Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Oluwaseyi Oluwafemi

Houston,TX

Summary

Experienced Information Systems Security Officer (ISSO)/Cybersecurity Analyst with a military background and a Master’s in Cybersecurity and Information Assurance. Over 5 years of experience safeguarding classified/unclassified DoD systems through RMF and ATO lifecycle management, risk assessment, and continuous monitoring. Proficient in implementing NIST 800-53, 800-37, DoDI 8510.01, ISO 27001, and FISMA standards to ensure compliance and mission assurance. Skilled in threat analysis, incident response, vulnerability management, and STIG validation using tools such as Splunk, CrowdStrike, and ACAS/Nessus. Holds an Active Security Clearance, CompTIA Security+ CE, and CISA certification, with a proven ability to enforce policy, mitigate risk, and strengthen enterprise cybersecurity resilience.

Overview

7
7
years of professional experience
1
1
Certification

Work History

Information Systems Security Officer

Puyenpa Services LLC
06.2025 - Current
  • Oversee RMF compliance for multiple DoD systems, ensuring ongoing ATO and compliance with DoDI 8510.01 and NIST SP 800-53 Rev. 5.
  • Develop and maintain core cybersecurity documentation including SSP, SAR, POA&M, SIA, and security control evidence packages.
  • Perform STIG validations for operating systems, network devices, and databases to ensure DISA compliance.
  • Conduct vulnerability analysis using ACAS/Nessus and coordinate remediation actions with system administrators.
  • Track open findings and mitigation strategies through POA&M and ConMon dashboards.
  • Monitor and review event logs on Splunk to detect suspicious or unauthorized activities.
  • Collaborate with ISSM and AO staff during system audits, reauthorization reviews, and ATO renewals.
  • Participate in change management and configuration control boards to evaluate cybersecurity impact of system modifications.

Information System Security Officer

McCall Communications
07.2023 - 05.2025
  • Led Risk Management Framework (RMF) implementation, ensuring compliance with NIST SP 800-53 Rev. 4 and NIST SP 800-37.
  • Maintained system Authorization to Operate (ATO) by developing and reviewing SSP, SAR, POA&M, and other security documentation.
  • Reviewed new and existing systems for technical compliance with Information Assurance (IA) directives and ensured the protection of data at all classification levels.
  • Reviewed ACAS scans to identify security gaps, misconfigurations, and compliance risks; executed SCAP compliance checks to validate configurations against DISA STIGs and security baselines.
  • Managed TEMPEST package compliance and NDCI reviews ensuring classified systems met all applicable security mandates.
  • Reviewed Firewall Exception Requests (FER) for PPSM to ensure proposed ports and services were not deny-listed or non-compliant, initiating approval workflows in eMASS.
  • Spearheaded incident response efforts, minimizing downtime and data loss across multiple mission systems.
  • Maintained compliance with FedRAMP and DoD cybersecurity standards, supporting continuous authorization activities.
  • Conducted security awareness training and mentored newly hired employees to enhance organizational cybersecurity maturity.

Cybersecurity Analyst

Weaver
09.2021 - 07.2023
  • Monitored and analyzed SIEM alerts using Splunk and QRadar to detect suspicious activity, reducing mean time to detect (MTTD) by 40%.
  • Conducted daily incident triage, forensic evidence collection, and root cause analysis to identify and contain security incidents.
  • Collaborated with IT and network teams to implement firewall rules and endpoint protection measures, strengthening the organization’s overall security posture.
  • Managed vulnerability scanning with Nessus and coordinated remediation with system owners to maintain continuous compliance.
  • Contributed to threat-hunting operations using MITRE ATT&CK and custom Splunk queries to proactively identify adversarial behavior.
  • Managed and monitored endpoint protection using CrowdStrike Falcon, ensuring rapid detection and containment of malware and lateral movement activity.
  • Analyzed endpoint alerts and threat telemetry in CrowdStrike Falcon Console to identify and respond to potential intrusions.
  • Integrated CrowdStrike data with SIEM tools (Splunk&QRadar) to enhance threat visibility across enterprise assets.
  • Utilized Falcon Insight for behavioral analytics and threat hunting, reducing endpoint compromise incidents by 30%.

