Temitope Ibikunle

Dallas, Texas #469-***-**** ad22es@r.postjobfree.com

Summary

I am a member of the USA Army Reserves who is passionate and deeply rooted in finding solutions to IT security problems and challenges. Worked in a 24x7 environment to ensure confidentiality, integrity, and availability of data, networks, and systems. Versatile in managing sensitive data and able to use various security tools to analyze and investigate security incidents.

Professional Experience

Booz Allen Hamilton (National Institute of Health Project)

Lead Cyber Incident Response Consultant 10/2022 – Date.

Conduct thorough investigations of security breaches and incidents, performing forensic analysis to determine the extent of compromise and identify the root cause.

Collaborate with cross-functional teams, including IT, legal, and senior management, to coordinate response efforts and provide recommendations for remediation.

Monitor and analyze network traffic and security events using SIEM tools to identify potential security incidents.

Lead incident response efforts, coordinating containment, eradication, and recovery activities to minimize the impact of security incidents.

Perform digital forensics investigations, collecting and preserving evidence for potential legal and incident reporting purposes.

Conduct post-incident reviews to identify areas for improvement and implement lessons learned to enhance incident response capabilities.

Investigate and respond to security alerts, conduct a thorough analysis, and provide recommendations for containment and eradication.

Assist in the development and implementation of incident response plans and procedures.

Collaborate with cross-functional teams, including IT, legal, and senior management, to coordinate response efforts and provide recommendations for remediation.

Develop and implement incident response plans tailored to clients' unique needs, considering industry regulations and best practices.

PwC

Senior Associate Cyber Incident Response 07/2019 – 10/2022

Supported cyber incident response actions to ensure proper assessment, containment, mitigation, and documentation.

Utilized O365 to configure tenant-wide policies, ATP products, In-tune, authentication, IAM and DLP.

Handled escalations from the SOC team and triage from start to finish using different tools such as SIEM, EDR (CrowdStrike, Defender), email security tools, and cloud tools.

Implemented security procedures and provided security recommendations to clients.

Developed security plans and strategies to deliver security solutions to clients.

Participated as part of a close team of technical specialists on coordinated responses and subsequent remediation of security incidents.

Defined baseline security monitoring requirements for all new projects, services, and applications joining the client’s network.

Facilitated the development and tuning of SIEM rules to support enrollments and ensure high-fidelity alerting.

Validated and managed high-priority incidents, including communication with the business, facilitating root cause analysis and resolution.

Provided network intrusion detection expertise to support timely and effective decision-making of when to declare an incident.

●Documented all activities during an incident and provided leadership with status updates during the life cycle of the incident. Coordinating the SOC shift team to help contain intrusions and vulnerabilities.

●Actively hunted for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP) in the network and on the host

●Actively analyzed network flow, PCAP, logs, Firewalls, NIDS, HIDS, and sensors for evidence of cyber-attack patterns, and hunted for Advanced Persistent Threats (APT)

HCL Technologies

Security Operation Center Analyst 02/2018-07/2019

●Analyzed network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture.

●Contributed to mitigations for future attacks of a similar nature.

●Monitored open source and commercial threat intelligence for IOCs, new vulnerabilities, software weaknesses, and other attacker TTPs.

●Monitored the local threat ops channels/SIEM/AV/DLP Policy violation consoles and notified the client/stakeholders of any suspicious/malicious activity within agreed SLA timelines.

●Utilized Security Information and Event Management (SIEM), Intrusion Detection and prevention (IDS / IPS), Data Leakage Prevention (DLP), sniffers and malware analysis tools.

●Performed security operations, abuse detection, incident management, reverse engineering, security analysis, and testing.

●Generated daily Tableau queries and presented daily, weekly, and monthly cyber findings to clients.

●Utilized Dynatrace to monitor client IP space tracking security events with internal applications looking for suspicious activities.

●Conducted security vulnerability and risk assessments using social engineering to identify system liabilities and develop remediation plans and security procedures.

●Performed cyber investigation tracking and analyzed advanced persistent threat (APT) groups, cyber threats and security reporting, and open-source intelligence (OSINT).

●Created and updated security event investigation notes. Conducted shift change reports on open cases and maintained case data in the Incident Response Management platform.

●Captured suspicious emails going to external senders from our internal users whose email was flagged for ethical red flags or certain words configured to be.

●Utilized Symantec endpoint tools to determine if embedded links within incoming emails are malicious.

Telvista

Information Security Analyst 01/2017 – 02/2018

●Conducted security audits to identify vulnerabilities. Performed security testing on proprietary software.

●Monitored use of data files and regulated access to protect secure information.

●Monitored computer virus reports to determine when to update virus protection systems and assisted with user identity management.

●Recommended security standards to management to foster improvements in security systems and procedures.

●Reviewed violations of computer security procedures and developed mitigation plans.

●Performed risk analyses to identify appropriate security countermeasures.

Skills & Technologies

●Ticketing systems: ServiceNow (SNOW), Jira, salesforce, CA Service Desk, Zendesk

●Network/Vulnerability Scan: RSA NetWitness, Wireshark, Nmap, Qualys, Nessus, Skipfish and RATS

●Reporting Tools: Tableau, Confluence, Assana, Google Data Studio

●Digital Forensic: Encase, FTK imager, Electronic evidence examiner, Autopsy

●Endpoint Security: CrowdStrike, CarbonBlack, Cortex, Traps, Palo Alto, SentinelOne

●SIEM Analytics: Splunk, Phantom, Netskope, Sentinel, Demisto, LogRhythm, Exabeam (Datalake&Analytics), OpsLean, Dynatrace, Alert logic, ELK

●Email Security: Symantec, Proofpoint, Mimecast, O365 Protection & Security

●IDS/IPS: FireEye (NX, HX & Malware analysis), TippingPoint, Bluecoat, Iron report, Digital Guardian, Zscaler, Trusted Sites

●Network Communication Protocols such as: (ICMP, IP, UDP, TCP, ARP, HTTP, HTTPS, SSL, SNMP, POP, SSH, FTP, SCP, SFTP, LAN, WAN, MAN, WLAN etc.)

●Cloud Technology:

●Microsoft Azure: Microsoft Admin, Azure AD(Microsoft Entra ID), Azure ATP, Azure Sentinel, Cloud App Security, Microsoft Defender

●GCP- Security Command Center & Chronicle

●AWS - GuardDuty, security hub, detective & Cloudwatch

●Policies: DLP, PCI compliance, HIPAA, NVD, NIST

●Language/Scripting: Java, C, Python, PowerShell, HTML, PHP, CSS3, SQL & JavaScript.

●Operating Systems: Windows, Linux, and Mac

●Microsoft Office applications: Word, PowerPoint, Excel, Project and Outlook, Google Drive

●Natural curiosity and ability to learn new skills quickly.

Certification & Education

CISSP (In progress) Digital Forensics Security Incident Analysis and Response CompTIA Security+ CEH Project Management Splunk Core Certified User

Walden University Minneapolis, USA -2024 (Doctor of Information Tech. - Cybersecurity)

Capella university Minneapolis, USA -2020 (MSc. Cybersecurity and Digital forensics)

University of Illinois-Springfield, USA-2016 (MSc. Management Information Systems)

Cyprus International University, Cyprus-2012 (BSc. Information Systems Management)

Contact this candidate