Post Job Free
Sign in

Security Information

Location:
Mount Prospect, IL
Posted:
November 23, 2016

Contact this candidate

Resume:

MORUFU A. SALAWU

**** * **** *****, *** ***, Mount Prospects, IL 60056

Tel: 773-***-****

PROFESSIONAL OBJECTIVE:

Highly skilled and experience IT professional with demonstrated knowledge of technical writing, programming, information security (WAN/ LAN firewalls, Windows, and UNIX servers), system maintenance, software development engineering, systems networking, web design, and systems audit.

TECHNICAL SKILLS:

General Technology Skills: Demonstrated knowledge of various application software (Microsoft office suite, Corel, Lotus, Adobe), IT Project Management, systems networking and administration, System Engineering and Design, Web Design, OS platforms such as Windows, Linux (Kali), MAC, Novell NetWare, NT, UNIX, Mainframe, and SSH (PuTTy, and WinSCP).

Security Skills:

Firewalls: Cyberguard, Lucent LSMS, Lucent Bricks, Checkpoint, Cisco Pix /ASA, USG Firewalls

Intrusion Detection: Source Fire, McAfee HIPS, Comodo HIPS, Symantec IPS, Snort Security Monitoring & Threat Correlation: Cisco Mars, Blue Coat Reporter (Websense), Elog, Arc Sight Risk Management, Risk Analysis & Threat Modeling

Identity Management: Ping, PingOne, Federation Accounts

Data Security

Encryption: Ax crypt, PGP Desktop, Apani Epi-Force, PC Guardian.

PKI - SSL: Windows 2003 Certificate Server, VeriSign.

Database Security/ Data Leakage Prevention: Imperva, Securesphere DB Security & Auditing for Oracle & SQL, RSA –Tabulus, GTI, DSM

Data Masking: Princeton Softek Optim, CSV Data Mix.

Application Security

Code Testing: Cenzic Hailstorm, Opti Perl, other tools

Web Application Security: App Scan, Cenzic Hailstorm, VeraCode, CyberArk, WebInspect and other tools

System Security

Enterprise Antivirus / Anti-Malware / Anti spyware: Mcafee E policy Orchestrator

Secure Build Configuration: Shavlik, NetChk, MS Baseline, and NSA/CERT Checklist.

Enterprise Email Security: Iron Mail Enterprise, Secure Web Transmission Module

Enterprise Endpoint Security: TSM, Core Force, Trusteer

Vulnerability Management

Penetration Testing: Metaframe, Exploit Framework, Metasploit, Nessus, WireShark, and other tools

Vulnerability Assessment: Foundstone, GFI LAN guard, Core Impact

Security Auditing: - SOX PCI GLBA Compliance, Assessment & Auditing.

Access Management (Active Directory), Privilege User, Key Shares & Files (Using Hyena/ Intrust Quest), Network Design review (Manual), Network device review (Using Nipper/Redseal), Production & Vulnerability Scans (Using Foundstone), Intrusion Detection- (Sourcefire), Anti-Virus Updates & Monitoring (McAfee EPO), Oracle & SQL Auditing- (Imperva Secure sphere).

Security Process Development: Audit Control Process documentation, Inter Departmental Security Processes (IT Operation, IT Engineering, IT Risk, IT Networking) Development.

Security Training & Awareness: Secure Application Development, End User Desktop/Laptop Security, Audit & General Infosec Training.

GRC - Performing General Risk Control

Programming

C++, C#, JAVA, JAVA Swing, .NET, Python, Ruby, Perl, ASP, VB, COBOL, MS Access, FoxPro, Oracle, HTML, JAVA Scripts, SQL, FoxPro, Dbase, PHP, Visual Basic, Python, Squirrel etc

WORK EXPERIENCE:

HCSC (Blue Cross Blue Shield of IL, MT, OK, TX, NM), Chicago, IL Jan 2014 – Present

Cybersecurity IAM Specialist

•Provision users to key systems and applications on Novell, Active Directory(AD), Mainframe, Unix environments.

•Manage key systems and application security configurations including password configuration enforcements.

•Managing users access, and configuration on single sign-on tools, Ping, PingOne, AD and other identity management tools.

•Monitor compliance with the organization's information security policies and procedures among employees, contractors, and other third parties, and refer problems to appropriate department managers and/or administrators.

•Provision users based on RBAC role model to mitigate, to identify vulnerabilities and exploits based on zero-day developments.

•Assist in troubleshooting, and finding resolution to various Service Desk tickets in the Access & Authorization Management teams queue.

•Assist in documentation of various Crib Sheets, and training manuals to help cross trained team members, and IS employee on various application platforms.

•Assist Access & Authorization Management department to reduce SLA time on various request queues using my experience, and developed automated processes using scripts(JCL).

