Tobechukwu Gwam

I am a cybersecurity and risk professional with a strong blend of technical expertise and governance, risk, and compliance (GRC) experience, developed across multiple roles and industries. My career demonstrates a clear progression from IT support into advanced cybersecurity operations and strategic advisory.

Currently serving as a Cybersecurity Consultant at the Institute of Disaster Management and Safety Science, I plays a key role in strengthening organisational security posture. I delivered phishing awareness training to over 500 staff, achieving a significant reduction in phishing susceptibility from 25% to 5% within three months. I also support senior leadership in conducting security reviews, analysing vulnerability scan results, and prioritising over 30 identified risks using structured risk assessment methodologies. My work ensures that remediation efforts are aligned with business impact and critical system protection.

In my Cybersecurity Internship at Oeson Learning, I gained hands-on experience in both offensive and defensive security. I performed penetration testing on training environments, identifying vulnerabilities and implementing remediation strategies. I also designed secure data protection mechanisms using encryption and deployed key security tools such as intrusion detection systems, firewalls, and honeypots to detect and prevent malicious activity. Additionally, I conducted security audits and applied network segmentation to enhance system resilience.

Throughout my Cybersecurity Analyst role in the Mastercard job simulation, I developed strong security operations capabilities. I configured and monitored SIEM tools to detect and respond to security incidents, improving response time by 15%. I identified threats such as phishing attacks and contributed to user awareness initiatives, strengthening the organisation’s overall security posture.

Earlier in my career, as a Compliance/System Analyst at First City Monument Bank, I built a solid foundation in risk management and fraud prevention over a 15-year period. I conducted risk assessments on over 300 loan requests annually, reducing fraud exposure by 20%, and contributed to reducing phishing-related losses by 25% through staff training. I also collaborated with IT teams to modernise legacy systems, reducing vulnerabilities by 30%, and developed SIEM detection rules that improved threat detection efficiency.

Overall, my experience reflects a well-rounded cybersecurity professional with proven impact in risk reduction, security operations, and organisational resilience.