Summary
Overview
Work History
Education
Skills
Certification
Information Security Analyst
Timeline
SeniorSoftwareEngineer
Dave Adedeji

Dave Adedeji

Cybersecurity Analyst
San Antonio,TX

Summary

Cybersecurity Specialist with proficiency in online security research, planning, execution and maintenance. Skilled at training internal users on security procedures and preventive measures. Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework for cloud-based software. Versed in robust network defense strategies.

Overview

12
12
years of professional experience
3
3
Certifications

Work History

Information Security Analyst

Toyota
10.2019 - Current
  • Conduct security assessment and authorization (SA&A) and annual assessments of General support systems (GSS), Major and Minor systems
  • Work face-to-face with multiple stakeholders interviewing, planning, or participating in a team effort to bring multiple complex projects to fruition in a highly motivated, fast paced environment
  • Conduct in-depth technical reviews of new and existing IT systems to identify the appropriate mitigation strategies required to bring these systems into compliance with established policy and industry guidelines
  • Coordinates the implementation of Information System Security Plans with agency personnel and outside vendors
  • Continuous Monitoring and maintains cybersecurity infrastructure and/or policies and procedures to ensure Confidentiality, Integrity, and Availability of information systems
  • Review vulnerability scans of networks, AWS infrastructures and applications to assess effectiveness and identify weaknesses
  • Prepare and present authorization to operate (ATO) documents (SSP, SAR and POA&M)
  • Interact with Security, Operations, and Application support teams to educate and measure security policy compliance
  • Provide ongoing gap analysis of current policies, practices, and procedures as they relate to established guidelines outlined by NIST, OMB, FISMA, etc
  • Develop and maintain a Standard Operating Procedures (SOP) to create or improve SA&A processes
  • Develop risk management guidelines associated with the SA&A process and recommend improvements to authorization processes
  • Create and manage POA&Ms and provide a quarterly POA&M status
  • IBM Guardium workshop for critical data security
  • Initiate and verify the completeness of authorization or re-authorization of all systems
  • Conduct vulnerability assessments on and review results to verify all systems (servers, workstations, laptops, printers, and network appliances (routers, switches, firewalls, intrusion detection systems, etc.) are following federal and organizational security requirements
  • Monitor and stay abreast of current applicable Federal and organization security laws, memorandums, mandates, guidance, and alerts
  • Provides guidance using various cybersecurity frameworks in strategic and tactical cybersecurity operations planning and implementation.

Information Security Analyst

HCL America
01.2016 - 10.2019
  • Coordinated and managed team activities during assessment engagements for Major Application Systems and General support systems (GSS)
  • Created Security Assessment Plans (SAP) to initiate Information Security Assessment
  • Conducted assessments of security controls on Information Systems by interviewing, examining, and testing methods using NIST SP 800-53a rev4 as a guide and documented control findings and status from Risk assessment and recommend solutions with detailed action plans in Security Testing and Evaluation (ST&E) worksheet
  • Reviewed and updated System Security Plan (SSP) based on findings from Assessing security controls using NIST SP 800-18 rev1, NIST SP 800-53a rev4 and NIST SP 800-53
  • Entered control findings and status from Risk Assessment in Security Testing and Evaluation (ST&E) and developed Plan of Actions and Milestones (POA&M) for security controls that should be put in place to remediate vulnerabilities
  • Generated Security Assessment Reports (SAR)
  • Developed Contingency plans, Disaster Recovery Plans and Incident Response plans for Information Systems using NIST SP 800 – 34
  • Facilitated Kick off meetings and follow-up meeting with Management during projects.

Information Security Analyst

Teleworld Solutions
12.2014 - 01.2016
  • Developed plan of action and Milestone (POAM) through establishment of schedules and deadlines
  • Conducted Vulnerability assessment of all network applications and operating system and recommend corrective actions
  • Applied appropriate information security controls for Federal Information System based on ISO 27001
  • Conducted vulnerability and baseline scan using various scanning tools
  • Extensive experience in System Development Life Cycle (SDLC) and Vulnerability Management
  • Consistently achieve optimal utilization of developing, delivering and management operations through process improvement planning and program coordination on complex IT projects
  • Performed Risk Assessment (RA), System Security Test Evaluation (ST&E) and track remediation activities via Plan of Actions Milestones (POAM)
  • Held kick-off meetings with the Chief Information Security Officer (CISO), and system owners prior to assessment engagements.

Data Center Engineer

Embassy
06.2012 - 01.2016
  • Responsible for the full hardware lifecycle: ordering, delivery and installation, migration into production, maintenance, and eventual decommissioning
  • Data Center Hardware Management (Inventory, Cabling /label names, Hardware installation and decommission efforts)
  • Planned for consolidation of workloads in Racks
  • Ability to identify power usage and consolidate hardware as per the best optimization way by working with Operations Team
  • Diagnosed and repaired system errors, infrastructure issues and network connectivity problems
  • Worked to standardize processes configurations, and procedures in cooperation with engineers in our other data centers
  • Minimized downtime with effective planning and notify relevant stakeholders of scheduled maintenance periods
  • Improved and extend hardware and network monitoring
  • Updated asset management tool regularly to ensure accuracy and completeness
  • Updated equipment firmware when appropriate/needed.

Education

Skills

Effective problem-solving skills with attention to details

Certification

Certified Ethical Hacker (CEH)

Information Security Analyst

  • 10+ years, Information Security professional experienced in Information Assurance, Information Security and Risk Management Framework (RMF), NIST Special Publications (NIST SP 800-
  • NIST guidance implementation, oversight, and compliance. Assists in meeting mandates, directives, reporting, and other security-related processes with respect to Federal regulations such as FISMA act 2002; OMB mandates; Federal Information Processing Standards (FIPS); to ensure that Information Systems and information they process are secure by ensuring the appropriate Controls are properly implemented, working as intended and yield expected results.

Timeline

Information Security Analyst

Toyota
10.2019 - Current

Information Security Analyst

HCL America
01.2016 - 10.2019

Information Security Analyst

Teleworld Solutions
12.2014 - 01.2016

Data Center Engineer

Embassy
06.2012 - 01.2016

Similar Profiles

CREATE PROFILE
Dave AdedejiCybersecurity Analyst