Segun Ladeji
Brampton,Canada
Summary
Experienced Cyber Security Professional with 12 years of progressive experience in the field. Demonstrate skills in identifying business risks and compliance issues and designing proactive solutions. Background in designing and implementing layered network security approaches. Incident investigation expert, working within house vendors teams to research identify reports of incidents. Expertize in major defense monitoring tools i.e., firewalls, EDR, IDS/IPS, phishing and email security, content filtering, wireless DDOS, SIEM. Highly experienced information security professional, with vast experience in complete security solutions, security information event management, vulnerability scanning, and application/system security management. Possess an outstanding communication, great interpersonal and leadership skills. In search of opportunities that offer growth, challenges, and responsibilities as a successful security analyst/consultant of a vulnerability assessor in a well-established Organization. Highly-motivated employee with desire to take on new challenges. Strong work ethic, adaptability, and exceptional interpersonal skills. Adept at working effectively unsupervised and quickly mastering new skills. Focused security analyst with extensive knowledge of threat detection, prevention and analysis. Leverages expertise in security software and products to build solid IT security infrastructure. Detail-oriented leader and proactive communicator dedicated to safeguarding against threats.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Senior Information Security Engineer
Mindbridge Analytics
Ottawa, Canada
05.2019 - Current
- Lead and facilitate threat modeling exercises to ensure optimized security design decisions are being made
- Perform application security assessments using industry standards (e.g., OWASP ASVS)
- Execute penetration tests using a broad range of tools to discover and exploit possible vulnerabilities and weaknesses within cloud, on-prem, and hybrid environments
- Report directly to a project manager and provide ongoing support for enterprise tool deployments
- Collaborate with Business Architects, Solution Architects, Operations, Maintenance, and Project Execution teams to gather requirements and support planning and scheduling of work
- Manage the audit of services and solutions against frameworks such as ISO 27001, SOC 2, GDPR, and CCPA
- Document findings and remediation recommendations and collaborate with consulting team and customers to ensure vulnerability findings are successfully and efficiently addressed
- Acted as team leader in group projects, delegating tasks and providing feedback
- Performing penetration tests against internal and/or external environment of different organizations including network, servers, workstations, applications, API and online/cloud services
- Conduct network and application vulnerability assessments
- Maintain up-to-date knowledge of security standards e.g., OWASP, NIST, other security standards, security testing, and technologies
- Write reports including technical details, risk analysis and providing remediation recommendations for identified issues
- Participate in project related meetings: information gathering, solution design, project checkpoints and serve as subject matter expert in areas of network security, application security, and attack and defense techniques and countermeasures
- Provide guidance on implementing and/or improving secure software development processes
- Deliver training and provide mentoring to software engineers on security and DevSecOps topics.
Information Security Analyst
Royal Bank of Canada
Toronto, Canada
10.2015 - 05.2019
- Conduct Security Threat and Risk Assessments (TRAs) for third party vendors Products and provide risk report with recommendations
- Lead risk assessments to measure risk exposures, identify internal control weaknesses, improve control environment and minimize risk of loss events
- Led day-to-day operational activities (e.g
- Change Management, Vulnerability Management, Risk Management etc.)
- Develop security controls and processes to support agile environment that is on-premises and cloud-based architecture
- Develop and maintain GRC programs and Information Security policies and procedures, and work with policy owners to update current policies and procedures to further improve data security
- Develop recommendations on effective control design and operational risk management best practices
- Support development of key performance and risk indicators for executive and board level dashboards and control maturity scorecards will be included within your mandate
- Support reviews conducted by Internal Audit and Compliance as well as external auditors and regulators
- Led Interface with client and external assessors to coordinate security audits and assessments
- Accountable for consultation and issue resolution as first point of inquiry/escalation and problem resolution for Access Manager provisioning/procurement related activities
- Support and maintain communication with Computer Security Incident Response Team (CSIRT) team members ensuring timely communication to all stakeholders regarding incident response activities
- Led develop and participate in development of Key Risk Indicators and monitor compliance
- Worked with various infrastructure teams to provide advisory services
- Respond to and remediate incidents as required; escalating when appropriate
- Lead complex projects providing security advise to ensure information security risk are mitigated
- Facilitated solution for multiple security domains (Security Management, Security Engineering, Identity and Access Management, etc.), review documents (Security Design) and creating assessment documents (Threat Risk Assessment)
- Classified data and assess information security risk in order for business functions to make informed decisions to protect information assets
- Implemented understanding of information security requirements and compliance frameworks such as NIST, ISO27001, PCI, FFIEC, SOX, and COBIT5
- Provided support, and compliance reviews, for access gateways and privileged access industry practices
- Worked with IT Risk Director in identification and analysis of risk scenarios
- Participated in risk analysis sessions and risk assessment activity within Lines of Business (LOB)
- Reviewed violations of computer security procedures and developed mitigation plans
- Provide key access reports and statistics to management and audit in support of RBC access reviews
- Maintain documentation to track compliance with appropriate standards and legislations (e.g
- ISO 27001, HIPAA, GDPR)
- Assist senior management with annual reviews of assignment information in support of policy requirement.
