Cybersecurity Analyst Security Controls

Olumide Lawal

*****, ****** ******, *** ****

Email: *******.**.*****@*****.***

Cell: 1-347-***-****

PROFILE SUMMARY

Dynamic and results-driven certified Cybersecurity Analyst with strong experience in delivering end-to-end security solutions across diverse industries. Proven expertise in security event monitoring, third-party risk management, vulnerability assessment, and incident response. Skilled in evaluating security controls, ensuring compliance with frameworks such as NIST, FISMA, GDPR, and PCI-DSS, and working cross-functionally to implement robust cybersecurity measures. Proficient in leading cybersecurity initiatives through tools like IBM Qradar, Splunk, and Nessus, with a track record of mitigating risks and ensuring business continuity.

EXPERIENCE

Kredit Bank Cera & Verzekering New York Cybersecurity Analyst 06/2023 – 02/2025

Collaborate with IT and business stakeholders.

Conduct continuous security event monitoring using Splunk, analyzing audit logs to detect and respond to potential threats.

Lead third-party vendor risk assessments, evaluating vendors’ security controls and compliance with industry standards such as GDPR and PCI-DSS.

Collaborate with IT department to implement advanced security measures, including firewall configuration, IDS/IPS, and endpoint protection with CrowdStrike and Microsoft Defender.

Oversee patch management, prioritizing vulnerability remediation based on risk assessments and addressing identified security gaps.

Develop and deliver security awareness programs to internal teams, enhancing understanding of the latest threat vectors and best practices.

Conduct audits of security controls, ensuring alignment with NIST and FISMA guidelines, and prepare detailed reports with recommendations to improve security posture.

Conducted third party vendors vetting using CAIQ (Consensus Assessment Initiative Questionnaire) and SIG (Security Information Gathering).

Used Splunk to monitor user’s file movement activities.

Audited third party vendors’ security controls using CCM (Cloud Controls Matrix) and note the exceptions in the Soc2 type 1 and type 2 reports.

Led comprehensive third-party vendor assessments, evaluating security controls against NIST and FISMA standards, resulting in a 25% improvement in vendor compliance.

Recertified users access lists of various applications with business owners within the bank.

United Bank for Africa New York Cybersecurity Analyst 09/2021 – 06/2023

Implemented data access security measures and investigated access violations.

Maintained information systems security database and coordinated user registration.

Monitored and audited the information system security database.

Prepared reports recommending corrective actions for security issues.

Coordinated responses to information security incidents and created security awareness programs.

Maintained the Cybersecurity Framework (GLBA & FFIEC).

Implemented and monitored network traffic using Fortigate.

Used Tripwire to detect changes to critical files, directories, and configurations, maintain compliance with regulatory requirements, provide a detailed audit trail of all changes made to the system, help in incident investigation and ensured systems are configured according to security policies and standards.

Monitored the network using LogRhythm and recorded device inventory.

Debugged user issues using the ServiceDesk ticketing system.

Participated in tabletop exercises and engaged in disaster recovery sessions.

Automated tasks with Linux and PowerShell.

Conducted internal audits, system scans, penetration tests, and ensured compliance.

Documented the physical and logical security elements of the enterprise network.

Produced weekly and monthly cybersecurity reports and metrics for upper management.

Used CrowdStrike for Endpoint Detection Response.

Monitored intrusion detection systems and created/monitored IDS signatures.

Provided project support related to integrating security platforms and ongoing tuning for existing technology.

Developed and enhanced digital and computer forensics capabilities.

Shared knowledge of threat intelligence/management during weekly meetings.

Increased security awareness across different departments.

CORE COMPETENCIES

Network Security Monitoring

Vulnerability Management

IPS/IDS

IBM Qradar

System Security Plan

CrowdStrike

Nessus

GDPR

PCI-DSS

FFIEC

Incident Response

Nessus

Third Party Risk Management

Cyber Risk Management

Business Continuity Planning

EDUCATION

St Joseph’s University (Brooklyn Campus)

Bachelor’s in science in General Studies

CERTIFICATIONS & TRAINING

CompTIA Security+

Cybersecurity GRC/CAP/RMF by MyITUniversity

Contact this candidate