Open to opportunities

Akwasi Appiah

@akwasiappiah

Cybersecurity compliance and education leader, translating NIST/CMMC frameworks into measurable control outcomes across regulated environments.

United States

Message

What I'm looking for

I’m looking to lead compliance and security governance where I can translate NIST/CMMC requirements into effective controls, mentor teams, and deliver measurable audit-ready outcomes—while teaching and improving security practices organization-wide.

I’m a senior cybersecurity and compliance professional with 10+ years securing regulated environments across federal, healthcare, and financial sectors. I’ve secured 10+ government ATOs, reduced average ATO approval time by 30%, and designed control frameworks that cut assessment-identified control gaps by 40%.

I also bring deep teaching experience—designing and delivering cohort-based cybersecurity instruction that translates NIST 800-171, CMMC, and real-world compliance into practical, scenario-driven learning. I lead with a clear focus on bridging academic theory and industry practice, mentoring learners into the field while building security governance that keeps engagements on schedule with zero major audit findings.

Experience

Work history, roles, and key accomplishments

Current

Compliance Advisory Manager

Current

Accenture Federal Services (AFS)

May 2024 - Present (2 years 1 month)

Secured 10+ government ATOs and guided 60+ projects through NIST 800-171 compliance, cutting average ATO approval time by 30% via streamlined risk roadmaps and control implementation. Reduced assessment control gaps by 40%, prioritized remediation for 60+ projects, and maintained zero major audit findings while mentoring a team of 6 (35% throughput increase).

CMMC FedRAMP ATO Support Risk Assessment Security Governance Third Party Risk Management

Current

Cybersecurity Instructor

Current

CyberScholars Program

Jan 2022 - Present (4 years 5 months)

Designed and delivered cohort-based cybersecurity instruction covering GRC, NIST 800-171, and CMMC, translating complex frameworks into applied case studies and audit simulations. Led live sessions for 15–30 students and mentored learners through career transitions into cybersecurity roles.

Cybersecurity Education GRC CMMC Assessment Design Mentorship

Information Systems Security Manager

Northeastern University

Jun 2021 - May 2024 (2 years 11 months)

Drove organization-wide CMMC Level 2 audit readiness with zero delay to the audit timeline and served as an internal PCI DSS assessor, achieving zero findings across consecutive annual audits. Built governance aligned to NIST 800-171/800-53, SOC 2, and ISO 27001 (30% reduction in duplicated control efforts) and improved security awareness for 3,000+ users while tracking closure of 120+ control gap

CMMC PCI DSS NIST 800 53 SOC ISO 27001 Security Governance Risk Register Security Awareness

Information Security Analyst

Sparksoft

May 2019 - May 2021 (2 years)

Maintained System Security Plans (SSPs) and POA&Ms for CMS systems using CFACTS, achieving 100% on-time delivery against NIST and FedRAMP milestones. Coordinated Security Impact Assessments to eliminate configuration drift and delivered contingency planning improvements that reduced simulated recovery time by 20%, while managing PII/PHI/FTI incidents and reducing access control exceptions by 35%.

SSP & POA&M Management CFACTS FedRAMP NIST Compliance Incident Management Contingency Plan Privacy Controls

Graduate Assistant - Cyber

The George Washington University

Jan 2021 - Jan 2021 (0 months)

Supported graduate-level cybersecurity courses by grading, facilitating technical discussions, and collaborating with faculty on curriculum and instructional materials. Provided direct academic support to reinforce risk management and compliance concepts.

Cybersecurity Instruction Grading Risk Management Technical Discussion Facilitation

Information Security Analyst

InterVarsity USA

Dec 2016 - Apr 2019 (2 years 4 months)

Built an enterprise security program from zero after a breach—implementing access controls, firewall management, IDS/IPS monitoring, and DLP—reducing security incidents by 80% within 12 months. Maintained PCI DSS compliance, improved incident containment time by 60% through an updated incident response plan, and increased phishing identification rates from under 40% to over 85% using organization-

PCI DSS HIPAA GDPR IDS DLP Incident Response Root Cause Analysis Access Control

Application Security Architect

Wells Fargo Bank, N.A.

Oct 2014 - Dec 2016 (2 years 2 months)

Supported the secure migration of 500+ banking applications to the cloud, completing the project four months early with zero critical compliance failures. Implemented IAM and MFA to reduce privileged access violations by 45%, and led SDLC security reviews/code audits that identified and remediated 200+ high/critical vulnerabilities, while cutting provisioning errors by 30% as an IAM subject matter

Cloud Migration IAM MFA SDLC Security Reviews Privileged Access Management Security Architecture & Compliance

Teaching Assistant - Undergrad

University of Ghana

Jan 2011 - Jan 2011 (0 months)

Assisted in delivering undergraduate economics and finance coursework by leading breakout sessions and tutorial discussions that applied theoretical concepts to practical scenarios. Evaluated assignments and provided structured feedback to improve student understanding and performance.

Tutorial Facilitation Academic Support Structured Feedback Student Engagement