OLUWARANTI AFOLABI

*** ******* *** *********, ** 21703

adiy2q@r.postjobfree.com

240-***-****

SUMMARY

Results-oriented IT Security Analyst with a solid background in analytics and Information Technology. Seeking to leverage valuable qualifications to IT roles. Experience with IT compliance and risk management framework Familiarized with relevant industry regulations and standards such as NIST, CIS, HIPAA,PCI

Solid history of success in working as a team player, Proficient in Microsoft Office Suite, Microsoft Exchange Server 2010/2013/2016, office 365 Migration Microsoft Lync, SharePoint, Windows 7, 8, 10 and MAC OS. Active Directory, Anti-virus applications (AVG, Norton, and Symantec),Windows7, Windows 10, Linux/Unix, Citrix, MS Office suite 2010, 2013 and 2016, Cisco Jabber, BMC Remedy, ServiceNow, Splunk, VMware. Security Tools (Kali Linux, Wireshark, Encase, FTK, Back Track, Metasploit, Nmap, Owasp ZAP, Burp suit

EDUCATION & CREDENTIALS

Master of Science, Computer Security and Forensics, University of Bedfordshire, Luton, UK - MAY 2012

Bachelor of Science, (Honors) Computer Science, Olabisi Onabanjo University, Ago Iwoye, Ogun State, Nigeria - JULY 2007

Diploma in Data Processing, Olabisi Onabanjo University, Ago Iwoye, Ogun State, Nigeria - JUNE 2003

CERTIFICATIONS

Certified Information System Auditor CISA 2020

Information Technology Infrastructure Library (ITIL v3) MAY 2012

Security+ CompTIA 2020

Certified Ethical Hacker -EC-Council 2020

CISSP -In progress

PROFESSIONAL SUMMARY

WORLD BANK January 2017– Present

Information Security Analyst Washington, DC

Support the decision making and strategic planning process of all IT security requirements at the beginning and close of each fiscal year.

Selected Contributions:

Review the security architecture evaluation of WBG new systems and create security test plans based on existing and planned controls and recommendations.

Perform security analysis of the different layers of the systems (application, operating systems and database layers) by performing manual testing and automated system vulnerability assessment scans using various web, application, operating systems, source code and database vulnerability scanners.

Review scanner result reports and work with the application development community to remediate issues following a risk-based approach.

Perform manual vulnerability assessment and penetration testing of applications, produce reports and walk development team through issues.

Maintain detailed documentation of test procedures and findings in OIS ticketing system

Help develop and maintain OIS application security testing processes and procedures to incorporate new technologies and testing methodologies

Knowledge of information security risk and risk assessment

Facilitate meetings with developers to safeguard client against accidental or unauthorized modification, destruction of cloud software applications

Collaborate with colleagues on authentication, authorization and encryption solutions

Evaluate new technologies and processes that enhance security capabilities

Test security solutions using industry standard analysis criteria

Making new changes to enhance the performance our security tools

Deliver technical reports and formal papers on test findings

Respond to information security issues during each stage of a project’s lifecycle

Supervise changes in software, hardware, facilities, telecommunications and user needs

Security testing, using automated tools such as “Cenzic Hailstorm, Burp suite proxy, Nessus and Owasp

AAA BUILDERS November2014-December 2016

IT Incident Analyst New York, NY

Serve as primary point of contact to coordinate several projects relating to IS software development initiatives

Selected Contributions:

Collaborate with Auditors to produce executive level compliance /remediation report

Runs Web application vulnerability software to detect security issues in web applications.

Analyzes output of web application test scans to determine valid security issues.

Worked with stakeholders to decompose high-level information and turn it into step-by step details for visual data mapping initiatives

Gathers security related information across multiple electronic, computer and development environments.

Identifies, summarizes, reviews, and reports potential/actual actions that may jeopardize information security environments.

Participates in information security audits to proactively minimize and eliminate information security vulnerabilities.

Uses penetration testing methodologies to validate the remediation of vulnerabilities and misconfiguration issues.

Reviews Application Code reports on vulnerabilities.

Performs extensive internal network reconnaissance with the correlation of data from SIEM, scanning applications, network monitoring devices, host applications, etc.

MONDELEZ INTERNATIONAL UK June 2012-August 2014

Security Analyst United Kingdom

Conduct security architecture/application reviews to assess technical and business risk, identify threats and potential areas for abuse in applications, specify solutions, verify through testing, and determine the right level of architecture activity and project oversight based on risk

Selected Contributions:

Daily monitoring of system, network, and application logs

Consult with staff and management on security best practices

Analyze IT systems to identify, assess, and design security features

Design and plan contingency planning/disaster recovery

Work with end users to resolve hardware and software issues through Fresh Service.

Manage company firewall

Continue to look for solutions to automate daily/weekly tasks to save company time and money

Find best practice security solutions and apply them to our critical applications (Outlook, Skype, SharePoint, Etc.)

Document and manage incident cases in ServiceNow

Notify assigned customers of security incidents Interface with customers to provide investigatory support and additional information as needed

Triage support requests and help desk queue to maintain SLA

Keep up-to-date with information security news, techniques, and trends

Identify and report any gaps in log collection or reporting as soon as possible to the customer and

Report all operational issues or problems to the shift lead

SYNERGY FINANCIAL January 2011-May 2012

System Engineer London

Provided phone, remote, and onsite support to 2,000 users. Implemented best practices to effectively troubleshoot and resolve issues. Monitored all issues and resolution activity to ensure a timely resolution and outstanding communication. Supported network software and protocols including VPN, TCP/IP, DNS, DHCP, Exchange and Active Directory. Performed hardware and software maintenance, routine backup, and archival files to support disaster recovery. Reset passwords, monitored connectivity, installed antivirus software on laptops and desktops, and generated monthly antivirus reports.

Selected Contributions:

Developed, implemented, and deployed new technologies for logical and physical security of system.

Trained and provided technical support for users with varying levels of technical knowledge.

Tested full functionality of SAP to ensure users were receiving full functionality and information content was up-to-date and valid.

Analyzed the usefulness of pre-developed application packages and adapted them to user environments.

Additional responsibilities include:

• Responding and investigating notifications from our security tools

Contact this candidate