ADEYEMI ADEMILUYI
(I am available to resume work immediately)
Threats Intelligence |Data Privacy| Info & Cyber Security | Forensics | Management |Consulting
To apply business intelligence, defensive information techniques and offensive
knowledge to achieve organizational goals and objectives.
Email Address:
Phone Contact:
--
EDUCATION
•
•
•
•
Master in Business Administration (MBA)
PGD in Computer Science
Institute of Information Security, India
First University Degree (B.A)
Certifications & Trainings
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
EC-Council Chief Certified Information Security Officer Certification (CCISO)
ISO 27035 Lead Security Incident Manager Certification
ISO 27001 Information Security Manager Certification
ISO 27032 Lead Cyber Security Manager Certification
ISO 22301 Business Continuity Manager Certification
Cisco Certified Network Associate Certification
Certified Ethical Hacker Certification
CISSP
Privacy law and Data Protection
Advanced Cyber Threat Intelligence
US-Homeland Security Industrial Control System
Active Countermeasures Threat Hunting
PECB Certified Trainer
Project Management, LBS Ghana
PCIDSS trained Assessor
CheckPoint Certified Sandblast Administrator
FireEye Systems Engineer
Certified Blockchain Expert
Cyberoam Certified Network Sec Professional
Credit Card Security Professional
Certified Web Application Security Tester
Certified Information Security Consultant
Certified Professional Forensic Analyst
Certified Professional Hacker (Nxt) Generation
Other Achievement:
•
•
•
Helped over twelve (12) Entities in West African to achieve ISO 27001 and PCIDSS Certifications
Helped Eight (8) top Banks in West Africa improve Cyber security controls
Trained over 1065 Delegates from West Africa Information and Cyber Security
•
•
•
•
•
•
•
Project managed and deliver over 25 Information and Cyber security projects
Trained over 1200 young adults on Cyber Security Awareness Education
Published two books to increase IT and Cyber security knowledge in West Africa
Involved in over Thirteen (13) Cyber incidences and Investigations
Presented and participated in over ten (10) Cyber and information security Conferences
Support Law Enforcement Agencies to increase/promote Cyber security awareness
Helped two (2) Commercial Banks prevented breach worth Millions
WORKING EXPERIENCE(S)
intelPRO Corporation
Position: Information and Cyber Security Specialist
(FREELANCE Contract)
ROLES & RESPONSIBILITIES
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Perform Security Assessment and Penetration testing on new applications, network designs and existing
environments
Conduct regular threat modelling Gather requirements and current standards to overview technology and
make recommendations
Develop and review Use security project case and provide necessary justifications
Perform threat hunting, malware analysis, indicator of Compromise (IOC) and Indicator of Attacks (IOA)
assessment after cyber incidence with the SOC Team.
Perform internal and external penetration testing of network infrastructure and applications
Perform Red team assessments including physical, cloud, social engineering, and network exploitation
Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols,
and databases
Work closely with Blue team to test efficacy of existing alerts and help create new detection.
Engaging with Incident Response and Security Operations team to discuss new threats pattern and attack
techniques to improve intelligence gathering
Conduct Malware Analysis, Information Gathering, Virus/ Trojan Assessment, Payloads, Exploits,
Key loggers & Antivirus Analysis.
Review and recommend adequate controls for Cyber Security Projects implementation for SIEM, SOC,
Cloud infrastructures Azure & AWS, NAC, DLP, Anti-Ddos Tools, and Deception Grid
Perform periodic quality Risk assessments to ensure relevant processes and procedures are being
performed as expected and planned, and provide recommendations for noted deficiencies.
Regularly engaging functional leaders and business owners to ensure threat intelligence analysis and
products are mapped to prioritized corporate assets and risks.
Participate in technical discussions to facilitate the identification, mitigation and containment of cyber
security risk.
Conduct Virtual training on Information and Cyber security training for Banks, Insurance and Government
delegates
Conduct researches on threat actors and TTPs, intrusion kill chain, cyber risks, and Intelligence and analysis
methodologies.
Experience in using various open sources and tools to research external threat actors and threat actor
groups.
Using Power shell, python and ruby scripting to conduct regular review for security loopholes on Servers,
Applications and Network infrastructures
Conduct regular review of security policies, procedures and international standards in line with Data
security policy and privacy requirements such as GDPR, NIST etc
Design and communicate security tips and latest attack techniques to drive Awareness on new threat
techniques and attack patterns
Conduct risk based assessment and threat modelling on Project requirements and ensure controls are
implemented correctly.
