Summary
Overview
Work History
Education
Skills
Certification
Timeline
Tools
Tools
Generic

Adotey Acquaye

ISSO
Dallas,TX

Summary

For over 5 years, I have served as the principal advisor to System Owners (SOs), Business Process Owners, and the Chief Information Security Officer (CISO) / Information System Security Manager (ISSM) on all matters, technical and otherwise, involving systems under my control. Demonstrated skill identifying business risks and compliance issues and designing proactive solutions. Background designing and implementing layered network security approaches.

Overview

4
4
years of professional experience
2
2
Certificates

Work History

Information Systems Security Officer

N3B
Los Alamos, NM
06.2020 - Current
  • Execute the A&A process to include determining the system categorization, identifying the minimum security controls and any additional security controls needed, implementing the security controls, and generating the System Security Plan (SSP).
  • Execute configuration management practices as required by Department policies and procedures, Configuration Management Plan (CMP), Contingency Plans, Risk Assessment Plan, Business Continuity Plan, Incident Response Plan etc.
  • Investigate all suspected cybersecurity incidents in accordance with Department directives and applicable DOE Risk Management Implementation Plans (RMIPs).
  • Execute processes and procedures for protecting SUI, including PII.
  • Respond proactively to information and alerts disseminated by the DOE iJC3 to include performing consequence analyses and corrective actions.
  • Create a Plan of Actions and Milestones (POA&M) for correction of vulnerabilities discovered during audits, OMB A-123 Internal Control Review, IV&V, SCA, Vulnerability Assessment, and IT Acquisition Review (ITAR) process.
  • Manage server security by applying released microsoft patches and launching remediation scans in Tenable.SC.
  • Attend weekly CISA Sites Calls to discuss vulnerabilities been exploited in the wild.
  • Perform Vendor/Supply chain risk assessment and document a security impact analysis (SIA).


Information Systems Security Officer

Goldbelt Hawk, LLC
Herndon, VA
04.2018 - 06.2020
  • Worked alongside the Information Assurance Engineers to perform EDA’s RMF for all its funding and grants systems and applications on-premises and on the AWS Gov Cloud.
  • Lead the security assessment and authorization activities for EDA’s Information systems – Maintaining 100% ATO status.
  • Worked alongside the Information Assurance Engineers and System Administrators to follow the DOC ITSBP RMF guide to identify, implement, assess, and manage cybersecurity capabilities and services, expressed as security controls, and authorizing the operation of an information system for EDA.
  • Lead cybersecurity related audits, inspections, and assessments.
  • Ensured EDA’s Information Systems comply with NIST Risk Management Framework, NIST cybersecurity framework, DOC ITSBP cybersecurity services evaluator scoring metrics, and EDA’s internal IT operating procedures.
  • Worked alongside the information assurance engineers and system administrators in taking the appropriate remediation actions associated with findings from inspections and evaluations.
  • Conducted weekly/ad-hoc audits, inspections and assessment reports, as well as remediation status briefings and writing reports
  • Developed System Security Contingency plans, Disaster Recovery Plans and other A&A artifacts to include SSP, PTA, PIA, Business Continuity Plan, Configuration Management Plan and Contingency Plan Test
  • Liaised with EDA’s Cloud vendors to draft the shared responsibility security model for our instances operating in the AWS Gov Cloud environment and to ensure FedRAMP compliance.
  • Developed and implement training and awareness programs as required to ensure that systems, networks, and data users are aware of, understand, and adhere to systems security policies and procedures.
  • Ensured the rigorous application of information security / information assurance policies, principals, and practices in the delivery of all IT services.
  • Drafted separate IAM policies for all applications and systems under my jurisdiction.
  • Drafted a POA&M process guide to aid in better management and resolution of POA&Ms.

Education

Master of Science - Cybersecurity Policy And Compliance

George Washington University, The
Washington, DC
05.2020 - 05.2020

Bachelor of Science - Business Administration

Kwame Nkrumah University of Science And Technology
Ghana
07.2009 - 07.2009

Skills

    Implementing security programs

undefined

Certification

CompTia Sec+

Timeline

Information Systems Security Officer

N3B
06.2020 - Current

Master of Science - Cybersecurity Policy And Compliance

George Washington University, The
05.2020 - 05.2020

AWS Certified Solutions Architect (Associate)

05-2020

CompTia Sec+

01-2020

Information Systems Security Officer

Goldbelt Hawk, LLC
04.2018 - 06.2020

Bachelor of Science - Business Administration

Kwame Nkrumah University of Science And Technology
07.2009 - 07.2009

Tools

  • RSA Archer
  • CSAM
  • Cylance
  • Carbon Black
  • Nmap
  • Burpsuite
  • Tenable.SC
  • Splunk
  • Cisco Firepower
  • mRemoteNG


Tools

  • RSA Archer
  • CSAM
  • Cylance
  • Carbon Black
  • Nmap
  • Burpsuite
  • Tenable.SC
  • Splunk
  • Cisco Firepower
  • mRemoteNG


Similar Profiles

  • Aaron Andress

    Aaron AndressAaron Andress

    Operations Center Operator - Nuclear Operator 4 at N3BOperations Center Operator - Nuclear Operator 4 at N3B

    View Profile
  • Ricardo Tipan

    Ricardo TipanRicardo Tipan

    Operations Management and Quality Control Lead at Likewize WarehouseOperations Management and Quality Control Lead at Likewize Warehouse

    View Profile
  • Perla Guzman

    Perla GuzmanPerla Guzman

    Accounts Receivable Manager & Office Administrator at Bill Doran CompanyAccounts Receivable Manager & Office Administrator at Bill Doran Company

    View Profile
Adotey AcquayeISSO