Profiles search
Ola O.
Sr. Information Security Specialist at Conceras
Washington D.C., DC, United States
Details
Experience:
- Serve as Subject Matter Expert (SME) on one or more technologies/skills related to A&A activities
- Lead or attend meetings with stakeholders to discuss statuses of efforts and provide plan of actions including recommendations
- Conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs
- Actively lead and participate in regular A&A status meetings with government and contract personnel to facilitate progress and address potential issues of RMF system efforts
- Participate in sessions aimed at identifying, planning, and executing strategies in response to emerging cybersecurity/RMF policies
- Maintain awareness and knowledge of evolving security and risk management standards and communicate and apply relevant changes to existing processes
- Assessing systems using NIST 800-53 and/or DISA STIGs and SRGs
- RMF policy development, process improvement, and strategy implementation
Knowledge in Continuous Monitoring and Risk Scoring (CMRS), ACAS and HBSS including eMASS
2021 : Present
Conceras
Sr. Information Security Specialist
- Lead, advise, and educate stakeholder on cybersecurity and anti-tamper concepts and solutions
- Prepare briefings to obtain approvals by government agencies for contracted efforts
- Performed cybersecurity tasks in each phase of the Risk Management Framework (RMF) and
create entire authorization packages to obtain an Authority to Operate (ATO) for DoD Information Systems
- Interact with System Program Office and Authorizing Official key personnel during all phases of the RMF
- Support Information System Security Managers and System Owner (ISSM/SO) during Continuous Monitoring Phase of the RMF as technical Subject Matter Expert
- Work with System Owners to develop and perform periodic assessment of Information Systems
- Reviewed, analyze, and coordinate remediation of vulnerability scans and other vulnerability information. Recommend corrective action and review remediation actions for effectiveness
- Maintain Plans of Actions and Milestones (POA&Ms) and provide timely updates on their status
- Perform system assessments and reaccreditations within required timeframes
2019 : 2021
Zentek Consulting
Sr. Information Systems Security Officer (ISSO) - Defence Information System Agency(DISA)
Engagement : Department of Homeland Security (DHS)/Federal Emergency Management Agency (FEMA)
Assigned to support OCIO - Federal Emergency Management Agency (FEMA) as an Information Systems Security Officer (ISSO)/ Audit Liaison Support Role.
•Perform Security Controls testing to audit and inspect system security controls, processes and procedures
•Manage and track system security requirements during all phases of the system's life cycle for all operational and development projects
•Develop and update system documentation for information system authorization, security management and continuous monitoring
2018 : 2019
Dogwood Management Partners LLC
Sr. Information Systems Security Officer (ISSO)/ Audit Liaison Support
Engagement : Department of Justice (DOJ)/Drug Enforcement Agency (DEA) – Cybersecurity Assessment Unit. Ola was assigned to support Department of Justice (DOJ)/DEA Cybersecurity Assessment Unit as an Information Security Assurance performing various roles including Security Assessment and Authorization (SA&A) activities, Validator, vulnerability scan analysis, continuous monitoring, and POAMs remediation effort and Security Engineering etc. using various NIST guidance.
2018 : 2018
NTT DATA Services
Sr. RMF Analyst/Information Security Assurance
Engagement : Department of Justice (DOJ)/Office of Justice Program (OJP) – OCIO
Responsible for performing information Security Assessment and Authorization of Federal Information System and A- 123 IT assessment audit as relate to DOJ/OJP. Ola help in developing Assessment & Authorization package for compliance within NIST guidance, FedRAMP including System Security Plans (SSP), System Categorization documents, FIPS 199 Security Categorizations, and Risk Assessments, Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M) and A-123 Assessment using Cyber Security Assessment & Management(CSAM) tool for performing active NIST-based security assessments.
