Information Security Engineer
Resume:
Ikoyi
BIOGRAPHIC _DATA
SEX: MALE
NATIONALITY: NIGERIAN.
STATE OF ORIGIN: CROSS RIVER STATE
LANGUAGES SPOKEN: ENGLISH, French.
TEL: +234-817-***-****
https://web.facebook.com/profile.php?id=100************ Certifications/Professional Qualifications:
1. PECB Certified ISO/IEC 27001 Senior Lead Auditor. 2. PECB Certified ISO/IEC 27001 Senior Lead Implementer. 3. ISO/IEC 27001 Certified Internal Auditor (CIA)
4. Oracle Certified Associate (OCA), Oracle Database 11g. 5. Oracle 12C Real Application Cluster Implementation Specialist. 6. MYSQL Implementation Specialist Certification.
7. Oracle Linux 6 ISV Developer.
8. Oracle Business Intelligence Cloud Implementation Specialist. Special Skill & Tools
Penetration testing with Metasploit, Nmap, OpenVAS, Nikto, Kali Linux, Ubuntu, Remnux Linux, Metasploit, Nmap, Zenmark, Armitage, Security Onion with Virtual Box, PCAP Analysis, FlareVM, Burp Suite, Wireshark, Snort, Kibana, Cloud security tools in Microsoft Azure and AWS, Kali-Linux, Ubuntu Linux, Metersploitable2, OpenVAS, BeEF, Zenmap Internal Auditing, External Auditing using ISO/IEC 27001, 22310., ISMS Implementation skills. PCI DSS Auditing. Port scanning strategies: TCP SYN and ACK ping, TCP SYN Ping, ICMP Ping, SCTP & ARP Scans, TCP SYN Scan, TCP (Full) Connect Scans, TCP ACK Scans, TCP Windows Scan, Nmap TCP Idle Scan, Spoof Port Scans. UDP & IP Scan, TCP stealth scan (-sS), TCP Connect scan (--sT), Null Fin & Xmas Scan (-sN, FN)
ICT Trainings: NIIT Limited Nigeria
1. Querying Microsoft SQL servers 2012/2017/2019.
2. Programming in C#. Net,
3. ASP.Net MVC Web Application Development.
4. Certificate in Complete Ethical Hacking Bootcamp. 5. Malware Analysis for Incident Responders.
EDUCATIONAL QUALIFICATIONS
2013-2014 National Open University of Nigeria.
Post Graduate Diploma Information Technology.
PGD Information Technology.
1993-1997 University of Calabar Nigeria
B.SC. Geology.
1987-1992 Government secondary schools Akamkpa
Senior Secondary school certificate.
Current Employer1: NETHOST NIGERIA LIMITED
Post: Information Security Analyst & Data Protection Consultant ADDRESS: 11 Association Avenue, Illupeju, Lagos NIGERIA. Contact Email: adkng0@r.postjobfree.com
Duration: August 2020 to Date
Key Responsibilities
Internal Auditing and External Auditing using standards such As ISO 27000, ISO/IEC 27001, ISO 27701, ISO 20000-1, ISO 22301, ISO 9001, ISO 45001, ISO certification and Cyber Essentials, Data Protection In addition, PCI DSS Auditing, Certification. Compliance Program in accordance with ISO 27001, ISO 27701 PCI-DSS, SOC1/2, HIPAA, SOC2, SOX. The continued development and maturity of an ever growing Security Compliance Program that supports the delivery of Compliance certifications to support customer security requirements. External customers, vendors, auditors and other stakeholders.
•Setting direction for audit readiness, managing compliance programs, Work with NIST 800- 53, NIST 800-171, NIST CSF. Driving continuous improvement activities, delivering dash boarding, reporting metrics. •Interfacing with auditors, articulating Control implementation and impact assessment. Worked with ISO guidelines/ frameworks such as ISO/IEC 27002,, ISO/IEC 27004, ISO/IEC 27005, ISO/IEC 27007, and ISO/IEC 27008. Business Intelligence Analysis using ISO 22301. Vulnerability analysis and Penetration testing with OWAPS ZAP, Metasploit, BeEF, Burp Suite, Nikto and Nmap.
Knowledge in Application level and Network-Level session Hijacking... Knowledge of Cross-site request forgery. Conduct assessment using Social Engineering.
Experience in Web application security threats, vulnerabilities. Experience in security testing tools such as – Burp Suite, WPS Scan ZAP, SQLMAP, SET Toolkit, Metasploit, and NetCraft etc. Knowledge of Programming and Scripting languages.
Knowledge of Common Vulnerabilities and exposures (CVEs), Common Vulnerability scoring System (CVSS)
Expertise in OWAPS Top 10 threats.
Achievements:
1. Worked as the Senior Lead Implementer & Lead Auditor in the VFD Microfinance Bank ISO 27001 Project and PCI DSS Project Implementation and Certification. VFD Group, Lagos, Nigeria. 2. Act as the Senior Lead Implementer & Lead Auditor in Manje Systems Limited? ISO 27001 Project, Implementation and Certification.
