Akintomiwa Olude

-Email me on Indeed: http://www.indeed.com/r/Akintomiwa-Olude/28935db4dbb27b66

Akin is an experienced Cybersecurity professional with extensive leadership experience and proficient
in NIST Cyber Security Framework, ISO 27001/27002, NIST 800-Series, FedRAMP, 
PCI, COBIT, and COSO frameworks. He has over 9 years of professional experience in 
Assessment and Authorization, NIST 800-37 Risk Management Framework (RMF), The Federal 
Risk and Authorization Management Program (FedRAMP), POA&M management and 
Operational Policy and Procedures. Experience in all phases of preparing and reviewing complete 
Assessment and Authorization (A&A) packages for information technology systems and applications as
defined by the Federal Information Security Modernization Act (FISMA 2014) and implemented by the
guidance of the National Institute of Standards and Technology (NIST). 
Outstanding project and program leader, able to coordinate and direct all phases of project-based
efforts while managing, motivating, and guiding teams.

Work Experience

Cybersecurity PM/SCA
Randstad Technologies - Washington, DC
June 2020 to Present
• Serve as the main liaison and driving force for completing all Security Authorization
(SA), OA, Preliminary Risk Assessment, and ad hoc risk assessment efforts
• Conduct, evaluate, and analyze vulnerability results from ATO assessments, penetration tests, or ad
hoc risk assessments and create POA&M from results
• Execute day-to-day FISMA compliance monitoring, ensuring that all FISMA activities, including
Continuous Diagnostic and Mitigation (CDM) program activities, are prioritized correctly, completed on
schedule, and are in accordance with client policies
• Develop security assessment documentation to include Security Assessment Plans (SAP),
Security Assessment Reports (SAR), ATO Letters, ATO Recommendation Memo, Risk
Assessment Memos, POA&M finding matrices, OA artifacts, etc.
• Lead and manage the development of the Risk Management Framework (RMF) package(s) in order to
achieve an Authority to Operate (ATO)
• Ensure the implementation of the established security controls and control statements have been
entered into the cyber-Security Assessment and Management (CSAM)
• Review Cloud Service Provides (CSP) FedRAMP package as part of continuous monitoring.
• Review cloud deployment models (SaaS, PaaS and IaaS) and apply appropriate security controls to
client’s environment
• Resolve any cloud specific matters with CSP
AKINTOMIWA OLUDE, CISSP, CDPSE, CMMC-RP, PMP, PSM, ITIL, Security+

Cybersecurity Lead
Jacobs Technologies - NM, ISSM
April 2018 to June 2020
• Support, implement, maintain, and monitor security and privacy controls in compliance with FISMA and
NIST RMF requirements and guidance.
• Plan, document, implement, assess, maintain, and monitor security and privacy controls in accordance
with requirements, policies, standards, processes, and procedures documented in the NIST 800-53 family
of security controls. Conducting required vulnerability analysis to support mitigation and residual risk
determination.
• Assist the client in reviewing or modifying security documentation to ensure it maintains quality and
accuracy of their system(s).
• Managed Information Security Controls Assessment (SCA) and Information Technology
Audit engagements to achieve compliance with regulatory and security requirements.
• Create and review POAM’s within the eMASS tool for all security controls having weaknesses and
deficiencies
• Ensure Plan of Action & Milestone (POA&M) and other compliance and vulnerability issues are
remediated in a timely fashion.
• Provide security expertise and guidance in support of security assessments.
• Create, maintain and update ATO related deliverables such as Contingency Plan (CP),
Business Impact Analysis (BIA), Privacy Threshold Analysis (PTA), Privacy Impact
Assessment (PIA), Security Assessment Report (SAR), Plan of Action and Milestones
(POA&Ms) and Security Monitoring Reports.
• Attend weekly status meeting with management to discuss progress, issues, accomplishments and/or
new ideas to improve the security posture.
• Work with several groups to obtain information to update the security controls implementation
statement and/or tailor (inherited, hybrid, not applicable) the security controls according to its nature.
Rhema Group Consulting, VA CONSULTANT 07/2015 – 04/2018
• Provides support to client in executing the NIST RMF process to enforce security policy compliance as
well as to complete annual SA&A requirements
• Develops and conducts Privacy Threshold Assessments (PTA) and Privacy Impact
Assessments (PIA) in conjunction with stakeholders and system owners.
• Recommends strategic remediation measures and safeguards to system stakeholders based upon NIST
guidelines and industry best practice.
• Initiates and tracks remediation of vulnerabilities as they are uncovered using the Plan of
Actions and Milestones (POA&Ms).
• Assesses security categorizations using FIPS 199 and NIST SP 800-60 to verify the categorization is
adequate and commensurate with the data that is processed.
• Maintains FISMA compliance and Authority to Operate (ATO) for systems per the NIST
SP 800-37 Risk Management Framework (RMF).
• Reviews and manages Plan of Action and Milestones (POA&Ms) and other security assessment reports
to ensure all suspense are met or risk mitigation factors are acceptable to the System Owner
• Engages system stakeholders in the Control Selection Meeting, Control Assessment
Meeting and Findings Review meetings
AKINTOMIWA OLUDE, CISSP, CDPSE, CMMC-RP, PMP, PSM, ITIL, Security+

Consultant
Mac Jason Consult - Sugar Land, TX
August 2011 to July 2015
• Implemented the Assessment and Authorization (A&A) process to improve the security posture of the
client’s information systems
• Performed all stages of audit, including planning, fieldwork/execution, documentation/reporting and
follow-up.
• Identified IT audit findings and prepared draft audit reports of findings and recommendations to senior
management.
• Engaged client management and staff at all levels to conduct audit services.
• Assessed potential vulnerabilities around the storage, processing and transmittal of
Personal Identifiable Information (PII); where applicable, conducted Privacy Threshold
Analysis (PTA) to initiate corrective measures.
• Organized follow-up activities to ensure the prompt and proper resolution and implementation of
corrective action plan.
• Ensured all POA&M actions were tested and completed in accordance with project deadlines.
• Captured control weaknesses related to testing exceptions in thorough documentation.
• Maintained deliverables in A&A repository (CSAM)
• Conducted reviews of Contingency Plans (CP) and executed Contingency Plan Tests
(CPT)
• Collaboratively led weekly meetings with upper management on updates on POA&M tracking.
• Built and maintained client trust to enhance customer satisfaction
• Documented, tested and reviewed internal controls.

• Complete monthly ConMon for cloud systems

• Proficient in utilizing the Cyber security Assessment requirements and Management

(CSAM) tool to manage the SA&A workflow and associated documents.
• Prepares and provides evidence artifacts to support security controls assessment efforts.
• Evaluates evidence to ensure assessment objectives are achieved
• Conducts reviews of security related documentation (System Security Plans,
Configuration Management Plans)
• Meets strict deadlines and achieves deliverables per the project schedule.

Education

Master of Science in Cybersecurity Policy and Risk Management

University of New Hampshire

Skills
• - Assessment and Authorization (A&A)
• System Security Plans (SSP)
• Federal Information Security
• Security Assessment Report (SAR) Modernization Act (FISMA 2014)
• Continuous Monitoring (CM)
• NIST 800-37 Risk Management
• Contingency Plans (ISCP) Framework (RMF)
• Security Control Assessment (SCA)
• NIST 800-53/53A
• FIPS 199 System Security Categorization
• Plan of Action and Milestones (POA&M)
• FedRAMP/Cloud

Certifications and Licenses

PMP

CompTIA Security+

CISSP