security and provide security training for onboarding employees,
• Worked with the APO (Privacy Office) to Provide PTA's and PIA's Renewal updates on assigned OS Systems and maintained the Systems Security and Privacy as aligned with the requirements of my Agency.
• Provide weekly vulnerability scanning and updates of our On-Prem OS to Project Team Lead using Security scanning tool, Tenable.
• Maintained up-to-date knowledge of emerging threats, providing proactive solutions for potential vulnerabilities.
• Actively Engaged in Collaboration Team Call Meeting of FedRAMP Monthly Continuous Monitoring with DHS Technical Lead to enhance automation of Cloud SaaS to ensure Agency compliance are aligned with FedRAMP Requirement.
• Implemented multi-factor authentication methods to enhance user access controls, reducing unauthorized system access incidents.

Key Accomplishment:

• Participated in our OS/ Applications Implementation Update from NIST SP 800-53 Rev. 4 to NIST SP 800-53 Rev. 5 migrated from CSAM to Xacta 360.
• Worked with the Security Operations Center(SOC) and the cyber-Team to ensure timely reporting of security incidents.
• Supported the process of Decommissioning a system, Engaged with System Owner and Team Administrators to provide documentation of the Decommission Plan and disposable approval from the DPO's (Departmental Privacy Office).
• Worked with Authorizing Officials (AOs), System Owners (SOs), and Security Control Assessors (SCAs) in providing the Risk Assessment & POAM Inventory update of associated systems.
• Monitored security controls post authorization to ensure continuous compliance with Agency's security requirements.
• Developed and Implemented Continuous Monitoring Plans for assigned OS/Applications.
• Completed Follow-up progress and Updates on a Cloud SaaS undergoing CAP (Corrective Action Plan) Notices with the FedRAMP PMO.

Company Overview: Panthergon IT & Cybersecurity Solutions (PITCSS)

40 Hrs/ Week

Salary: $115,000

• Provided security expertise and guidance in support of security assessment
• Supported A&A (C&A) activities according to the A&A project plan
• Reviewed authorization documentation for completeness and accuracy for compliance
• Facilitated Security Control Assessment (SCA) and Continuous Monitoring Activities
• Executed examine, interview, and test procedures in accordance with NIST SP 800-53A Revision 4
• Ensured cyber security policies are adhered to and that required controls are implemented
• Validated information system security plans to ensure NIST control requirements are met
• Developed SCA documentation, including but not limited to the Security Assessment Report (SAR)
• Authored recommendations associated with findings on how to improve the customer's security posture in accordance with NIST controls
• Assisted team members with proper artifact collection and detail to clients examples of artifacts that will satisfy assessment requirements
• Reviewed security logs to ensure compliance with policies and procedures and identifies potential anomalies
• Updated and reviewed A&A Packages to include Core Docs, Policy & Procedures, Operations and Maintenance Artifacts, SSP, SAR, FIPS 200, FIPS 199, POA&M, CPTPR, BIA, PTA, PIA, and more
• Collected Operation and Maintenance artifacts on an ongoing basis so that Security Control Assessment (SCA) is seamless
• Created customized reports for stakeholders detailing key metrics related to IT security performance, fostering transparency and accountability within the organization

Key Accomplishment:

.

• Evaluated new technologies to strengthen IT security infrastructure, maintaining cutting-edge protection against threats.
• Updated, reviewed, and aligned SSPP to the requirements in NIST 800-53, rev4; so that assessments can be done against the actual requirements and not ambiguous statements
• Managed vulnerabilities with the aid of Nessus vulnerability Scanners to detect potential risks on a single or multiple assets across the enterprise network
• Reviewed SAR post assessment; created and completed POA&M's milestones to remediate findings and vulnerabilities
• Independently reviewed complex security analysis of existing systems for compliance with security requirements

Company Overview: Office of Inspector General (OIG) / Environmental Protection Agency, Washington DC

40 HRS/Week

Salary: $82,000

• Provide security management for database, network and operating systems.
• Managed backups of data and its validation
• Reviewed logs regularly to detect suspicious activity patterns before they escalate into full-blown incidents, enabling rapid response efforts when necessary.
• Participated in industry conferences, workshops to stay informed about current trends in cybersecurity and applying new found knowledge to improve organizational defenses continuously.
• Responsible for the Monitoring and Uptime of our Production Databases.
• Applied Quarterly Bundle patches to OIG Databases for security fixes and perform backups of the database using RMAN Tool.
• Implemented necessary controls and procedures to protect information system assets from intentional or inadvertent modification, disclosure or destruction.
• Authored security and vulnerability reports, detailing logged incursions and suggesting remediation efforts.
• Performed risk analyses to identify appropriate security countermeasures.

Key Accomplishment:

• Installed and configured Oracle WebLogic server for 12c OEM cloud control Domain. Installed 12c OEM unto OIG server for the management and administration of our databases from one single console. Deployed 12c Agents unto Target Databases to monitor the administrative tasks on those Hosts. Installed and generated certificates for secured data transfer across the OMS console, OMS upload port, agents and WebLogic server.
• Acquired Knowledge on Amazon Web Services (AWS) cloud computing services, Elastic Compute Cloud (EC2) Instance for database storage and application deployment.
• Created Cloud Services (S3) Bucket, Amazon Simple DB, Amazon Cloud Watch.
• Provide Customer Service to our Clients, Agencies. Delivered a daily and weekly status reports on Database Health check, Remote server's connection, JAVA update and Database progress reports upon Client request which is normally conducted via email.
• Setup, configured and maintained two Standby databases using 11gR2 databases on our OIG servers.