Open to opportunities

Edwina Baidoo

@edwinabaidoo

I’m a cybersecurity and RMF Security Assessment & Authorization analyst focused on compliance, risk reduction, and mission-ready ATOs.

United States

Message

What I'm looking for

I’m looking for a federal-focused cybersecurity role where I can own RMF SA&A, strengthen continuous monitoring and audit readiness, and partner with engineers and leadership to reduce enterprise risk while delivering timely, defensible ATO decisions.

I’m a cybersecurity and RMF professional with 10+ years supporting federal security authorization, compliance, vulnerability management, continuous monitoring, and enterprise risk initiatives across DHS and CBP environments. I implement NIST RMF, NIST SP 800-53 Rev 5, FISMA, FedRAMP, FIPS 199/200, and CMMC requirements for mission-critical systems and High Value Assets (HVAs).

I lead Security Assessment & Authorization (SA&A) activities—conducting security control assessments, driving POA&M remediation, and developing enterprise security documentation that supports Authorization to Operate (ATO) decisions. I’m skilled in audit readiness and security governance using tools such as Xacta, CSAM, Splunk, ServiceNow, Jira, Nessus, Archer, ACAS, and Microsoft Sentinel, collaborating with engineers, auditors, and executive stakeholders to strengthen posture and reduce organizational risk exposure.

Experience

Work history, roles, and key accomplishments

Current

Security A&A Analyst

Current

Leidos

Sep 2025 - Present (9 months)

Conduct security assessments and authorization activities for CBP information systems using NIST RMF to support DHS/federal compliance. Review SSP/SAR/ISCP/IRP/CMP artifacts, evaluate NIST SP 800-53 Rev 5 controls, and guide POA&M remediation to sustain ATO readiness.

NIST RMF NIST 800 53 POA&M Management SSP SAR ISCP IRP CMP Splunk ServiceNow

Information System Security Officer

Ardent LLC

Jan 2023 - Mar 2025 (2 years 2 months)

Managed RMF deliverables for CBP High Value Asset environments, including POA&M documentation and ongoing continuous monitoring oversight. Developed and maintained authorization artifacts (SSPs/ISCPs/IRPs) and used enterprise platforms to track findings, remediate vulnerabilities, and support ATO lifecycle reporting.

POA&M Management FISMA Monitoring ServiceNow Jira Splunk

Senior Cyber Security Analyst

Maximus

Aug 2020 - Jan 2023 (2 years 5 months)

Led assessment and authorization activities aligned to NIST RMF and FedRAMP requirements, producing security assessment plans and reports to support ATO initiatives. Performed cloud security assessments across SaaS/PaaS/IaaS, maintained RMF documentation (PIA/ISCP/IRP), and managed remediation to improve compliance and risk visibility.

NIST RMF FedRAMP Security Assessments PIA Compliance Reporting

Information System Security Officer

InquisIT LLC

Jan 2017 - Aug 2020 (3 years 7 months)

Coordinated RMF security control planning and testing for federal information systems, including SSP/POA&M and security assessment deliverables supporting ATO requirements. Conducted risk assessments and vulnerability analyses, supported configuration/security baselines, and assisted vulnerability scan coordination and remediation tracking for operational deployment.

RMF Documentation (SSP POA&M)Risk Assessment Vulnerability Analysis Security Baselines Security Assessments

Desktop Analyst

Aroopa Inc.

Aug 2015 - Dec 2016 (1 year 4 months)

Provided enterprise desktop and end-user support, troubleshooting hardware, software, network connectivity, and system performance issues to minimize downtime. Installed and maintained desktop systems and updates, tracked inventory, documented issue resolutions, and prepared user training materials to improve operational support quality.

Technical Support Network Troubleshooting Documentation Remote Support Customer Service