Job Search Status
Open to workDesired start date: Open to discussion
Open To Work
Verified
This profile is verified using an email address.
ADEOLA ADEPOJU
Douglasville,GA
Work Preference
Summary
Information Systems Security Professional with vast experience in managing and protecting enterprise information systems, network systems and operational processes through information assurance controls, compliance verifications, risk assessment, vulnerability assessment. I function as a cybersecurity subject matter expert focusing on compliance, Policy writing, Gap Analysis, POA&M’s, Remediation and proficient in assessing, analyzing CMMC, CIS, NIST SP 800 series and other security controls frameworks.
Professional compliance analyst with strong background in regulatory frameworks and risk management. Skilled in policy development, audit processes, and ensuring adherence to legal standards. Focused on team collaboration and achieving results, adapting seamlessly to changing requirements. Renowned for analytical skills, integrity, and reliability in delivering impactful solutions.
Overview
8
8
years of professional experience
1
1
Certification
Work History
Cyber Security Compliance Analyst
Providence Solutions - Dept. of Homeland Security Contract
Remote
04.2022 - Current
- Developed, evaluated, and implemented information security governance documentations, including policies, standards, procedures, and risk management practices.
- Performed CIS Benchmark assessment for various clients.
- Provided support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
- Developed a control matrix template for the monitoring and tracking of control implementation and details for multiple customers.
- Updated and reviewed Assessment & Authorization packages to include core documentations, policies & procedures, and other artifacts.
- Have demonstrable understanding of NIST SP 800-53, NIST SP 800-61, NIST SP 800-171, CMMC concepts, practices, and processes.
- Participated in kick-off meetings with stakeholders to identify security assessment scope, system boundary, information types, and to gather other pertinent security assessment information for the information system to be assessed.
- Responsible for testing the security controls of the Cloud Service Providers (CSP) and completing a Security Assessment Plan (SAP), System Security Plan (SSP), Security Assessment Report (SAR), Plan of Actions and Milestones (POA&M) and continuous monitoring.
- Participated in readiness engagements to prepare clients for Information Technology Assurance Audits such as those associated with FISMA and Cybersecurity Maturity Model Certification (CMMC).
- Identifying and proposing remediation strategies for security findings and helping organization to develop and implement corrective action plans (CAP).
- Providing cybersecurity testing and security control validation and assessment of technical and non-technical security controls implemented on applications and general support systems (GSS) in support of NIST Risk Management Framework (RMF) and Assessment & Authorization (A&A) process.
- Conducted compliance audits to ensure adherence to regulatory standards and internal policies.
- Assisted in preparing compliance reports, providing insights for management review and decision-making.
- Evaluated internal controls, recommending improvements to enhance operational efficiency and reduce risk exposure.
- Developed training materials on compliance policies, facilitating staff understanding of regulations and best practices.
- Collaborated with cross-functional teams for the successful implementation of new compliance initiatives.
- Monitored adherence to industry regulations, ensuring timely reporting of any discrepancies or violations.
Cyber Security Compliance & Risk Management Analyst
Providence Solutions - Defense Logistics Agency Contract
Remote
01.2019 - 03.2022
- Developed assessment test plans, assessment reports and provided remediation and mitigation strategies.
- Selected and implemented applicable security controls (technical, operational and management) using NIST SP 800-53 Rev 4 as a guide.
- Assisted multiple clients by completing compliance-related tasks/audit preparedness and maintained regulatory compliance by researching and communicating requirements, and remediation strategies to clients.
- Monitored progress of outstanding issues to ensure corrective actions were implemented to remediate compliance violations or deficiencies.
- Assisted with the design and build of the implementation of security controls in response to identified compliance issues and findings.
- Identified and monitored security controls against the Center for Internet Security (CIS) control benchmarks to ensure compliance.
- Performed targeted security compliance analysis and reporting by analyzing, collecting, summarizing information, and producing accurate and reliable information for decision making and to support compliance monitoring activities.
- Reviewed existing Agency security documentation, performing interviews of key personnel, and reviewing technical control implementation of the existing Cloud environments.
- Conducted audit fieldwork and walkthrough of controls, performed detailed testing, analysis of controls, validations, and creation of clear and accurate documentation of workflows in IT process and report of test results and exceptions.
- Developed, evaluated, and implemented information security governance processes, including policies, standards, procedures, and risk management practices.
- Assisted with the maintenance of the technical architecture of the infrastructure systems, along with ensuring all components perform as expected to meet established service-level objectives for system uptime.
- Assisted with the performance of collateral duties and responsibilities for audit support of the infrastructure.