Location: Accra Ghana, West Africa. (International Project) 3. Act as LI & LA in ISO 27001 Central Bank of Ghana Project. DANIEL SAMUEL ENYIEKO Email: adkng0@r.postjobfree.com TEL: +234-08172759149 LinkedIn: https://www.Linkedin.com/in/daniel-enyieko-ba5451144. Current Profession
Software Engineer, Data & Machine Learning Software Engineer at BSSL Technologies LTD Employer: Raoo Datum Consult Limited,
Duration: Feb 2020 to July 2020 (Six Months Contract) Position: Information Security & Data Privacy Specialist. Address: 71 A Molade Okoya Thomas Street, Off Ajose Adeogun Street, VI Lagos Nigeria. Key Responsibilities:
Lead Data Protection Compliance programs; develop data protection policies, GDPR, NDPR 2019, PCI DSS, NIST and ISO 27001: 2013, ISO/IEC 2770: 2019. Vulnerability/Penetration testing. Analyze data privacy and information security policies, Acts on privacy. Intrusion detection and Thread monitoring operation. Thread mitigation and counter cyber intelligence analysis against foreign intelligence attacks. Develop use cases in Splunk SIEM. Conduct vulnerabilities, noncompliance and maltreatment of information assets to IT security department. Develop security policies, principles, architecture. Breaches and malware threats intelligence operations. Malware analysis, Conduct ISO/IEC 27001, ISO 27002, ISO 27701:2019 Auditing, Data protection services. Report residual risk, security exposures, and standards. Conduct tests and Ethical hacks of existing security architecture. Assist clients in cloud security protection MS Azure and AWS. Perform counter Cyber intelligence against external attackers using the latest cyber security tools. Good knowledge of forensic Analysis.
Perform Thread detection operations and Malware analysis on Security Onions, Wireshark, and PCAP Analysis. Network Analysis using Wireshark. Working Knowledge of OWASP top10 security vulnerable web applications Achievements:
1. Worked as the Lead Implementer & Lead Auditor in ISO/IEC 27001, ISO 27701 and NDPR Projects, Integrated Management System Project for SeamFix Limited, Lagos, Nigeria 2. Act as the Lead implementer & Lead Auditor in ISO/IEC 27001, PCI DSS project for the National Bank of Nigeria. Lagos Nigeria.
3. Formal Employer: Narag Energy Solutions Limited Position: Web Developer & Information Security Manager Address: Plot6 Block 86 Godwin Omenne Street Lekki Phase1 Lagos, Nigeria Employment Type: Contract, Duration: May 2019 to Jan. 2020 (8 Months Contract) Key Responsibilities:
Build geological Software using HTM5 Viewer, IVAAP tools and libraries. Development of oil industry exploration and Production Software’s. Used tools such as C#.Net in developing MVC applications, used Entity Framework, LINQ, Net Framework, Net core, SQL servers, Oracle 11g/12C, MYSQL etc. Software Performance testing, Load testing, Unit Testing, Develop Dashboard. Developed ASP.Net Web Form and ASP.Net MVC applications. ASP.NetCore, Used LINQ, EF, SQL Server in Web development, ADO.Net, Entity Framework. Worked with MS SQL Server, Azure SQL Server, Oracle, and MYSQL. MS SQL integration services, SQL server analysis services. SQL Server (writing SQL queries, Stored Procedures, Functions, Triggers, Batches, Cursors, CTE, Subqueries, Joins and Transactions etc.). Worked with Web services/API, Net Core, MVC, Razor Pages, EntityFrameworkCore, ADO.Net, Web Services/API, Information Security Manager Job Responsibilities
Worked the information security manager of the company, worked as a lead internal auditor for ISO 27001:2013, GDPR, NDPR 2019, PCI DSS and NIST. Conduct standard ISO/IEC 27001 auditing, Implementation of the 7 Clauses of ISO and Annex A, ISO Control Objectives. Internal and External Auditing with ISO/IEC 27001, ISO/IEC 22301, ISO/IEC 9001, ISO 20000-1, ISO 45001 standards,. Ensure that all the ISO 27001 standards are maintained in my company. Prepare and design Risk register for the company, Protection of the company IT infrastructures against attackers. Training of workers on the structure of ISO 27001:2013 Controls and its implementations. Knowledge and application of Risk assessment methodologies in the context of information security systems. Knowledge of Auditing principles and third-party audit process for ISO/IEC 27001:2013. Good knowledge of security controls including network security technologies (IPS, Firewall, NAC and WAF), OS hardening, file integrity monitoring and authentication, Perform Vulnerability testing and vulnerability management. Security incident response, System access monitoring, Thread hunting and Cyber thread intelligence. Providing proactive cyber security assessment. Establish the objective and scope of Audit engagement, Develop comprehensive risk-based audit programs. Deliver presentation to client’s management at the audit opening and closing meetings, consulting activities on internal controls as required. Involved in Data protection &Data Disposal process, have a sound knowledge of ISO27001/2, SQL injection, Web URL injection and bot testing. Have a strong understanding of Anti-malware/Firewalls/Anti-virus/SIEM/Web filtering. Achievements:
1. Worked as the Lead Implementer & Lead Auditor in the ISO/IEC 27001 Narag Project. For Narag Energy Limited. 2. Worked as the Lead Implementer & Lead Auditor in Oracle Primavera & Oracle Aconex Projects for Future Oil Field Services Limited, Lagos Nigeria.