Emirates NBD Bank
Position: Senior Security Architect
Nov 2019 – Sept 2020
ROLES & RESPONSIBILITIES
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Performed and provided end-to-end Security Architect engineering and threat management supports for
Core Banking Application project
Ensure adequate security processes, procedures and controls are followed and well implemented in line
with UAE/KSA Cyber security frameworks and regulations
Perform Security Vulnerability Assessment and Penetration testing on new and existing environments
Plan architecture changes and help create project management recommendations
Perform threat hunting, malware analysis and threat modeling
Participate in project reviews, risk assessment, security requirements for Cloud Architectures (Amazon Web
Services, Microsoft Azure) for implementations and Security assessments.
Keep up-to-date on the latest security standards, Data Privacy and enforcing compliance in line with Bank
policies.
Perform regular Red team assessments including physical, cloud, social engineering, and network
exploitation
Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols,
websites, Wireless and databases
Document security procedures for LANs, WANs, Cloud requirements and VPNs projects in line with security
best practices and bank policies.
Conduct risk based assessment and threat modelling on Project requirements and implementation
Address security issues during Data replication and application deployment
Designing, build, test and implement Security systems within Emirates NBD
Responsible for Security Architecture design review based on Zero trust, SABSA and TOGAF frameworks.
Estimate and review budget and security requirements for projects and deliverables
Perform security/control reviews and project implementation based on ISO 27001, UAE (IAS), ISO 22301,
CIS, NIST frameworks, ISO 27032 and PCIDSS standards.
Designing, build, test and implement security systems within Emirates NBD for project on Authentication
Services (Single sign-on, Multi factor authentication, Session and token authentication, Authorization
Services (Privileged access, Roles, Rules and attributes)
Conduct security review for User management Services (Provisioning, de-provisioning, Self-service and
Delegation)
Perform security reviews on directory Services (identity store, Directory Federation, Metadata
synchronization and Virtual directory
Reviewing time to time Applications and Network security controls, and providing recommendation for
improvements
Conducting regular system tests and ensuring continuous monitoring of network security devices
Developing project timelines for ongoing system upgrades and implementations
Ensuring all personnel have access to the IT system limited by need and role
Establishing disaster recovery procedures and conducting breach of security drills
Promptly responding to all security incidents and providing thorough post-event analyses
INLAKS Limited
JAN 2018 - Oct 2019
Position: Cyber Security Manager
ROLES & RESPONSIBILITIES
•
•
•
•
Execute IT Security Program to protect data and critical information technology resources from a wide
range of threats in order to ensure business continuity, minimize the business risk, and maximize return on
investments and business opportunities.
Develop and deliver a portfolio of IT Security Management Programs that supports business objectives
and INLAKS Customers
Conduct Vulnerability Assessment, Ethical hacking and Penetration testing on Networks, Websites,
Applications, and Database etc.
Conduct breach assessment and threat hunting using open source and license tools
•
•
•
•
•
•
•
•
•
•
•
•
Conduct security assessments for new and existing applications and services that will integrate into the IT
systems and/or provide services for the INLAKS and her Customers.
Apply an advanced knowledge of monitoring, analyzing, detecting, and responding to Cyber events and
incidents within information systems and networks.
Consult on integrated, dynamic Cyber defense and leverage Cyber security solutions to deliver Cyber
security operational effects, including intrusion detection and prevention, situational awareness of network
intrusions, security events and data spillage, and incident response actions.
Lead staff on intelligence and counterintelligence collection through network analysis and reporting.
Define, design and deliver IT security that takes into consideration business unit strategic goals, internal
customer needs, and the overall technology strategy
Maintain existing and define new information security policies as required
Oversight and management of the Vulnerability Management Program for devices, Cloud infrastructures
and applications that support the business
Manage and contain information security incidents and events to protect organization assets, intellectual
property, regulated data and the company's reputation.
Provide Information Security awareness, education and training to employees to ensure an understanding
of their role in protecting organizational data and systems
Regularly evaluate industry trends, changes, innovations, and maturity to recommend and plan the
introduction of new technologies. Stay abreast of technological developments to provide business partners
with best in class economics for necessary infrastructure
Oversee the selection testing, deployment, and maintenance of security hardware and software products
as well as outsourced arrangements
Manage the organizations IT security staff and consultants/contractors that support the IT Security
Management Program.
Digital Jewels Limited
Feb 2014 – Dec 2017
Position: Information Security/GRC Consultant
ROLES & RESPONSIBILITIES
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Conduct Penetration Testing, Ethical Hacking, Security Assessment, Social Engineering when required
Conduct Malware Analysis, Information Gathering, Virus/ Trojan Assessment, Payloads, Exploits,
Key loggers & Antivirus Analysis
Implement, review and manage Cyber Security Projects Such SIEM, SOC, Cloud infrastructures, NOC, DLP,
Anti-DDoS Tools, and Deception Grid.
