OLUWARANTI AFOLABI
*** ******* *** *********, ** 21703
adiy2q@r.postjobfree.com
SUMMARY
Results-oriented IT Security Analyst with a solid background in analytics and Information Technology. Seeking to leverage valuable qualifications to IT roles. Experience with IT compliance and risk management framework Familiarized with relevant industry regulations and standards such as NIST, CIS, HIPAA,PCI
Solid history of success in working as a team player, Proficient in Microsoft Office Suite, Microsoft Exchange Server 2010/2013/2016, office 365 Migration Microsoft Lync, SharePoint, Windows 7, 8, 10 and MAC OS. Active Directory, Anti-virus applications (AVG, Norton, and Symantec),Windows7, Windows 10, Linux/Unix, Citrix, MS Office suite 2010, 2013 and 2016, Cisco Jabber, BMC Remedy, ServiceNow, Splunk, VMware. Security Tools (Kali Linux, Wireshark, Encase, FTK, Back Track, Metasploit, Nmap, Owasp ZAP, Burp suit
EDUCATION & CREDENTIALS
Master of Science, Computer Security and Forensics, University of Bedfordshire, Luton, UK - MAY 2012
Bachelor of Science, (Honors) Computer Science, Olabisi Onabanjo University, Ago Iwoye, Ogun State, Nigeria - JULY 2007
Diploma in Data Processing, Olabisi Onabanjo University, Ago Iwoye, Ogun State, Nigeria - JUNE 2003
CERTIFICATIONS
Certified Information System Auditor CISA 2020
Information Technology Infrastructure Library (ITIL v3) MAY 2012
Security+ CompTIA 2020
Certified Ethical Hacker -EC-Council 2020
CISSP -In progress
PROFESSIONAL SUMMARY
WORLD BANK January 2017– Present
Information Security Analyst Washington, DC
Support the decision making and strategic planning process of all IT security requirements at the beginning and close of each fiscal year.
Selected Contributions:
Review the security architecture evaluation of WBG new systems and create security test plans based on existing and planned controls and recommendations.
Perform security analysis of the different layers of the systems (application, operating systems and database layers) by performing manual testing and automated system vulnerability assessment scans using various web, application, operating systems, source code and database vulnerability scanners.
Review scanner result reports and work with the application development community to remediate issues following a risk-based approach.
Perform manual vulnerability assessment and penetration testing of applications, produce reports and walk development team through issues.
Maintain detailed documentation of test procedures and findings in OIS ticketing system
Help develop and maintain OIS application security testing processes and procedures to incorporate new technologies and testing methodologies
Knowledge of information security risk and risk assessment
Facilitate meetings with developers to safeguard client against accidental or unauthorized modification, destruction of cloud software applications
Collaborate with colleagues on authentication, authorization and encryption solutions
Evaluate new technologies and processes that enhance security capabilities
Test security solutions using industry standard analysis criteria
Making new changes to enhance the performance our security tools
Deliver technical reports and formal papers on test findings
Respond to information security issues during each stage of a project’s lifecycle
Supervise changes in software, hardware, facilities, telecommunications and user needs
Security testing, using automated tools such as “Cenzic Hailstorm, Burp suite proxy, Nessus and Owasp
AAA BUILDERS November2014-December 2016
IT Incident Analyst New York, NY
Serve as primary point of contact to coordinate several projects relating to IS software development initiatives
Selected Contributions:
Collaborate with Auditors to produce executive level compliance /remediation report
Runs Web application vulnerability software to detect security issues in web applications.
Analyzes output of web application test scans to determine valid security issues.
Worked with stakeholders to decompose high-level information and turn it into step-by step details for visual data mapping initiatives
Gathers security related information across multiple electronic, computer and development environments.
Identifies, summarizes, reviews, and reports potential/actual actions that may jeopardize information security environments.
Participates in information security audits to proactively minimize and eliminate information security vulnerabilities.
Uses penetration testing methodologies to validate the remediation of vulnerabilities and misconfiguration issues.
Reviews Application Code reports on vulnerabilities.
Performs extensive internal network reconnaissance with the correlation of data from SIEM, scanning applications, network monitoring devices, host applications, etc.
MONDELEZ INTERNATIONAL UK June 2012-August 2014
Security Analyst United Kingdom
Conduct security architecture/application reviews to assess technical and business risk, identify threats and potential areas for abuse in applications, specify solutions, verify through testing, and determine the right level of architecture activity and project oversight based on risk
Selected Contributions:
Daily monitoring of system, network, and application logs
Consult with staff and management on security best practices
Analyze IT systems to identify, assess, and design security features
Design and plan contingency planning/disaster recovery
Work with end users to resolve hardware and software issues through Fresh Service.
Manage company firewall
Continue to look for solutions to automate daily/weekly tasks to save company time and money
Find best practice security solutions and apply them to our critical applications (Outlook, Skype, SharePoint, Etc.)
Document and manage incident cases in ServiceNow
Notify assigned customers of security incidents Interface with customers to provide investigatory support and additional information as needed
Triage support requests and help desk queue to maintain SLA
Keep up-to-date with information security news, techniques, and trends
Identify and report any gaps in log collection or reporting as soon as possible to the customer and
Report all operational issues or problems to the shift lead
SYNERGY FINANCIAL January 2011-May 2012
System Engineer London
Provided phone, remote, and onsite support to 2,000 users. Implemented best practices to effectively troubleshoot and resolve issues. Monitored all issues and resolution activity to ensure a timely resolution and outstanding communication. Supported network software and protocols including VPN, TCP/IP, DNS, DHCP, Exchange and Active Directory. Performed hardware and software maintenance, routine backup, and archival files to support disaster recovery. Reset passwords, monitored connectivity, installed antivirus software on laptops and desktops, and generated monthly antivirus reports.
Selected Contributions:
Developed, implemented, and deployed new technologies for logical and physical security of system.
Trained and provided technical support for users with varying levels of technical knowledge.
Tested full functionality of SAP to ensure users were receiving full functionality and information content was up-to-date and valid.
Analyzed the usefulness of pre-developed application packages and adapted them to user environments.
Additional responsibilities include:
• Responding and investigating notifications from our security tools