3. Worked as the Lead Implementer & Auditor for the Oracle Primavera Project implementation for Addax Petroleum in Lagos, Nigeria
4. Formal Employer: BSSL Technologies Limited,
Address: 6 Johnson Street Illupuju Lagos.
Position: Software Engineer (web Development) & SQL Server DBA Duration: August 2018 to April 2019 (9 Months Contract) Software Development responsibilities
Build software using Web form and MVC applications for client companies in Nigeria Work. Develop ERP Financial application to the different State Government in Nigeria. Build Databases using Oracle, MS SQL Servers, T-SQL, MY SQL, and Build Application using C Sharp. Net, ASP.Net Web form and MVC, Net core 3.1, Razor Pages and MVC, LINQ, Entity Framework, Entity Framework Core. Used ASP.Net Web Form and ASP.Net MVC applications. High Availability and Disaster Recovery (DR) option for SQL Server. Structured Programming Methodology, Data Analysis and Design skill (T-SQL & SQL knowledge)
Understanding of MS-SQL and replication deployments, Database capacity planning, SQL Server Transactional Replication, SQL Server always-on Availability Groups. Experience in installing, configuring, tuning and monitoring the database servers SQL Server. Database schema creation, management Data modelling, and database design SQL code reviews. Experience with Performance Tuning and Optimization (PTO), using native monitoring and troubleshooting tools. Experience with backups, restores and recovery models Knowledge of High Availability (HA) and Disaster Recovery (DR) options for SQL Server. SQL Monitoring. Used SQL 2012, 2014, 2017, 2019 Experience. Database creation, configuration, maintenance and support including backups, Data import and export. Formal EMPLOYER: Grazminz Nig. Ltd – 10 Years.
Position: Web Developer & Cyber Security Advisor
Duration: May 2008 to June 2018, (10 Years)
1. Cyber Security Advisor Responsibilities:
Led the preparation and implementation of required information security policies, standards, procedures and guidelines. Manage information security risk assessments and controls selection activities. Planning the assessment, conducting the assessments and reporting and managing results. Worked as a lead Auditor and Internal Auditor, ISO27001 Implementation. Working with PCI DSS requirements and PCI DSS compliance. Information Security Gab Analysis, Vulnerability assessments, Securitization, penetration testing. Evaluate the performance and capabilities of the assisting staff auditors. Good understanding of Network security, Application security, End security, Data security. Monitor, research, investigate and analyze security threats and trends to verify the effectiveness of protective measures, Identification and analysis of anomalous activity in systems logs and other event data, Perform periodic penetration testing and risk analysis of services, sites, and infrastructure Assist with the development, periodic review, and compliance of cyber security policies, procedures and standards Work in a cross functional capacity with procurement, IT, Systems and Network, MIS, Customer Service and other teams to assist with the security analysis of potential vendors and products. Day-to-day coordination and collaboration with a wide array of IT groups, Information Security teams, business units, and client delivery teams. Perform security monitoring and analysis of security events. Assist with incident response and investigation activities. Worked with ISO 27001, ISO 27701, ISO 22301, ISO20000-1, ITIL, ISO 9001 and ISO 45001. Participate in the agile process to incrementally drive improvement of core security controls, Monitor, manage and tune core security controls, Develop and deliver required metrics and reports. Develop process and procedure documentation for core security controls. Implemented and secured to the highest standards thus maintaining and enhancing customer trust. This position is for individuals that are seasoned veterans of security. They have been in the trenches; they have set up their 3 millionth firewall, IPS, or Anti- APT system.
2. Web Development & Database Developer Experience: Develop different software applications to suit the needs of different clients. Develop apps with C#. Net Framework. Used JavaScript, unobtrusive JavaScript, Used React JS, and Angular in Application Development. Software performance testing. Build ASP.Net MVC applications, ASP.Net Web forms, ADO.Net, ORM EntityFramework, C#.Net, JavaScript, JQuery. Proven understanding of database security models and principles, Demonstrated expertise in delivering large, cross-functional projects, Strong experience in data migration projects (server, cluster or database) Experience in developing and maintaining high availability solutions: replication, clustering, mirroring and log shipping. Experience in database backup and recovery tools and methods Experience in developing and maintaining high availability solutions: replication, clustering, mirroring and log shipping Experience in database backup and recovery tools and methods Engaged in improving performance, scalability and security requirements for SQL server. Design, develop, test and implement solutions in SQL Server based on business requirements while effectively integrating into existing infrastructure.
Contact this candidate