Justice Ntiako Antwi
Royse City
Summary
Proven Senior Information Systems Security Officer with expertise in NIST 800-53, RMF compliance, and vulnerability assessments. Skilled in incident response and systems engineering, ensuring robust security controls and effective remediation strategies.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Senior Information Systems Security Officer
VMD Corp.
08.2024 - Current
- Provide cyber security support and technical services support.
- Maintenance of RMF A&A packages artifacts and supporting the accreditation process from step 1 through 6.
- Provide Systems Engineering Support for Hardware/Software and Independent Verification and Validation (IV&V)
- Ensure all required system security controls are implemented correctly, operating as intended, and producing the desired outcome.
- Review existing policies, procedures and guidelines to ensure compliance with DHS and Security/Information Assurance (IA) Policy.
- Assist and when required, conduct vulnerability scans of assigned networks and databases.
- Provide assistance in the remediation of vulnerabilities identified through network scans.
- Support IA strategic planning activities to evaluate enterprise services through the assessment of priorities and risk.
- Coordinate changes or modifications to hardware, software, or firmware of a system with the applicable cybersecurity entities prior to a change.
- Support the performance of periodic reviews of security controls for responsible systems.
- Assist in the development of a Systems Engineering Risk Management Plan including the stand-up and operation of a Risk Management Board (RMB) that is consistent and compatible with current U.S. Navy Risk Management practices where applicable.
- Develop and maintain a Plan of Action and Milestone (POA&M) for all IA-related tasks and deliverables in accordance with the Security Technical Implementation Guide (STIG).
- Develop Risk Assessment Reports (RARs) based on vulnerability test results, automated scan reviews, Assured Compliance Assessment Solution (ACAS) scans, and other DoD-mandated assessment-utilities.
- Document A&A-information in the A&A Package consistent with all other Packages, and ensure that there are no omissions.
- Input reports in CSAM, or deliver in MS Office-products/Visio formats, as appropriate.
- I use CSAM to maintain information about all DOI IT systems and I provide information assurance program officials with the capability to assess, document, manage and report on the status of information technology for security authorization processes in the risk management framework.
- I help maintain and provide advice to customers in securing the operating system, securing data in the cloud, protecting the network layer, and managing security monitoring, alerts, Audit Trails, and incident response.
Senior Information Systems Security Officer
OM Group Inc.
07.2022 - 08.2024
- Lead and manage organizational information security programs ensuring compliance with NIST, ISO 27001, and FISMA standards.
- Conduct risk assessments, vulnerability scans, and penetration tests to identify and mitigate security risks.
- Develop and enforce cybersecurity policies and procedures, training employees on security best practices.
- Oversee Assessment and Authorization (A&A) packages, ensuring all security controls meet NIST 800-53 R4 guidelines.
- Perform system categorization and security assessments using FIPS 199 and NIST 800-60.
- Prepare security documentation such as System Security Plans (SSP), Risk Assessments (RA), and Security Assessment Reports (SAR).
- Lead security audits and compliance reviews with internal teams and external stakeholders.
Senior Information Systems Security Officer
ELLUMEN
06.2021 - 07.2022
- Implemented Risk Management Framework (RMF) activities to achieve Authority to Operate (ATO).
- Developed and maintained security documentation, policies, and incident response plans.
- Conducted risk and vulnerability assessments utilizing DISA SCAP Compliance Checker and ACAS.
- Spearheaded incident response efforts, analyzing root causes and strengthening security postures.
- Led awareness training programs on security risks and compliance for employees.
Senior Information Systems Security Officer
Life Cycle Engineering
02.2020 - 06.2021
- Provided cybersecurity support for Naval Surface Warfare Center (NSWC-PD) systems.
- Conducted security assessments, vulnerability scans, and audits to ensure compliance with DoD security frameworks.
- Reviewed security controls and conducted RMF documentation updates.
- Managed eMASS entries and security package submissions for ATO processes.
- Created and updated Plans of Action and Milestones (POA&M) for risk mitigation.
Information Systems Security Officer
Paradigm Precision
08.2018 - 02.2020
- Assisted in risk assessments, compliance auditing, and vulnerability management.
- Provided guidance on security controls and remediation strategies for compliance with NIST 800-53.
- Conducted security scans using Tenable Nessus and Nmap.
- Ensured security documentation compliance and continuous monitoring efforts.
Information Systems Security Officer
XPO Logistics
03.2015 - 07.2018
- Led risk assessments, vulnerability scans, and remediation efforts.
- Implemented security controls and conducted training on cybersecurity best practices.
- Developed Security Assessment Reports (SAR) and POA&M documentation.
- Achieved ATO approvals and maintained continuous security monitoring.
Education
Master of Science - Cybersecurity
Mercy College
Dobbs Ferry, NY01.2021
Skills
- Kali Linux
- Windows 10
- Mac OS
- Android
- Python
- JavaScript
- HTML
- CSS
- EMASS
- Vulnerator
- Nessus IQ
- CSAM
- ACAS
- Splunk
- Arctic Wolf
- Archer
- BigFix
- Nmap
- Wireshark
- Jenkins
- Twistlock
- NIST 800-53
- NIST 800-37
- NIST 800-60
- ISO 27001
- FIPS 199
- RMF
- Jira
- Rally
- TFS
- Microsoft Office Suite
- Active Directory
- Microsoft Exchange
- Citrix
- ATO
- POA&M
- Security Control Assessment (SCA)
- Privacy Impact Assessments (PIA)
- Contingency Planning
Affiliations
- (ISC)² – Member
- Information Systems Audit and Control Association (ISACA) – Member
- CompTIA Cybersecurity Community – Active Participant
- AWS Cloud practitioner - Member
Certification
- Security Clearance, Secret Active, Interim Top Secret
- Navy Qualified Validator II
- Certified Ethical Hacker (CEH)
- CompTIA Security+
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified Information Systems Security Professional (CISSP), In Progress
- CompTIA Advanced Security Practitioner (CASP+)
- Networking Fundamentals (MTA)
- AWS Certified Cloud Practitioner
Relevant Training Professional Development
- Defense Information Systems Agency (DISA) ACAS Version 5.3
- Enterprise Mission Assurance Support Service (eMASS) Training
- Security Training, Education, and Professionalization Portal (STEPP)
- SCAP Compliance Checker & STIG Implementation
- Incident Response & Risk Mitigation Training
Timeline
Senior Information Systems Security Officer
VMD Corp.
08.2024 - Current
Senior Information Systems Security Officer
OM Group Inc.
07.2022 - 08.2024
Senior Information Systems Security Officer
ELLUMEN
06.2021 - 07.2022
Senior Information Systems Security Officer
Life Cycle Engineering
02.2020 - 06.2021
Information Systems Security Officer
Paradigm Precision
08.2018 - 02.2020
Information Systems Security Officer
XPO Logistics
03.2015 - 07.2018
Master of Science - Cybersecurity
Mercy College
Similar Profiles
Sulamita SobchukSulamita Sobchuk
Transportation Security Officer (TSO) at VMD CORPTransportation Security Officer (TSO) at VMD CORP
Nira AihemaitiNira Aihemaiti
QA Automation Engineer at VMD CorpQA Automation Engineer at VMD Corp
Janell MaegerJanell Maeger
Marketing and Engagement Manager at VMD CorpMarketing and Engagement Manager at VMD Corp
Aritzy SanchezAritzy Sanchez
Receptionist Part Time at Custom Recycling SolutionsReceptionist Part Time at Custom Recycling Solutions
Kamrynn LeeKamrynn Lee
Shift Leader at Golden ChickShift Leader at Golden Chick