E

Eguono obrik-uloho

About

Detail

Texas, United States

Timeline

work
Job

Résumé

Jobs verified_user 0% verified
  • B
    Application Security Sr. Accessor
    BLACK DUCK SOFTWARE
    Apr 2024 - Current (2 years 2 months)
    • Configured Blackduck, SAST/DAST scanning tools, called Polaris. • Conducted security assessments (SAST/DAST/SCA) forweb/mobile apps, identifying critical CVEs (e.g., Log4j, Spring4Shell). • Reduced vulnerabilities in production by integrating SAST tools into CI/CD pipelines. • Wrote and updated security plans to meet NIST 800.53 standards as a team. • Led threat modeling workshops using STRIDE, mitigating risks in microservices architectures. • Bug Bounty / Hackerone Investigation to investigate P1,P2,P3,P4 incidents. • Performed PKI related upgrading, installation, and troubleshooting using administrator privileges. Reviewed and resolved open remedy tickets assigned to the PKI Team • Ensured compliance with PCI DSS 6.5 by validat
  • Synopsys
    Senior SOC Consultant
    Synopsys
    Feb 2021 - Apr 2024 (3 years 3 months)
    • !Black Duck Software was spun off into an independent company - transferred. • Cut false positives through SIEM migrations and optimized alert rules. • Assisted in the design, implementation, and support of networking and cyber security components such as firewalls, IDS/IPS, malware prevention, backup and recovery, logging, SIEM solutions, identity management, and other cybersecurity-related solutions. • Investigated incidents while monitoring endpoints via EDR using CrowdStrike and SentinelOne. • Performed vulnerability scanning, assessment, and reporting using Tenable and worked with relevant teams to track remediation efforts. • Supported security compliance efforts such as, SOC2, ISO 27001 , NIST, FedRamp by providing logs, repo
  • N
    Security Risk and Compliance Consultant
    NTT (White Hat Security)
    Oct 2018 - Feb 2021 (2 years 5 months)
    • Reduced residual risk through control optimization and advising clients on cybersecurity risks • Reduced manual effort through automation of compliance evidence collection using AWS Config + Azure Policy • Reduced manual effort through automation compliance monitoring for 200+ AWS/Azure controls using Prisma Cloud + Terraform Develop physical security plans and threat mitigation strategies to address vulnerabilities and threats • Developed physical security programs (Policies, Procedures and Processes), including programs for NERC CIP-006 and CIP-014 Standards compliance • Conducted audits of the NERC Standards associated with Physical Security CIP-006 and CIP 014 • Collaborated with IT to implement CIS Benchmarks, hardening 200+ se