Chimezie Nwakanma | Freelancer Resume

Chimezie Harrison Nwakanma PROFESSIONAL SUMMARY A dedicated Cybersecurity professional with hands-on experience in risk management, threat detection, GRC frameworks, and security operations across diverse environments. Skilled in assessing, mitigating, and reporting cyber risks while aligning security strategies with business objectives. Adept at working with NIST, ISO 27001, SOC 2, and MITRE ATT&CK to protect critical assets. Experienced in collaborating with executives, security teams, and stakeholders to drive security improvements. Seeking to bring my expertise in cyber risk strategy, threat modelling, and GRC practices. SKILLS & TECHNICAL PROFICIENCIES • Cyber Risk Strategy & Management • Threat Modeling & Business Impact Analysis • GRC Platforms (ServiceNow, Archer, RiskCloud) • Security Frameworks: NIST, ISO 27001, SOC 2, CSA STAR, OWASP • Incident Response & Digital Forensics • Cyber Risk Registers & KRI Development • SIEM & EDR: Azure Sentinel, Splunk, SentinelOne, DarkTrace, Sumo Logic • Identity & Access Management (Okta, ForgeRock, Transmit Security) • Compliance & Regulatory Alignment (GDPR, PCI-DSS, HIPAA) PROFESSIONAL EXPERIENCE TELUS COMMUNICATION 01/2023 - PRESENT SECURITY CONSULTANT • Conduct annual cybersecurity control reviews and monitor remediation of identified gaps to maintain compliance with NIST CSF and ISO 27001 standards • Performed cyber risk assessments and developed detailed risk registers aligned with NIST CSF and ISO 27001 to evaluate client vulnerabilities and risk exposure. • Partnered with IT and risk teams to resolve audit findings and improve compliance with security frameworks. • Develop and refine KRIs and KPIs for risk tracking, feeding into executive dashboards and board-level reports. • Collaborated with stakeholders to design and deliver comprehensive cyber risk reports and security dashboards, supporting executive-level decision-making. • Review and update security policies and standards annually, aligning them with evolving business and regulatory requirements • Conducted threat modelling using MITRE ATT&CK to identify potential attack vectors and implement stronger controls for critical assets. • Maintain and enhance the organization’s GRC solution, ensuring timely workflow completion and reporting accuracy • Integrated security recommendations into system architecture to ensure compliance with Canadian and U.S. regulatory frameworks. Tools & Frameworks: Archer, ServiceNow, OpenPages, MITRE ATT&CK, NIST CSF, ISO 27001, PowerShell. ITEK SOLUTIONS 07/2020- 12/2022 CYBERSECURITY RISK & COMPLIANCE ANALYST • Participated in the implementation and management of GRC processes using ServiceNow GRC, enabling streamlined tracking of compliance gaps and cyber risks across the organization. • Developed Key Risk Indicators (KRIs) and designed reporting frameworks that measured ongoing cyber risk posture and identified emerging threats. • Supported the governance function by assessing internal control effectiveness and contributing to annual security posture reviews. • Conducted security assessments and SOC 2 Type 2 readiness exercises, ensuring compliance with ISO 27001 requirements. • Partnered with senior business stakeholders to facilitate business impact analyses and design security strategies tailored to the organization’s risk appetite. • Support periodic compliance assessments with PCI DSS requirements and assist in evidence collection for audits • Provided detailed risk reporting to executives and board members, helping them make informed decisions regarding threat prioritization and remediation plans. Tools & Frameworks: ServiceNow GRC, ISO 27001, SOC 2, CSA STAR, GDPR, KRI Reporting. CYBERDON INC 06/2018 – 07/2020 SECURITY OPERATIONS & THREAT ANALYST • Performed vulnerability assessments across client web and mobile applications, identifying SQL Injection, XSS, CSRF, and authentication flaws. • Submitted verified vulnerabilities to platforms like Bugcrowd and HackerOne, collaborating with development teams on secure coding practices to prevent future exploitation. • Conducted threat hunting by analyzing endpoint, network, and application logs using Splunk and Wireshark, detecting anomalies and reducing attack surface. • Delivered tailored mitigation strategies for discovered vulnerabilities, ensuring proper alignment with OWASP Top 10 and secure development guidelines. • Gained experience using SentinelOne EDR for malware investigation and eradication in client environments. Tools & Frameworks: Splunk, SentinelOne, Dark Trace, Sumo Logic, Wireshark, Burp Suite, OWASP, MITRE ATT&CK. KEY PROJECTS Project: Enterprise Cyber Risk Management Framework Implementation • Designed and implemented a cyber risk management framework using NIST CSF. • Developed risk registers, KRIs, and reporting templates for executives. • Achieved 35% improvement in vulnerability remediation timelines. EDUCATION B.Tech, Information Technology. CERTIFICATIONS • Cisco Certified Networking Associate (CCNA) • AWS Certified Advanced Networking - Specialty • CompTIA Security+