Developing and analyzing scripts to test for security weaknesses on Database, File and Exchange Servers.
Perform regular Red team assessments including physical, social engineering, and network exploitation.
Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols,
and databases.
Verifies security systems flaws by developing and implementing test scripts.
Maintains security by monitoring and ensuring compliance to standards, policies and procedures;
conducting incident response analyses; developing and conducting training programs.
Review and conduct security assessment of cyber security operations and critical assets and Infrastructures,
such as Distribution and Transmission systems, Power and Energy distributions, ICS and SCADA Systems
Determines security requirements by evaluating business strategies and requirements; researching
information security standards; conducting system security and vulnerability analyses and risk assessments;
studying architecture/platform; identifying integration issues; preparing cost estimates.
Assist in designing and supporting the overall security architecture of the enterprise systems/OT
environment in line with best practices, NIST frameworks and international Standards
Work closely with Program Managers and team leads to build security into projects.
Perform periodic quality Risk assessments to ensure relevant processes and procedures are being
performed as expected and planned, and provide recommendations for noted deficiencies.
Engage with Incident Response, Security Operations, and other Paranoids teams.
Develop close working partnerships with functional senior leaders to ensure threat intelligence analysis and
products are mapped to prioritized corporate assets and risks.
•
•
•
•
•
•
•
Participate in technical discussions to facilitate the identification, mitigation and containment of cyber
security incidents
Provide quality control over team products; assist with drafting, editing, critiquing, and proofreading threat
intelligence estimates, briefs, assessments, and memorandums.
Experience in using various open sources and tools to research external threat actors and threat actor
groups
Conduct researches on threat actors and TTPs, intrusion kill chain, cyber risks, and Intelligence and analysis
methodologies.
Conduct awareness of the dark web and threat actor usage of forums and marketplaces. Conduct
Investigation on Memory, Hard Drives, Systems, Networks etc.
Support Organizations to implement, attain compliance and ISO Certifications such as ISO 27001, ISO
22301, NIST frameworks, ISO 27032 and PCIDSS standards.
Conduct Technical and Non-Technical training when required, attend to other issues such as Proposal
Development, Presentations, support Recruitment exercise and involve in Business Development Etc.
. Information Management Resources Nig Ltd (IMR)
Position:
MAY 2006 – FEB 2014
Senior Supports Engineer
ROLES & RESPONSIBILITIES
•
•
•
•
•
•
•
•
•
•
•
•
Attend to clients ICT technical issues relating to repairs, troubleshooting, installations, deployment of
Hardware and software on SERVERS
Responsible for troubleshooting and repair of ML Servers, COMPUTERS, LAPTOPS, PRINTERS & UPS etc.
Deploy and installation high end servers in and at client sites.
Configure AD, DNS, DHCP, NETBIOS, WORKGROUP, Domain for clients
Manage and attend to clients request/challenges on LAN/WAN and installation of network devices such
as SWITCHES, ROUTERS, FIREWALL VSAT, Voip/PABX, VLAN, VPN, LAN, WAN, LWAN, MAN
Project manage Fiber Optics, Cat 5, 6, cabling & terminations and ensuring proper installation of SIEMs,
FIREWALL, IDS, IPS, HONEYPOT etc.
Monitor daily intelligence operations feeds from SIEMS, NOC & SOC
Attend to installation and deployment of CCTV Cameras
Project manage and support PriceWaterHouseCooper (PWC) contract on IT Work Tools, Server
Maintenance and operations
Project manage and support Central Bank of Nigeria - IT Work Tools Maintenance contract
Project manage and support ECOWAS - Network Security Devices & Wireless Connectivity deployment
Project manage and support NETCO system and server maintenance
Project manage and support WEMA Bank maintenance contract
Project manage OAU INTECU fibre projects, Network Security deployment for Cloud computing, SOC and
NOC.
Other Achievement:
•
•
•
•
•
•
•
•
•
Helped over twelve (12) Entities in West African to achieve ISO 27001 and PCIDSS Certifications
Helped Eight (8) top Banks in West Africa improve Cyber security controls
Trained over 165 Delegates from West Africa Information and Cyber Security
Project managed and deliver over 25 Information and Cyber security projects
Trained over 1200 young adults on Cyber Security Awareness Education
Published two books to increase IT and Cyber security knowledge in West Africa
Involved in over Thirteen (13) Cyber incidences and Investigations
Presented and participated in over ten (10) Cyber and information security Conferences
Support Law Enforcement Agencies to increase/promote Cyber security awareness
•
Helped two (2) Commercial Banks prevented breach worth Millions
REFEREE(S): To be provided on request.
