Adewunmi Adeleke

Experience

• 

  DATASIXTH CONSULTING

  Sept 2019 - Jun 2022

  Led incident response efforts for multiple security incidents, including forensic, remediation, and communication with stakeholders as well as collaborated with 20+ team members to develop and implemented an incident response plan that significantly reduced the mean time to respond to security incidents.Conducted successful penetration testing and vulnerability assessments for a variety of critical systems and applications, identifying and remediating numerous critical vulnerabilities.Developed and implemented security policy and framework that met regulatory requirements and improved security posture by 25%.Trained and mentored 10+ junior staff members on cyber security best practices, resulting in a more skilled and capable security team. Show less Developed and implemented security policies and procedures that met regulatory and industry standards, including HIPAA, PCI-DSS, and GDPR as well as successfully developed and implemented a security policy and framework that met regulatory requirements and improved security posture by 30%Designed and deployed a network segmentation strategy that improved network security and reduced the attack surface by 50%Assisted in the development and implementation of cloud security strategy that enabled the organization to migrate critical systems to the cloud while maintaining security and compliance.Conducted a comprehensive risk assessment of the organization's critical systems and identified and remediated 75% of the identified vulnerabilities. Show less

  • SOC Analyst

    Sept 2020 - Jun 2022

  • SOC Operator

    Sept 2019 - Aug 2020
• 

  Fidelity Bank PLC

  Jun 2022 - May 2023

  Information Systems Control Analyst

  Conduct management of user access to servers using PAM (Privilege Access Manager), monitor access to and activities on critical databases using DAM (Database Access Monitoring) tool, and change control management on critical applications using FIM (Firewall Integrity Monitoring) tool, as well as work closely with a team of 6 members in Information Security Control Unit to maintain 24/7 secured bank operations and report directly to Team Lead.Review and approve SQL scripts prior to execution on database, conduct code reviews on application codes prior to deployment and Conduct security assessments and reviews to ensure the secure authentication and authorization of users and confidentiality of information on the bank applications and systems through MFA, security certificates, proper password, and session management, also to ascertain compliance to ISO27001 and PCIDSS standards.Develop and implement a comprehensive cyber security strategy that lead to a 50% reduction in security incidents over a 12-month period. Show less

• 

  Resilient Software Security

  Sept 2022 - Dec 2023

  Software Security Engineer

  Carry out threat modeling on application diagrams, develop and implement security policies and procedures based on Client environment to meet regulatory and industry standards.Deploy application source code to cloud environment using GitHub Actions CICD pipeline while integrating Static Application Security Testing (SAST), Software Composition Analysis (SCA) and Dynamic Application Security Testing (DAST) into the pipeline. Conduct Dynamic Application Security Testing (DAST) manually on application post deployment, analyze results and provide remediation actions.Implement Security Controls around web application in the cloud environments, adhere to security policies, procedures, and best practices for SAST application users as well as document all actions for effective communication. Show less

• 

  Polaris Bank Ltd.

  Jun 2023 - Sept 2023

  Information System Auditor

  Execute planned audit programs to review the bank’s Cybersecurity Governance and Oversight framework, Cybersecurity Risk Management Systems, Cybersecurity Operational Resilience, Metrics, Monitoring & Reporting and Compliance with Statutory and Regulatory Requirements.Conduct regular audits of Information Security Monitoring tools, Vulnerability assessment tools, other Information Security and Control Applications and operating systems as assigned.Investigate security and data breaches to identify incident root causes, internal control gaps/failure points and vulnerabilities exploited; and to proffer solutions/recommendations to prevent reoccurrence and exposure to corporate liability, sanctions, and litigations. Show less

• 

  FCMB Group

  Sept 2023 - Dec 2023

  Application Security Control Analyst

  - Testing of new and existing applications and APIs for vulnerabilities using Burpsuite, OwaspZap, Postman.- Review of applications and SDLC for compliance to security standards.- Review of changes made on critical applications using Cimtrak.