Cyber Control Analyst
Royal Bank of Canada
Toronto, Canada
11.2012 - 10.2015
- Worked with stakeholders to perform Cyber Control assessments to determine points of non-compliance and provide insight into risks identified
- Participated in Security Review discussions, Walkthroughs and Assessments/Security Workshops
- Facilitated Issue Management approval process
- Provided security guidance to RBC Groups when called upon, as part of application control assessment lifecycle
- Assessed security of our RBC Financial applications with focus on review of logical controls
- Provided support to other assessors through peer reviews of work products as required
- Provided ad-hoc Security guidance to stakeholder community on assessments with aids of ISO 27001, PCI, FFIEC, SOX, ITIL, ITSG framework
- Conferred with clients to identify and document requirements
- Conducted business and technical studies
- Designed, developed, integrated, tested and implemented information systems business solutions
- Provided advice on information systems strategy, policy, management, security and service delivery
- Maintained familiarity with current events and risk developments in areas of IT Governance and Controls
- Assisted with maintaining divisional procedures, manuals, and training materials and in updating them to reflect significant changes in professional or divisional standards.
Education
Bachelor of Technology -
LADOKE AKINTOLA UNIVERSITY OF TECHNOLOGY
CYBER SECURITY DIPLOMA -
CDI COLLEGE BRAMPTON
Skills
- Decision Making
- Fast Learner
- Problem Solving
- Time Management
- Teamwork
- Ability to Work Under Pressure
- Communication
- Leadership
- Agile Software Development
- DevSecOps
- Security Policies
- Information Systems
- Computer Security
- Scheduling
- Indicators
- Threat Modeling
- Operational Risk Management
- Risk Analysis
- Security Controls
- Operational Risk Consulting
- Business Operations
- Security Information And Event Management (SIEM)
- Leverage Management Information Systems
- Bank Insurance Model (BIM)
- Mitigation
- Data Security
- Control Objectives For Information And Related Technology (COBIT)
- Security Testing
- Management Workstations
- Analytics Planning
- Governance
- Security Engineering
- Service Delivery
- Peripheral Component Interconnect (PCI)
- Change Management
- Vulnerability
- Software Development Procurement
- Vulnerability Management
- Risk Management
- Information Gathering
- Operations
- Infrastructure
- Application Programming Interface (API)
- Statistics
- Communications
- SPLUNK ENTERPRISE EXPERT
- SIEM
- IDS
- CLOUD INFRASTRUCTURE EXPERIENCE
- AZURE
- AWS
- GCP
- SOX COMPLIANCE AND SOC
- DEFENSE MONITORING TOOLS EXPERT
- FIREWALL
- EDR
- IDS/IPS
- PHISHING
- EMAIL SECURITY
Certification
- CEH
- CISM
- SCRUM
- CCNA
Languages
English
Professional
Timeline
Senior Information Security Engineer
Mindbridge Analytics
05.2019 - Current
Information Security Analyst
Royal Bank of Canada
10.2015 - 05.2019
Cyber Control Analyst
Royal Bank of Canada
11.2012 - 10.2015
Bachelor of Technology -
LADOKE AKINTOLA UNIVERSITY OF TECHNOLOGY
CYBER SECURITY DIPLOMA -
CDI COLLEGE BRAMPTON
Similar Profiles
Segun LadejiSegun Ladeji
Senior Information Security Engineer at Mindbridge AnalyticsSenior Information Security Engineer at Mindbridge Analytics
Zohair AmmarZohair Ammar
Customer Service Executive at MindbridgeCustomer Service Executive at Mindbridge
Adnan MustafaAdnan Mustafa
Fraud Prevention Specialist at Mindbridge Pvt Ltd (Revolut)Fraud Prevention Specialist at Mindbridge Pvt Ltd (Revolut)