T O B I DADA
**, ******** ******, ********** ********, Yaba, Lagos State, Nigeria.
Tobi.darda@gmail.c om LinkedIn
Tel : +2 3 4 8 1 2604 3960
PROFESSIONAL SUMMARY
I am an offensive and defense minded information security analyst with the drive and talent for aligning security architecture, plans, controls, processes, policies and procedures with security standards and operational goals. I am capable of working well with or without supervision, leading team members and possess the inept ability to grasp and teach new concepts very easily. I also aspire to manage a team of spirited individuals to achieve laid down objectives, set management goals and targets whilst constantly improving on our knowledge base.
PROFESSIONAL CERTIFICATES
• Offensive Security Web Expert (OSWE) [In View]
• AWS Certified Security – Specialty [In View]
• Offensive Security Certified Professional (OSCP) [2020]
• Certified Information Security Professional (CISSP) [2020]
• Check Point Certified Admin (CCSA) [2019]
• Computer Hacking Forensic Investigator (CHFI) [2018]
• Certified Lead Penetration Tester (CLPT) [2018]
• Comptia Security + (SYO-501) [2017]
• Certified Ethical Hacker (CEH) [2012]
PROFESSIONAL SKILLS
• Programming Languages: Python*, Java*, Ruby* and C.
• Web Development*: PHP, HTML, JavaScript, CSS, AJAX, JSON and XML
• SIEM Solutions: QRadar*, Splunk and Archsight
• Penetration Testing*: Web, Mobile, Hardware, Internal and external.
• Databases*: MySQL, MSSQL and MongoDB
• Operating Systems*: Linux, Microsoft, Android and IOS.
• Cloud: AWS*, Google Cloud and Azure.
• Others: Malware Analysis*, Vulnerability Management*, JOB EXPERIENCES
Nigeria Inter-Bank Settlement Systems PLC [Senior Information Security Analyst] July 2020 – Present
• Lead the App. Security team where I ensure all applications’ security-related risks are mitigated against.
• Conduct regular security assessment on the organization’s cloud infrastructure
• I head the threat intelligence arm of the SOC where event correlation, threat hunting activities and proactive remediation is carried out.
• Reduced security testing delays by integrating various automated security testing with the CI/CD pipeline.
• I work with the security Architect to ensure the architecture of applications are built with security in mind
• Actively involved in the agile team for four different work streams.
• Actively involved in network security in the firm.
• Manage the security of the firm’s cloud infrastructure.
• Conduct the VAPT of the various APIs the firm exposes to Banks.
• Actively contribute to the remediation of all identified vulnerabilities.
• Conducting domain security review and implementation of recommended security controls.
• I lead incident response activity and actively partake in forensic analysis.
• Perform code review the application security standard for the organization.
• I facilitate Training and awareness for colleagues and partners KPMG Nigeria [Cyber security consultant] Jan 2020 - July 2020
• Performed the quality assurance test for Clients’ implementation of SIEMs, SOARs and AntiVirus solutions for two top Banks in Nigeria. ·
• Performed red team exercises for a top Bank and a top National firm in Nigeria.
• Assist the client with the implementation of the recommendations
• Conducted Cyber Security Maturity Assessment for a top Client ·
• Conducted application and interface control reviews for a top financial institution
• Facilitated third party risk assessment for a top financial institution ·
• Conducted a comprehensive firewall review for a top financial institution after conducting a successful exfiltration exercise in the environment. ·
• Used OSINT for information gathering on of most top tier organization in Africa for practical sessions.
• Facilitated sessions to explain vulnerabilities, architectures and designs to C-level staff / Board members. Access Bank PLC [Information and Application Security Analyst]. Mar 2017 – Jan 2020
• Led the App. Security team where I ensure all applications’ security-related risks are mitigated against.
• Conducted VAPT on the Bank’s on-prem and cloud infrastructures
• Reviewed, proposed and implemented a better firewall management strategy (Perimeter and host-based) for the Bank which drastically reduced the number of illegitimate traffic by more than 90%.
• Interpreted the Bank's SIEM for reactive, predictive and corrective analysis.
• Led the security implementation in the design of new products, services and process in the Bank
• Provided third level support for cyber incidence, training and counter measure for the SOC.
• Provided support at least twice when a business disruption occurs. ·
• Contributed to the assessment of the effectiveness of security controls ·
• Provided support and contributions during changes to existing systems and implementation of new systems
• Implemented computer and network security standards at Access Bank Nigeria and Congo DR
• Conducted regular reviews of databases and applications to identify threats and remediate accordingly
• Assessed more than three emerging technologies and solutions to improve security posture.
• Incident response planning as well as the investigation of security breaches when/if they occur
• Developed a tracker program and social engineering assessment app implemented in the head office and subsidiaries which saved the Bank 20 million Naira.
• Participated in investigation, forensic analysis and recovery activities after three cyber incidents. Kudimoney Limited [Lead Software Developer] Dec 2016 - Mar 2017
• Software Development with Laravel and Lumen Micro PHP framework.
• Managed the firm’s AWS infrastructure
• Improved and codified the business model of the company and oversaw the Management of the website.
• Developed the security plan and policies for the startup (it was a startup when I joined).
• Conducted Vulnerability Assessments and Penetration Tests for the application.
• Investigated security breaches at the firm and designed the end-to-end architecture for the application.
• Communicated intrusions to the Manager and Conducted Training and awareness for colleagues EDUCATION
Federal University of Agriculture Abeokuta, Ogun State. [2014 - 2017] MSc Computer Science
Babcock University Ilisan-remo, Ogun State [2009 - 2012] BSC COMPUTER TECHNOLOGY