Experienced and well - qualified IT professional with particular expertise in cyber security projects utilizing best practices and advanced methodologies. Skilled at developing global strategies to enhance overall cyber security programs and maintain/improve security posture for IT governance. Skilled at analyzing intelligence and establishing security initiatives for counterterrorism efforts. Multilingual: Fluent in English, Yoruba, Hausa; basic knowledge of French.
AREAS OF EXPERTISE:
- All Source: Intelligence Analysis
- Network Security
- Malware Analysis
- Digital Forensic
- Ethical Hacking
- IT Governance
- Risk Management
- IT Auditing
- Strategic Communication
- Cyber Intrusion Analysis
- Advanced Persistent Threat
- Application Security
- Penetration Testing
IDS/IPS: ISS, Snort, Sourcefire
Forensic/Malware: Encase, FireEye, NetWitness, IDA Pro, Helix, Wireshark
Security Standards/Guidelines: FISMA, NIST, CIP, BASEL II, SOX, PCI, GLBA, HIPAA
Vulnerability and Penetration Testing Tools: Nessus, ISS, Foundscan, Nmap, Retina, GFI LanGuard, MetaSploit, Core Impact, BackTrack
Sr. Security Analyst
- Managed security incidents, both cyber and non-cyber-related from the beginning to the end, including identification, containment, eradication, and recovery.
- Interface with Security Operation Center (SOC); Cyber Intelligence Center (CIC); Community of Information Security Officers (ISO); Advance Adversary Team; Content Monitoring group and Citi Security Investigation Services (CSIS) on security incidents. As an Incident Manager (IM Lead), I regularly lead incident response activities and monitor incident indicators, including evidence collection, event correlation, and threat containment.
- I conduct the analysis of cyber security events for root cause & impact to the enterprise, including coordination of remediation efforts and tracking resolutions on ticketed incidents.
- Demonstrated leadership and interpersonal skill with experience in working with team members to ensure the resilience and foster team spirit. Interfaces with peers and senior leadership and communicate at all levels through the monthly threat briefing presentations.
- Guides less experienced Information Security team members. Leads enterprise due-diligence activities including security monitoring and security metrics to evaluate the effectiveness of the enterprise security program and established controls.
- I frequently perform network and host-based analysis for malicious activity, including hunting for malicious network activities.
- I developed a method to identify Indicators of Compromise (IOC’s) for inclusion into monitoring tools. Also, lead research to understand the new and emerging threats/response capabilities.
- Moreover, I lead and train team members in the use of security tools, analysis, and resolution of security issues.
- I worked with my team to explain complex technical issues in business terms.
- As a member of the SIM team, I document investigation results, ensuring relevant details are passed to key stakeholders.
Senior Information Security Consultant
- Managed Information security projects and execution under the direction of the management team.
- Provided leadership as the IT security services first line of defense.
- As a subject matter expert, I created and developed operational security process, which includes standard and procedure based on current cyber threats landscape to improve security controls and business performances.
- Lead strategic information security direction that aligned with corporate business objectives and regulatory requirements.
- Performed information security risk management process, program, and strategy on a regular basis.
- I managed the publication of internal controls and manuals and ensured adequate compliance with policy; identified security vulnerabilities and recommended corrective actions.
- Engaged in concept development and advocacy that provides objective analysis and practical solution that address security and emergency management challenges.
- Provided and ensuring confidentiality, integrity and business continuity.
- I worked with other board members to identify operational area and concerns. I was responsible for implementing the company policy to ensure the strategy was geared towards its mission.
- I represented Confidential Group in major public events, including media and government affairs.
- I developed a team as a leader and mentored the top-notch security professionals, including the managers, supervisors and professional staff.
- I designed the information security department from scratch and worked closely with the Information Security Officers to create strategic plan and vision for the entire security program.
- I did direct all the projects related to the information security and I was the adviser to the senior management team on cyber threats landscape.
- I regularly participate in the budget and expense tracking process related to my assigned portfolio with the responsibility of reporting financial information to appropriate team promptly.
- Manage team members, project scope, and budgets on critical cyber security projects. Conduct data exfiltration/leakage assessment and malware analysis.
- Analyze captured user, computer, and network security events in near real-time environment to identify vulnerabilities, policy violations, and malicious user behavior.
- Initiate risk-management framework and monitoring system for businesses and organizations.
- Develop IT security internal controls and related policies.
- Assess compliance through penetration testing and vulnerability assessment.
- Perform IT auditing and design/maintain secure websites and hacker protection for government agencies.
- Develop security guidelines and IT governance for cloud computing. Installed and repaired security systems and programmable logic controls.
- Evaluated security systems and procedures to recommend improvements.
- Authored documentation for security authorization/ packages, including security, business-continuity, and disaster-recovery plans; and risk assessments.
- Established and initiated IT security policies, procedures, guidelines, baselines for government, finance, commercial and other organizations to reflect respective IT governance.
- Created employee- procedures and materials for in-house software and hardware protocols.
- International non-governmental organization focusing on leadership,, peace, and security.
- Gathered and analyzed African political intelligence for strategic planning of counterterrorism activities.
- Directed operation of organization’s regional projects, most notably the African Network for Security and Good Governance.
- Updated and maintained detailed database of terrorist organizations.
- Reported on regional political, economic, and social developments; edited and proofed academic papers, conference reports, and other relevant documents.
- Chaired editorial board and published The African Journal of Counterterrorism, a publication that disseminates information about new developments within intelligence community and promotes ethics and standards in law enforcement.
- Planned and launched discussion group on global terrorism, leadership, migration and development, peace, security, and migrants’ rights.
Confidential, New York, NY
- Online journalist and social-advocate community focused on news from Nigerian-African perspective.
- Directed intelligence planning and managed information security and quality assurance.
- Investigated and reported on high-profile corruption cases for online publication.
- Processed information gathered by various sources and formatted data for analyst.
- Verified validity and relevance of information.
- Maintained information confidentiality and online security.