2016 : 2018
Ernst & Young Global Consulting Services
Senior IT Auditor/Security Control Assessor
- Lead or attend meetings with stakeholders to discuss statuses of efforts and provide plan of actions including recommendations
- Conduct risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs
- Actively lead and participate in regular A&A status meetings with government and contract personnel to facilitate progress and address potential issues of RMF system efforts
- Participate in sessions aimed at identifying, planning, and executing strategies in response to emerging cybersecurity/RMF policies
- Maintain awareness and knowledge of evolving security and risk management standards and communicate and apply relevant changes to existing processes
- Assessing systems using NIST 800-53 and/or DISA STIGs and SRGs
- RMF policy development, process improvement, and strategy implementation
Knowledge in Continuous Monitoring and Risk Scoring (CMRS), ACAS and HBSS including eMASS
2021 : Present
Conceras
Sr. Information Security Specialist
- Lead, advise, and educate stakeholder on cybersecurity and anti-tamper concepts and solutions
- Prepare briefings to obtain approvals by government agencies for contracted efforts
- Performed cybersecurity tasks in each phase of the Risk Management Framework (RMF) and
create entire authorization packages to obtain an Authority to Operate (ATO) for DoD Information Systems
- Interact with System Program Office and Authorizing Official key personnel during all phases of the RMF
- Support Information System Security Managers and System Owner (ISSM/SO) during Continuous Monitoring Phase of the RMF as technical Subject Matter Expert
- Work with System Owners to develop and perform periodic assessment of Information Systems
- Reviewed, analyze, and coordinate remediation of vulnerability scans and other vulnerability information. Recommend corrective action and review remediation actions for effectiveness
- Maintain Plans of Actions and Milestones (POA&Ms) and provide timely updates on their status
- Perform system assessments and reaccreditations within required timeframes
2019 : 2021
Zentek Consulting
Sr. Information Systems Security Officer (ISSO) - Defence Information System Agency(DISA)
Engagement : Department of Homeland Security (DHS)/Federal Emergency Management Agency (FEMA)
Assigned to support OCIO - Federal Emergency Management Agency (FEMA) as an Information Systems Security Officer (ISSO)/ Audit Liaison Support Role.
•Perform Security Controls testing to audit and inspect system security controls, processes and procedures
•Manage and track system security requirements during all phases of the system's life cycle for all operational and development projects
•Develop and update system documentation for information system authorization, security management and continuous monitoring
2018 : 2019
Dogwood Management Partners LLC
Sr. Information Systems Security Officer (ISSO)/ Audit Liaison Support
Engagement : Department of Justice (DOJ)/Drug Enforcement Agency (DEA) – Cybersecurity Assessment Unit. Ola was assigned to support Department of Justice (DOJ)/DEA Cybersecurity Assessment Unit as an Information Security Assurance performing various roles including Security Assessment and Authorization (SA&A) activities, Validator, vulnerability scan analysis, continuous monitoring, and POAMs remediation effort and Security Engineering etc. using various NIST guidance.
2018 : 2018
NTT DATA Services
Sr. RMF Analyst/Information Security Assurance
Engagement : Department of Justice (DOJ)/Office of Justice Program (OJP) – OCIO
Responsible for performing information Security Assessment and Authorization of Federal Information System and A- 123 IT assessment audit as relate to DOJ/OJP. Ola help in developing Assessment & Authorization package for compliance within NIST guidance, FedRAMP including System Security Plans (SSP), System Categorization documents, FIPS 199 Security Categorizations, and Risk Assessments, Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M) and A-123 Assessment using Cyber Security Assessment & Management(CSAM) tool for performing active NIST-based security assessments.
2016 : 2018
Ernst & Young Global Consulting Services
Senior IT Auditor/Security Control Assessor
Company:
Conceras
About
Self-driven individual, committed, and passionate cybersecurity professional; engaged in ensuring security of critical and non-critical information systems. With a strong background in NIST, FISMA, compliance testing, IT security, security engineering, FedRamp, IT audit, and project management in achieving optimal performance.
A subject matter expert (SME) in risk management framework. Strategically led various teams of security assessors across many federal agencies through large complex system assessments to meet regulatory compliance requirements in a most cost-efficient manner.
Profile Photo