Information Security Associate

Nice-Pak
04.2019 - 09.2021
  • Conducted regular system and network audits to assess compliance with NIST 800-53 and internal cybersecurity policies.
  • Supported SOC operations by collecting, correlating, and escalating security events for Tier 2 investigation.
  • Created incident reports and risk analysis summaries for management review and corrective actions.
  • Assisted in implementing multi-factor authentication (MFA) and endpoint encryption, reducing account compromise incidents by 25%.

IT Support Specialist

Bell Techlogix
10.2018 - 04.2019
  • Used ticketing systems to manage and process support actions and requests.
  • Managed high levels of call flow and responded to technical support needs.
  • Configured hardware, devices, and software to set up work stations for employees.
  • Installed and configured operating systems and applications.
  • Diagnosed and troubleshot hardware, software and network issues.
  • Responded to customer inquiries and provided technical assistance over phone and in person.

Education

Master of Science - Cybersecurity And Information Assurance

Western Governors University
Indianapolis, IN
05-2021

Bachelor of Technology (B.Tech) - Atmospheric Sciences And Meteorology

Federal University Of Technology Akure (FUTA)
Akure, Nigeria
02-2012

Skills

    CORE COMPETENCIES

  • Risk Management Framework (RMF)
  • System Authorization (ATO/ATC)
  • Security Control Implementation & Assessment
  • eMASS & OpenRMF Documentation
  • Continuous Monitoring (ConMon)
  • Security Auditing & Assessment (ST&E)
  • STIG Validation & Vulnerability Management
  • POA&M Creation and Tracking
  • Security Impact Analysis (SIA)
  • Security Operations (SOC) Monitoring
  • Incident Detection and Response (IR)
  • Threat Intelligence & Analysis
  • Vulnerability Assessment & Remediation
  • Log Analysis & SIEM Correlation
  • Risk Assessment & Management
  • Network Security & Traffic Analysis
  • Security Policy Development
  • Compliance (NIST, ISO 27001, GDPR)
  • Policy & Procedure Development
  • Configuration Management (CM)

    • TECHNICAL SKILLS

    SIEM/Security Tools: Splunk, IBM QRadar, eMASS, OpenRMF, STIG Viewer, STIG Manager, Vulnerator
    EDR & Threat Tools: CrowdStrike Falcon, Security Onion

    Vulnerability Scanners: ACAS/Nessus, Qualys, OpenVAS, Nmap

    Frameworks: NIST 800-53, 800-37, 800-137, DoDI 851001, FISMA, FedRAMP, DISA STIGs, MITRE ATT&CK
    Ticketing Systems: ServiceNow, Jira
    Networking Tools: Wireshark, tcpdump
    Scripting: Python, PowerShell (basic automation)
    Documentation: SSP, SAR, POA&M, RAR, SIA, ISA, SLA

Certification

  • CompTIA Security + CE
  • CISA - Certified Information Systems Auditor
  • CISSP - Certified Information System Security Professional (In-view)

Timeline

Information Systems Security Officer

Puyenpa Services LLC
06.2025 - Current

Information System Security Officer

McCall Communications
07.2023 - 05.2025

Cybersecurity Analyst

Weaver
09.2021 - 07.2023

Information Security Associate

Nice-Pak
04.2019 - 09.2021

IT Support Specialist

Bell Techlogix
10.2018 - 04.2019

Master of Science - Cybersecurity And Information Assurance

Western Governors University

Bachelor of Technology (B.Tech) - Atmospheric Sciences And Meteorology

Federal University Of Technology Akure (FUTA)

Similar Profiles

CREATE PROFILE
Oluwaseyi Oluwafemi