DHL, Elk Grove Village, IL Aug 2007 – Dec 2013

Information Security Analyst

•Capture of requirements, design using Visio for implementation use on CyberArk PAM tool.

•Integrate using connectors various applications to implement Single Sign On (SSO) on CyberArk.

•Installed, integrate and implemented CyberArk Vault Administration to execute user, data and safe managements.

•Administered, On-board, monitored and troubleshoot PAS (Privileged Account Security)

•Installation of HA vault and redundant CPM and PVWA components to address Fault Tolerance, HSM integration and vault keys changing.

•Manage key systems and application security configurations including password configuration enforcements.

•Perform systems and applications security hardening tests before they are deployed.

•Facilitate security awareness trainings.

•Performed security assessments on newly acquired or existing software, and also developed information security policies, procedures, standard, and guidelines.

•Participate in the research and analysis of protocols and standards to provide enterprise security management services in various areas, including device configuration management, inventory management, identity management, audit management, digital policy management, attribute management, and attribute-based access control.

•Provide technical engineering services for the support of integrated security systems and solutions and interface with Business Units in the strategic design process to convert security and business requirements into technical designs.

•Monitor compliance with the organization's information security policies and procedures among employees, contractors, and other third parties, and refer problems to appropriate department managers and/or administrators.

•Perform research activities to identify vulnerabilities and exploits based on zero-day developments

•Implement damage assessments and reviews of prospective interference with automated tools.

•Information Systems infrastructure, and recommend, develop, and apply appropriate countermeasures

•Assist Software Engineers with designing software tools that can be used in a Computer Network Defense-Response Action capacity.

•Run periodic vulnerability scans of the corporate network using Nessus, and WebInspect to conduct Application security scan.

•Monitor Anti-Virus daily deployment to end users’ systems.

•Debugged and developed codes using scripting tools like C, JavaScript, Perl, Python etc

Compufind Inc, Chicago, IL Feb 2006-July 2007

Systems Technician/ Security Compliance Officer

Championed all clients systems troubleshooting, installation, and repairs

Identify various security access control concepts: DAC (Discretionary Access Control), MAC (Mandatory Access Control), and RBAC (Role-Based Access Control) and applied those to clients systems.

Performed data encryption and decryption using DES, AES, public key encryption standards

Debugged and developed codes using JAVA/J2EE, ASP, .NET, C#, PHP, JavaScript, Perl, JAVA Swing, OOP etc

Performed and implement PCI DSS based on three tiers of standardization- Assess, Remediate, and Report and enforced those continuously

Performed and managed single sign-on implementation using Microsoft Accounts Manager, TIVOLI, Account & SSO, Ubuntu, myOneLogin(VMWare)

Coordinated systems networking, and configuration

Securely administered users rights, and privileges

Performed General Risk Control (GRC) on all processes

Performed Security Information and Event Management analysis using tools like Archer and Fire Eyes to check network traffics and system logs.

Femstar & Company Limited, NG May 2000-2006

Supervisor, Information Systems/Chief Information Security Officer

Supervised over 100 systems users with integrity, quality standard, and effectively controlled all the business IT resources. Designed and implement many information security procedures and processes. Designed and implemented business IT resources plan, and securely administered the company IT resources.

Coordinated all systems installation, maintenance, upgrading, and assembling

Coordinated all business systems networking, and configuration

Securely administered users rights, and privileges for data security, also provided data, and password encryption algorithm to safeguard vital information.

Performed and managed single sign-on implementation using Microsoft Accounts Manager, TIVOLI, Account & SSO, Ubuntu, myOneLogin(VMWare)

Debugged and developed codes using JAVA/J2EE, ASP, SQL, .NET, C#, PHP, JavaScript, Perl etc

Designed business processes software using my technical skills to analyze, develop, code and maintain(debug) new and existing software (Bottler Sales, General Ledger, Inventory Control System, and Personnel Payroll Software using MS Access, and Visual Basic)

Design and implements all systems technical documentations (both new and existing systems)

Developed, and designed users training requirements

Implemented important security measures on all systems, and business processes.

EDUCATION:

•Northeastern Illinois University, Chicago, IL M.Sc. (Computer Science -MIS) May 2015 GPA 3.27

•Northeastern Illinois University, Chicago, IL B.Sc.(Computer Science/Info. Security) May 2012 GPA 3.37

•Kwara State Polytechnic, NG Associate Degree (Computer Science)

PROJECT WORKS:

Team member that installed and configured JP Morgan Chase banks newly acquired computers in Northbrook, IL, Chicago, IL (131 S. Dearborn office and Morse/Glenwood), and Rockford, IL.



Contact this candidate