ORIYOMI SHODIPO
Katy, Texas, 774**-***-*** **** ad0mxc@r.postjobfree.com
OBJECTIVE
Highly skilled and experienced Incident Response Analyst with a strong background in detecting, triaging, investigating, and mitigating security incidents within complex IT environments. I am committed to ensuring the confidentiality, integrity, and availability of critical systems and data. Seeking a challenging role where I can apply my expertise in incident response, collaborate with cross-functional teams, and contribute to the continuous improvement of cyber security practices.. PROFESSIONAL EXPERIENCE
Incident Response Analyst,
Robert Half consultant at Harris Health Systems Houston, Texas August 2023 – To date
Monitored and analyzed security event logs, alerts, and data sources to identify potential security incidents.(SIEM : IBM Qradar, Rapid7 insightIDR)
Follow established triaging procedure to determine the attackers TTP and attack type
Collaborated with cross-functional teams to gather necessary information for incident investigation and response.(IT, Network and Applications teams)
Performed in-depth analysis of security incidents, identifying root cause, scope, and potential impact.
Malware detection and containment with crowd strike falcon endpoint protection
Review and updating incident response plans based on the NIST framework, effectively containing, eradicating, and recovering from incidents using our deployed tools.
Implemented appropriate security controls and countermeasures to prevent further incidents and mitigate vulnerabilities.
Stayed updated with the latest security threats, vulnerabilities, and industry best practices.
Participated in incident response tabletop exercises and simulations to enhance response capabilities (Phishing exercise (Phishing, vulnerability scanning and pen testing).
Contributed to the development and improvement of incident response processes, tools, and technologies
IT Security Analyst, KFASH group of Investments Houston, Texas June 2020 – July 2023
Monitored and analyzed security event logs, alerts, and data sources to identify potential security incidents.
Conducted initial incident triage using the NIST Incident Response Framework, determining severity and impact.
Collaborated with cross-functional teams to gather necessary information for incident investigation and response.
Performed in-depth analysis of security incidents, identifying root cause, scope, and potential impact.
Malware detection and containment with Symantec Antivirus
Developed and implemented incident response plans based on the NIST framework, effectively containing, eradicating, and recovering from incidents using our deployed tools.
Coordinated and collaborated with internal teams and external stakeholders to execute incident response plans.
Prepared accurate and comprehensive incident reports, documenting timeline, actions taken, and lessons learned.
GRC Consultant, Tri-Continental Limited Lagos, Nigeria April 2017 – May 2020
Provided advisory services to clients on risk management, compliance, and governance matters, including developing GRC frameworks and conducting risk assessments.
Assisted clients in identifying and analyzing risks, and designing control measures to manage and mitigate them.
Conducted compliance reviews, drafted IT security policies and procedures,
Provided training to clients' employees on regulatory compliance matters.
Assist in developing and implementing security controls
Developed and delivered training programs for clients' executive management on GRC- related topics.
Conducted internal audits to ensure compliance with regulatory requirements and internal policies.
SKILLS
Strong understanding and practical application of the NIST cyber security and Incident Response Framework.
Proficiency in using security tools such as SIEM: IBM Qradar, InsightIDR, Malware: crowdstrike, Totalvirus, Phishing: ProofpiontTAP and cisco Ironport, DLP: forcepoint AP.
Familiarity with compliance standards and regulations such as PCI-DSS, HIPAA, and GDPR.
Excellent analytical and problem-solving skills, with ability to deliver under pressure.
Effective communication and collaboration skills, interacting with technical and non- technical stakeholders.
Strong documentation skills with attention to detail, preparing clear and concise incident reports.
Adapt quickly to changing priorities and follow up on multiple incidents simultaneously. EDUCATION
Lagos State University Lagos, Nigeria
BSC Electronics and computer engineering (Sept 1993 – Mar 1999) CERTIFICATIONS
● ISC2- Certified Information Systems Security Professional (CISSP)
● ISACA - Certified Information Systems Auditor (CISA)
● ISC2 - Certified in Cyber Security(CC)
● CompTIA - SecurityPLUS
● PMI – Project Management Professional (PMP)
● EXIN – ITIL Foundation v3 Certified
● CRISC (In view)
References: Available upon request.