Senior Cybersecurity Business Consultant
Pufferfish Technology Limited
مجموع سنوات الخبرة :16 years, 6 أشهر
• Developed strategies and business plans to identify sales opportunities for different markets and generated new sales leads. Recommendations were adopted by the team and led to 30% increase in sales.
•Coordinated the successful completion of sales cycles with the sales team (achieved 15% sales conversion rate)
•Maintained customer satisfaction and followed up for more business opportunities from the client including referrals.
•Used market research and analysis to uncover new sales opportunities within existing customer base, growing revenue by $90, 000.
•Supervise the implementation of cybersecurity solutions to ensure alignment with client’s project objectives and deliverables.
•Managed the sales team, motivate them and help them to increase their performance.
•Monitor the performance of the Sales team and provide guidance and direction where required.
Provided periodical report with actual activities delivered to customer to the management team, which also included the actual costs associated with deliverables (reduced project costs by $25, 000)
•Developed the security architectural blueprint to facility effective protection of the organization's information and information assets.
•Led evaluation, selection and implementation of the following tools: Fraud Management, Security Information and Event Management (SIEM), automated vulnerability management, automated penetration testing, Governance, Risk and Compliance (GRC), Intrusion Detection System/Intrusion Preventive System (IDS/IPS), web and email threat filtering solutions, malware defense systems for endpoints.
•Monitored organizational networks for security breaches and investigated any violations.
•Conducted penetration testing and identified vulnerabilities within systems and collaborated with IT to resolve before they could be exploited.
•Prepared reports which documented security breaches and the extent of damage caused by breaches
•Developed and implemented the Cybersecurity framework for the bank align with the Central Bank of Nigeria (CBN) Risk-Based Cyber Security framework, NIST and ISO 27001 security standards.
•Implemented data protection and privacy controls to meet the requirements of the global and local data privacy regulations (GDPR, NDPR).
•Designed and implemented a robust cybersecurity Awareness program for all staff in the organization integrating phishing and social engineering attack simulations.
•Co-ordinate the security testing of application, APIs and mobile apps
•Implemented SWIFT Alliance Lite and other supporting SWIFT products.
Implemented Second Factor Authentication solution (soft and hard tokens) to improve access control for the enterprise solutions.
•Built a highly functional Cybersecurity Team by reorganizing and restructuring the Cybersecurity department (formerly under IT leadership), strategic talent acquisition and specialized cybersecurity training and leadership support.
•Developed and implemented of robust Cybersecurity framework and strategy that protected the organization's information and information systems availability, integrity and confidentiality. Reducing cyber fraud losses by over 90% in the first year.
•Implemented of a robust Security Awareness programme involving repeated phishing and other social engineering attack simulations resulting in increased staff security consciousness from about 24% to 7.5% in the first year (and 5.4% in the second year)
•Optimized the company’s portfolio of cybersecurity solutions to deliver improved ROI, delivering superior protection services and supporting secure business.
•Design and implemented a robust IT Risk and Vulnerability Management programme that delivered continuous vulnerability assessment, threat hunting, real-time risk visibility and an effective vulnerability and risk reporting dashboard for management and other stakeholders.
•Coordinated the certification and surveillance audit exercises for the ISO standards (27001, 22301, 9001, 45001 and 20000) as well as PCI DSS. Designing and supervising frequent control testing and improvement.
•Coordinated information security activities across the subsidiaries delivering unified security controls and risk management.
•Develop and implement the strategy for the Cyber Security Operations Centre (SOC) to deliver 24/7 security monitoring, security Orchestration and automated threat responses effectively reducing operational cost by 24%. Actively engaged the Managed Security Service Provider (MSSP) to ensure optimal security service delivery.
•Delivered clear and concise Cybersecurity performance and risk issues to Board and executive management, providing assurance on enterprise security posture and the evolving industry threat landscape.
•Led evaluation, selection and implementation of the appropriate security solutions: Cloud Access Security Broker (CASB), identity and access management (IAM), Privileged Access Management (PAM), Fraud Management, Security Information and Event Management (SIEM), web application firewall (WAF), malware defense solutions for cloud workloads, Kubernetes and Docker swarm containers.
Led the compliance assessment initiatives for Service Organization Control (SOC2) report for the organization's cloud based platforms.
Provided Project Management support for the integration of three ISO Management Standards - ISO 27001, 22301 and 20000 certification projects.
•Improved the bank's security posture by coordinating frequent Vulnerability Assessment and Penetration Testing of the organization's assets and working with relevant stakeholders to ensure prompt treatment of prioritized risk issues.
•Developed and implemented robust application security testing guidelines aligned with OWASP framework for APIs, web and mobile applications, delivering quality products and superior user experience.
•Worked with the Agile team to improve product quality by delivering secure coding training for the team and integrating Static and Dynamic Application Security Testing (SAST/DAST) solution with the software development pipeline.
•Design and implemented an automated IT Risk register, providing a singular Risk view for all stakeholders (Audit, Compliance and IT) and facilitating efective prioritization of IT Risk monitoring, tracking and resolution. This resulted in improvement in the Cybersecurity Maturity Index for the Organization to Level 3.
•Introduced the Purple team construct to optimize the red and blue teams eforts, delivering more threat-informed defenses.
•Developed and maintained a controls catalogue and supervised the periodic testing of critical controls. This enabled the bank avert potential losses from controls that were no longer efective due to Changes in IT environment.
Planning and coordinating of periodic and ad-hoc Compliance and Risk-based audit of the enterprise systems, people and processes as well as subsidiaries across Africa and the UK.
•Developed and implemented Control self-assessment questionnaires to support continuous and efective auditing of the enterprise.
•Managed the periodic compliance audit of the Bank to global security standards e.g. ISO 27001, 22301, 20000; VISA PIN Security &PCI DSS
•Improved product quality by providing User Acceptance Testing of applications to support organizational Change management program
•Carried out periodic income assurance review using Audit Command Language (ACL) software and investigating income leakages and imbalances in internal ledgers.
Contributed immensely to the growth of the Public Sector portfolio delivering an average annual balance sheet growth of over 30% year on year.
•Through persistence and superior relationship management, I was able to acquire new customers with huge business portfolio ramping up the team's financial performance (revenue) by over 28% by the 2nd year. .
•Provided strategic leadership and operational guidance for a team of six staf members, delivering outstanding financial performance and commendable customer satisfaction index. As a result, the team received the Star Team award in 2008
Leveraged on exceptional customer services and commitment to customer success to acquire new customers and deepen existing relationships achieving12% growth in revenue in first year.
•Developed advanced MS Excel templates to facilitate periodic financial performance reporting (MPR) to management, reducing the task TAT by 40%.
•Revamped the Investments and Risk Assets Portfolio management MS Excel database to improve quality of monitoring and reporting to management.
•Reorganized the document filing systems to facility faster retrieval and optimize physical storage space
Land transport scheduling and co-ordination for staf across Nigeria
•Preparation of periodic performance and operational reports for supervisors
•Assisted training vendor with computer training of Interns and some IT staf
لقد تم حذف الرابط بسبب انتهاكه لسياسة الموقع. يرجى التواصل مع قسم الدعم لمزيد من المعلومات.