- Worked with senior team members across various functions to define product requirements related to security compliance.
- Created, managed, and delivered applicable Risk Management Framework (RMF) packages detailed to the client’s application to obtain/maintain active accreditation and authority to connect authorizations for each branch of service supported for the client.
- Provided direct and indirect SME assistance to the PMO team in support of required government audits.
- Served as an advocate for security best practices, active participant in the Agile Team development and Configuration Management process for the supported applications.
- Managed, coordinated, and led related quality initiatives, activities, and programs, including implementation strategies and systems integration and alignment.
- Monitored controls, post-authorization to ensure continuous compliance with the security requirements.
- Conducted risk assessments to identify potential vulnerabilities in operational processes.
- Analyzed data trends to support decision-making and enhance risk mitigation strategies.
- Developed short-term goals and long-term strategic plans to improve risk control and mitigation.
- Promoted enterprise-level risk management practices and helped instill strong culture focused on protective policies and procedures.
- Advised senior managers on policy strategies for reducing liability and preventing losses.
Security Control Analyst
Integrated Computer Solutions - Defense Information Systems Agency Contract
Montgomery, AL
06.2018 - 06.2019
- Implemented and supported the risk management programs for our federal clients by utilizing NIST, RMF, and FISMA compliance frameworks.
- Developed information security policies, standards, procedures, guidelines and controls for multiple platforms and diverse systems environments pertaining to compliance requirements.
- Created, updated, and revised System Security Plans, Contingency Plans, Incident Reports and Plan of Action & Milestones (POA&Ms).
- Assessed risks, identify mitigation requirements, and develop accreditation recommendations; responsible for tracking SA&A requirements for assigned systems within the agency and validate that task are on schedule, and ensure the delivery of quality documentation.
- Performed comprehensive assessments in cloud environments and support of ongoing authorization of information systems and cloud services.
- Conducted Cyber Security Program self-assessments and contributed to the development and completion of corrective action plans when needed for programs and cyber security program (CSP).
- Analyzed and evaluated cloud service responsibilities and cyber security processes, procedures and policies for efficiency and accuracy.
- Inspected items and compared against standards to meet regulatory requirements.
- Conducted data review and followed standard practices to find solutions.
Education
Master of Science - CyberSecurity
Kennessaw State University
Kennesaw, GA08-2022
Bachelor of Science - Computer Science And Technology
Yaba College of Technology
Lagos, Nigeria08-1998
No Degree - Networking
Chattahoochee Technical College
Marietta, GA05-2008
Skills
- Risk Management Framework (RMF)
- Incident Response
- Security Policies and Procedures
- NIST 800 Series-53,171,61, CMMC, HIPAA
- Configuration and change management
- Vulnerability Management
- Configuration & Change Management
- Cyber Security Assessment and Management (CSAM)
- Security Testing & Evaluation
- System Security Categorization
- Gap Analysis Review
- POA&M Management
- CIS Benchmark Assessment
- Compliance monitoring
- Corrective action plans
- Reporting skills
- Internal auditing
- Research proficiency
- Ethics management
- Compliance
- Compliance protocols
- Critical thinking
- Compliance reporting
- Audit documentation
- Data presentation skills
- Risk assessment
- Process implementation
- Risk identification
- Compliance training
- Continuous improvement
Accomplishments
Streamlined incident response workflows, decreasing mean time to detection (MTTD) by 35%.
Automated compliance reporting, saving the security team roughly 20 hours per month on manual documentation.
Reduced high-risk vulnerabilities by 50% within six months by restructuring the vulnerability management program.
Conducted 20+ annual risk assessments, identifying and mitigating security gaps in network and application environments.
Mapped and enforced NIST Cybersecurity Framework (CSF) controls across 100+ systems, improving compliance posture by 60%.
Certification
Certified Information Systems Auditor
AWS Certified Solutions Architect - Professional
Oracle Certified Professional (OCP) 12c
Oracle Certified Associate (OCA) 12c
CompTIA Security+
Timeline
Cyber Security Compliance Analyst
Providence Solutions - Dept. of Homeland Security Contract
04.2022 - Current
Cyber Security Compliance & Risk Management Analyst
Providence Solutions - Defense Logistics Agency Contract
01.2019 - 03.2022
Security Control Analyst
Integrated Computer Solutions - Defense Information Systems Agency Contract
06.2018 - 06.2019
Master of Science - CyberSecurity
Kennessaw State University
Bachelor of Science - Computer Science And Technology
Yaba College of Technology
No Degree - Networking
Chattahoochee Technical College