Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Timeline
Generic
KWABENA ADDO

KWABENA ADDO

Information System Security Officer
NEW YORK,NY

Summary

Detail-oriented and mission-focused Information System Security Officer (ISSO) / Security Control Assessor (SCA) with a strong commitment to upholding the principles of Confidentiality, Integrity, and Availability (CIA). Skilled in implementing NIST RMF, conducting security assessments, and ensuring compliance with federal cybersecurity standards. Seeking to support secure and resilient information systems in a high-impact environment.

Experienced with implementing comprehensive security measures to protect information systems against unauthorized access. Utilizes advanced threat detection and response techniques to maintain system integrity. Strong understanding of regulatory compliance and risk management strategies.

Overview

9
9
years of professional experience
2026
2026
years of post-secondary education
2
2
Certifications
1
1
Language

Work History

Information System Security Officer

US Army
San Francisco, California
05.2022 - 04.2025
  • Implemented and maintained security controls in accordance with the DoD Risk Management Framework (RMF).
  • Support Assessment & Authorization (A&A) processes to help systems obtain and maintain their Authority to Operate (ATO).
  • Developed and maintain security documentation (SSP, SAR, POA&M, SAP)
  • Evaluated security solutions to ensure they meet security requirements for processing classified information
  • Managed and controlled changes to the system and assessed the security impact of those changes
  • Maintained operational security posture for an information system or program
  • Monitored systems for security vulnerabilities and incidents.
  • Ensured timely patching and updates to meet Army cybersecurity requirements.
  • Coordinated with Information System Security Managers (ISSMs) and Cybersecurity Service Providers (CSSPs).
  • Enforced the least privileged and need-to-know access policies.
  • Managed and enforced configuration management change processes to maintain system integrity and compliance with security requirements.
  • Conducted or support cybersecurity awareness training for system users.
  • Led information security awareness efforts, ensuring team compliance with classified and unclassified data handling procedures.
  • Worked closely with system owners, developers, network engineers, and higher headquarters.
  • Prepared for inspections, audits and respond to findings.

Cybersecurity Assessor

Amazon.com
09.2016 - 02.2019
  • Reviewed and validated security-related documentation, including System Security Plans (SSPs), Policies & Procedures, Risk Assessments, and POA&Ms.
  • Assessed and monitored organizational compliance with security frameworks such as NIST 800-53, FedRAMP, SOC 2, HIPAA, ISO 27001, and PCI DSS.
  • Tracked and documented security control implementations using internal systems and tools.
  • Coordinated and supported security assessments and readiness reviews by organizing evidence and guiding teams on compliance gaps.
  • Prepared assessment reports, summaries, and presentations for internal stakeholders and external auditors.
  • Documented and monitored remediation efforts for identified risks or compliance findings.
  • Acted as a liaison between cybersecurity teams, business units, compliance officers, and auditors.
  • Interpreted compliance requirements and translated them into actionable project or process tasks.
  • Coordinated meetings, timelines, and deliverables across multiple teams.
  • Supported risk analysis efforts by collecting documentation and assisting in risk prioritization based on business impact.
  • Communicated cybersecurity risks to non-technical stakeholders in clear, business-focused language.
  • Maintained strong awareness of evolving compliance obligations and industry best practices.

Education

MBA - Concentration in Cybersecurity

American Public University
Charles Town, WV

Skills

NIST SP 800 series, FISMA, FedRAMP, ISO 27001, PCI, DSS, HIPAA, CSF, STIG

User awareness training

Endpoint protection

Assessment & Authorization (A&A), Continuous Monitoring (ConMon), POA&Ms, SSP, SAR, SAP, ISCP, Microsoft Defender, BitLocker, Nessus/Tenable, Xacta, Wireshark, Nmap

AWS, Microsoft Azure, ServiceNow (SNOW), Jira, SharePoint, MS Office Suite

Security documentation writing/review (SSP, SAR, SAP, etc), eMASS, SCAP Compliance Checker, RMF

Strong written and verbal communication, Attention to detail and accuracy, Critical thinking and analytical skills, Presentation and briefing skills (eg, for ATOs or audits), Process improvement and continuous learning mindset, Time management and task prioritization, Leadership and mentoring of junior staff, Adaptability in dynamic environments, Team player

Certification

ComptiA Security+

Accomplishments

  • Achieved [Result] through effectively helping with [Task].
  • Resolved product issue through consumer testing.

Timeline

Information System Security Officer

US Army
05.2022 - 04.2025

Cybersecurity Assessor

Amazon.com
09.2016 - 02.2019

MBA - Concentration in Cybersecurity

American Public University

Similar Profiles

  • OSMAN KAMARAOSMAN KAMARA

    Information System Security Officer at ManTechInformation System Security Officer at ManTech

  • Kurt EisingerKurt Eisinger

    Cyber Security Engineer: Team Lead at Infosys Cloud & Infrastructure ServicesCyber Security Engineer: Team Lead at Infosys Cloud & Infrastructure Services

  • Mary AkinmusireMary Akinmusire

    Information Security Analyst at Universal Health ServicesInformation Security Analyst at Universal Health Services

  • Esther ChefoinEsther Chefoin

    Cloud infrastructure Security Eng at IBMCloud infrastructure Security Eng at IBM

CREATE PROFILE
KWABENA ADDOInformation System Security Officer