Network Security Incident Response
Resume:
ABAYOMI ADAKO
Cybersecurity Engineer
Dallas, TX 214-***-**** **************@*****.***
Dynamic and results-driven cybersecurity professional with over 9 years of experience in SOC analysis, threat detection, and incident response. Adept at leveraging advanced cybersecurity tools and methodologies to troubleshoot and resolve complex IT security challenges while ensuring the confidentiality, integrity, and availability of critical information resources. Proven expertise in network security, vulnerability management, third-party risk assessments, and regulatory compliance. Skilled in deterring, identifying, containing, and preventing cyber-attacks on networks and endpoints through real-time monitoring, alerting, and proactive measures. Proficient in malware analysis, email security, data loss prevention, and optimizing SOC processes using industry-leading security solutions. Strong background in cloud security, risk management, and team collaboration with a passion for solving security challenges in high-pressure environments. Dedicated to continuous professional growth and delivering innovative solutions to safeguard organizational assets.
TECHNICAL SKILLS
Cloud Platforms: AWS (CloudWatch, CloudTrail, SNS), Azure, GCP, Kubernetes (K8s). Security Tools: Palo Alto Panorama, CrowdStrike, SentinelOne, Defender, QRadar, Splunk, Azure Sentinel, Proofpoint, Mimecast.
SIEM & SOAR Tools: Splunk Phantom, Cortex XSOAR, Rapid7, ServiceNow, Jira, Salesforce. Network Security: Palo Alto, Cisco Firewalls, Tenable Nessus, Wireshark, Nmap, IDS/IPS. Identity & Access Management: CyberArk, Delinea, BeyondTrust, Azure AD. Data Protection: Digital Guardian, Symantec DLP, Netskope, McAfee DLP. Scripting & Automation: Python, Bash, Terraform, Ansible, Yaml, Groovy, KQL. Operating Systems: Linux (Ubuntu), Windows Server, MacOS. Analysis & Reporting: Power BI, Tableau.
PROFESSIONAL EXPERIENCE
Information Security Manager Verizon 2020 to Present Lead incident response team, act as the Data Protection Officer, and develop security training while overseeing the vulnerability management program. Also implementing security tools, conduct tests, and manage vulnerability and patch management
Spearheaded the implementation and optimization of Digital Guardian DLP, reducing data leakage incidents by 30% and protecting intellectual property and sensitive data.
Managed firewalls using Palo Alto Networks Panorama, ensuring secure configurations and enforcing robust access policies.
Designed and executed automated threat detection and incident response workflows using SOAR tools, reducing response times by 40%.
Developed and led vulnerability management programs, conducting risk assessments, penetration tests, and remediation strategies using tools like Nessus and QRadar.
Created custom Splunk dashboards and reports, providing real-time insights into security metrics and potential vulnerabilities for senior leadership.
Acted as the Data Protection Officer, managing data classification, protection, and identity and access management policies.
Conducted in-depth investigations leveraging Splunk and SentinelOne to identify and neutralize advanced persistent threats (APTs).
Led security training programs for end-users and IT teams, establishing KPIs and fostering cybersecurity awareness across the organization.
Integrated threat intelligence sources to enhance vulnerability management strategies and address emerging security threats.
Developed automated remediation processes for vulnerabilities stemming from Windows updates and third-party software, significantly reducing manual intervention.
Monitored industry trends and emerging threats, aligning security strategies with evolving technologies and regulatory requirements.
Provided mentorship to junior analysts, enhancing skills in binary analysis, phishing investigations, and endpoint security.
Cyber Security Associate GDIT 2017 to 2020
Managed virtual firewalls and network security zones, swiftly responding to security breaches. Utilizing advanced tools like SIEM and DLP to monitor system activity for malicious behavior and keeping the team updated on emerging threats and vulnerabilities.
Investigate emails and attachments to identify the presence of any phishing or malware attack and to prevent the loss of sensitive data.
Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.
Investigating security breaches and other cybersecurity incidents
Managing virtual firewalls, access control lists, and network security zones
Quickly acquiring, utilizing, and communicating knowledge on new technologies and solutions, emerging threats and vulnerabilities to the team and upper management
Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), sniffers and malware analysis tools to investigate and analyze potential threats.
Utilizing Endpoint Detection and Response tools such as Defender and Cortex to detect malicious processes and lateral movement in the network.
Monitoring open source and commercial threat intelligence for IOCs, new vulnerabilities, software weaknesses, and other attacker TTPs
Followed the investigation, track and analyze advanced persistent threat (APT) groups, cyber threats and security reporting and open source intelligent (OSINT).
Performing security operations, abuse detection, incident management, reverse engineering, security analysis and testing.
SOC Analyst I Spissys Solutions Inc. 2016 to 2017 Conducted security control assessments to evaluate adequacy of operational, privacy, and technical security controls. Applied necessary security patches within NIST and enterprise guidelines to safeguard systems against known vulnerabilities and exploits. Developed and documented security operations processes and guidelines to standardize security practices and enhance operational efficiency.
Evaluated potential threat of exploitation for identified vulnerabilities and assessed associated impacts to facilitate informed decision-making regarding risk mitigation strategies.
Conducted security vulnerability and risk assessments using social engineering to identify system liabilities and develop remediation plans and security procedures.
Monitoring the local threat ops channels/SIEM/AV/DLP Policy violation consoles and notifying the client/stakeholders of any suspicious/malicious activity within agreed SLA timelines
Respond to cyber incidents, performing detailed analysis using complex tools to determine the root cause and impact by using a broad range of demonstrated experience (e.g. forensics, networking, server, coding etc.) to determine a malicious actor’s tactics, techniques, and procedures.
Analyzing network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture.
Created and updated security event investigation notes conducted shift change reports on open cases and maintained case data in the Incident Response Management platform.
Captured suspicious emails going to external senders from our internal users whose email was flagged for ethical red flags or certain words configured to be.
Utilized Symantec endpoint tools to determine if embedded links within incoming emails are malicious.
EDUCATION
Master of Science, - Economics. University of Lagos. Nigeria.
Bachelor of Science, - Computer Science. Ebonyi State University of Science and Technology, Nigeria.
CERTIFICATIONS
Certified Information Security Manager (CISM) AWS Cloud Practitioner AWS Solutions Architect CompTIA Security+ Terraform Associate
Contact this candidate