T O B I DADA

**, ******** ******, ********** ********, Yaba, Lagos State, Nigeria.

Tobi.darda@gmail.c om LinkedIn

Tel : +2 3 4 8 1 2604 3960

PROFESSIONAL SUMMARY

I am an offensive and defense minded information security analyst with the drive and talent for aligning security architecture, plans, controls, processes, policies and procedures with security standards and operational goals. I am capable of working well with or without supervision, leading team members and possess the inept ability to grasp and teach new concepts very easily. I also aspire to manage a team of spirited individuals to achieve laid down objectives, set management goals and targets whilst constantly improving on our knowledge base.

PROFESSIONAL CERTIFICATES

• Offensive Security Web Expert (OSWE) [In View]

• AWS Certified Security – Specialty [In View]

• Offensive Security Certified Professional (OSCP) [2020]

• Certified Information Security Professional (CISSP) [2020]

• Check Point Certified Admin (CCSA) [2019]

• Computer Hacking Forensic Investigator (CHFI) [2018]

• Certified Lead Penetration Tester (CLPT) [2018]

• Comptia Security + (SYO-501) [2017]

• Certified Ethical Hacker (CEH) [2012]

PROFESSIONAL SKILLS

• Programming Languages: Python*, Java*, Ruby* and C.

• Web Development*: PHP, HTML, JavaScript, CSS, AJAX, JSON and XML

• SIEM Solutions: QRadar*, Splunk and Archsight

• Penetration Testing*: Web, Mobile, Hardware, Internal and external.

• Databases*: MySQL, MSSQL and MongoDB

• Operating Systems*: Linux, Microsoft, Android and IOS.

• Cloud: AWS*, Google Cloud and Azure.

• Others: Malware Analysis*, Vulnerability Management*, JOB EXPERIENCES

Nigeria Inter-Bank Settlement Systems PLC [Senior Information Security Analyst] July 2020 – Present

• Lead the App. Security team where I ensure all applications’ security-related risks are mitigated against.

• Conduct regular security assessment on the organization’s cloud infrastructure

• I head the threat intelligence arm of the SOC where event correlation, threat hunting activities and proactive remediation is carried out.

• Reduced security testing delays by integrating various automated security testing with the CI/CD pipeline.

• I work with the security Architect to ensure the architecture of applications are built with security in mind

• Actively involved in the agile team for four different work streams.

• Actively involved in network security in the firm.

• Manage the security of the firm’s cloud infrastructure.

• Conduct the VAPT of the various APIs the firm exposes to Banks.

• Actively contribute to the remediation of all identified vulnerabilities.

• Conducting domain security review and implementation of recommended security controls.

• I lead incident response activity and actively partake in forensic analysis.

• Perform code review the application security standard for the organization.

• I facilitate Training and awareness for colleagues and partners KPMG Nigeria [Cyber security consultant] Jan 2020 - July 2020

• Performed the quality assurance test for Clients’ implementation of SIEMs, SOARs and AntiVirus solutions for two top Banks in Nigeria. ·

• Performed red team exercises for a top Bank and a top National firm in Nigeria.

• Assist the client with the implementation of the recommendations

• Conducted Cyber Security Maturity Assessment for a top Client ·

• Conducted application and interface control reviews for a top financial institution

• Facilitated third party risk assessment for a top financial institution ·

• Conducted a comprehensive firewall review for a top financial institution after conducting a successful exfiltration exercise in the environment. ·

• Used OSINT for information gathering on of most top tier organization in Africa for practical sessions.

• Facilitated sessions to explain vulnerabilities, architectures and designs to C-level staff / Board members. Access Bank PLC [Information and Application Security Analyst]. Mar 2017 – Jan 2020

• Led the App. Security team where I ensure all applications’ security-related risks are mitigated against.

• Conducted VAPT on the Bank’s on-prem and cloud infrastructures

• Reviewed, proposed and implemented a better firewall management strategy (Perimeter and host-based) for the Bank which drastically reduced the number of illegitimate traffic by more than 90%.

• Interpreted the Bank's SIEM for reactive, predictive and corrective analysis.

• Led the security implementation in the design of new products, services and process in the Bank

• Provided third level support for cyber incidence, training and counter measure for the SOC.

• Provided support at least twice when a business disruption occurs. ·

• Contributed to the assessment of the effectiveness of security controls ·

• Provided support and contributions during changes to existing systems and implementation of new systems

• Implemented computer and network security standards at Access Bank Nigeria and Congo DR

• Conducted regular reviews of databases and applications to identify threats and remediate accordingly

• Assessed more than three emerging technologies and solutions to improve security posture.

• Incident response planning as well as the investigation of security breaches when/if they occur

• Developed a tracker program and social engineering assessment app implemented in the head office and subsidiaries which saved the Bank 20 million Naira.

• Participated in investigation, forensic analysis and recovery activities after three cyber incidents. Kudimoney Limited [Lead Software Developer] Dec 2016 - Mar 2017

• Software Development with Laravel and Lumen Micro PHP framework.

• Managed the firm’s AWS infrastructure

• Improved and codified the business model of the company and oversaw the Management of the website.

• Developed the security plan and policies for the startup (it was a startup when I joined).

• Conducted Vulnerability Assessments and Penetration Tests for the application.

• Investigated security breaches at the firm and designed the end-to-end architecture for the application.

• Communicated intrusions to the Manager and Conducted Training and awareness for colleagues EDUCATION

Federal University of Agriculture Abeokuta, Ogun State. [2014 - 2017] MSc Computer Science

Babcock University Ilisan-remo, Ogun State [2009 - 2012] BSC COMPUTER TECHNOLOGY

Contact this candidate