Information Security Los Angeles

Ike Charles Obasi

Los Angeles • 310-***-**** • ***.*****@*****.***

Personal Profile

I am an information security professional with a strong focus on Governance, Risk, and Compliance (GRC) and threat modelling. I specialize in developing and aligning cybersecurity strategies that safeguard critical assets, ensure regulatory compliance, and support business continuity. With deep knowledge of frameworks such as MITRE ATT&CK, NIST CSF, and CIS Controls, I proactively identify and assess risks, design secure architectures, and guide the implementation of effective controls. I excel at translating complex technical threats into actionable business insights and collaborate across functions to embed security throughout the organization. Driven by continuous improvement, my goal is to enable secure, compliant, and resilient business operations.

CERTIFICATIONS

https://www.credly.com/users/ikechukwu-obasi.58d6f484

EDUCATION

Master of Science in Information Technology

American Intercontinental University

Los Angeles, California

Professional Experience

Information Security Engineer

NUWAWORLD – Florida

10/2020 – Present

Conducted threat modeling using MITRE ATT&CK, identifying critical vulnerabilities and adversary behaviors across enterprise assets.

Developed and documented cybersecurity requirements, secure design guidelines, and reference architectures for cloud, network, and web applications.

Collaborated with engineering and project teams during all phases of the SDLC to ensure security controls were integrated early and effectively.

Communicated secure architecture concepts using diagramming tools to illustrate access control models, encryption points, and data flows.

Facilitated project security reviews and delivered clear, audience-specific presentations and documentation to technical and executive stakeholders.

Supported GRC efforts by aligning policies and risk mitigation activities to data protection regulations (HIPAA, SOX, CCPA, PCI DSS).

Assisted in security assurance efforts during M&A events, identifying integration risks and recommending compensating controls.

Performed risk assessments across cloud platforms, ensuring secure deployment and maintenance of IaaS, PaaS, and SaaS services.

Partnered with compliance, legal, and IT stakeholders to develop control matrices and ensure coverage of regulatory and contractual security obligations.

Balanced security requirements with operational constraints, supporting fast-paced deployments without compromising compliance posture.

Cybersecurity Engineer

CR Clinicals – Pennsylvania

06/2019 – 09/2020

• Analysed adversary tactics, techniques, and procedures (TTPs) using the MITRE ATT&CK and STRIDE frameworks, CVSS, and OSINT to identify threats, assess vulnerabilities, and improve detection and response strategies to enable faster threat containment.

• Developed and implemented governance frameworks to ensure compliance with ISO 27001, NIST 800-30, and other regulatory standards, reducing organizational risk exposure.

• Led risk assessments and mitigation efforts, utilizing metrics to evaluate security effectiveness and adjust strategies accordingly.

• Partnered with key stakeholders to develop a risk communication strategy, ensuring security risks were effectively reported to senior leadership.

• Managed and tracked Plans of Action & Milestones, collaborating with teams to remediate security gaps post-authorization.

• Advised on Service Level Agreements (SLAs) to ensure effective management and maintenance of security controls.

• Oversaw security for both on-premises and cloud infrastructure, leveraging Microsoft Sentinel for threat monitoring, log analysis, and incident response.

• Designed and executed incident response playbooks, improving response times and ensuring consistent event handling.

• Configured and monitored Microsoft Defender XDR to detect, investigate, and respond to security incidents efficiently.

• Managed Endpoint Detection and Response (EDR) solutions, addressing Tier 1 and Tier 2 alerts while conducting proactive threat investigations.

• Conducted penetration testing, application security testing, and gap analysis to strengthen security posture.

• Led vulnerability management initiatives using Microsoft Defender Vulnerability Management, ensuring risk identification and mitigation aligned with security policies and frameworks.

• Implemented cloud security controls, including firewalls, IDS/IPS, encryption, and IAM solutions.

• Provided security reports to executive leadership, demonstrating compliance adherence and control effectiveness.

• Led security awareness training programs, enhancing organizational proficiency in threat modelling, incident response, and risk management.

• Configured and managed Conditional Access policies in Microsoft Entra ID to enforce zero-trust security principles.

• Collaborated with security vendors to achieve and maintain SOC 2 compliance, streamlining audit processes through automation.

• Secured IT infrastructure during mergers and acquisitions ensuring compliance and risk mitigation during integration phases.

• Regularly audited and updated security policies to align with evolving regulatory requirements.

KEY SKILLS

Threat Modelling, Detection & Incident Response – Proficient in security monitoring and response using SIEM tools Splunk and Microsoft Sentinel, vulnerability scanning and malware analysis. Strong ability to assess and mitigate threats while effectively communicating security risks and strategies to stakeholders.

Security Governance & Compliance – Experienced in ISO 27001, NIST frameworks, risk assessments, and security auditing, ensuring regulatory compliance and risk management best practices.

Network & Cloud Security – Skilled in firewalls, IDS/IPS, encryption, IAM, network segmentation, and VPNs to enhance network resilience and protect critical assets.

Identity and Access Management (IAM) – Zero Trust Approach: Proficient in managing user authentication and authorisation, including Multi-Factor Authentication (MFA), Single Sign-On (SSO), and Identity Federation. Microsoft Entra ID Governance to ensure continuous monitoring of user permissions.

Collaboration & Security Training – Adept at cross-functional team coordination, developing technical documentation, and leading cybersecurity awareness training to strengthen security culture within organizations.

Cloud Data Protection & DLP – Hands-on experience implementing Microsoft Purview Data Loss Prevention (DLP) solutions and Cloud Access Security Brokers Microsoft Defender for Cloud App to secure sensitive data across cloud environments, endpoints, and Teams.

CHARITABLE ACTIVITIES

Los Angeles Regional Food Bank

Quarterly packaging and distribution of food and essentials to children, seniors, veterans, families and other individuals in need.

The less privileged, Making Lives Better and Making Better Lives in Africa through donations of life’s most essentials like Clothing, Food and Shelter.

Contact this candidate