Acting Chief Information Security Officer
Interswitch Limited
Keywords
Computer Security
HTML
JavaScript (Programming Language)
PHP (Programming Language)
Active Directory
Application Programming Interfaces (APIs)
Penetration Testing
Application Security
Burp Suite
Cloud Computing
Skills
Information Security, Cyber Security, IT Security, cloud, Cloud Security, Active Directory, Vulnerability management, PCI DSS, Penetration testing, phishing, OWASP, API security testing, Nessus, Qualys, Burp Suite, Kali Linux, Mobile Application, Operating systems, firewall, application security, Linux, Python, PHP, MySql, JavaScript, HTML
Project history
07/2021
-
03/2022
Lead the development and implementation of a comprehensive enterprise-wide Information Security and IT Risk
Management program and secure the buy-in of the Group Chief Risk Officer.
Update and maintain the Cyber Security strategy to leverage latest technology trends and prevent future security
threats, and share changes with relevant stakeholders.
Lead IT Security objectives and policies, through the identification of Interswitch Information and Infrastructure
Security risks.
Collaborate with Risk Team Leads to schedule periodic risk assessments and oversee respective profiles that
facilitate monitoring of IT Security risk.
Identify and communicate the actions needed to implement the Information Security strategy and business plan,
explain the relationship to the broader Interswitch mission, vision and values.
Prepare and manage short-term and annual workforce plans using existing analytical frameworks and tools to
identify the number and mix of staff required to meet the demand forecast.
Prepare budget, obtain approval, execute, control, evaluate and report budget variances.
Provide authoritative specialist advice to Senior and Executive Management teams to enable the implementation
of the IT Security strategy, policy, projects and change initiatives.
Management program and secure the buy-in of the Group Chief Risk Officer.
Update and maintain the Cyber Security strategy to leverage latest technology trends and prevent future security
threats, and share changes with relevant stakeholders.
Lead IT Security objectives and policies, through the identification of Interswitch Information and Infrastructure
Security risks.
Collaborate with Risk Team Leads to schedule periodic risk assessments and oversee respective profiles that
facilitate monitoring of IT Security risk.
Identify and communicate the actions needed to implement the Information Security strategy and business plan,
explain the relationship to the broader Interswitch mission, vision and values.
Prepare and manage short-term and annual workforce plans using existing analytical frameworks and tools to
identify the number and mix of staff required to meet the demand forecast.
Prepare budget, obtain approval, execute, control, evaluate and report budget variances.
Provide authoritative specialist advice to Senior and Executive Management teams to enable the implementation
of the IT Security strategy, policy, projects and change initiatives.
12/2019
-
07/2021
IT Security Manager, Solutions and Infrastructure Security, Enterprise Risk Management
Interswitch Limited
Engagement with senior management and the board on cybersecurity strategy design and implementation.
Deployment of Cyber security solutions as required within the Enterprise across cloud and on-prem infrastructure.
Development and communication of Security Baselines for Cloud Security, Active Directory, Operating Systems,
Databases, Networks to Technology teams using CIS Standards and NIST Frameworks.
Design, Development and Management of Vulnerability management program.
Management of vulnerabilities on all endpoints and business applications to prevent financial losses from cyber
security breaches and reduced risk to an acceptable threshold as determined by management.
Manage all Security compliance requirements that are part of ISO 20000, ISO27000, PCI DSS and Data
Privacy standards.
Provision of Cybersecurity Advisory on all new products and projects within the organization and
recommending proven architectures and solutions to support the business.
Management of endpoint security solutions on servers and workstations.
Periodic Penetration testing of all business applications and coordination of phishing campaigns.
Deployment of Cyber security solutions as required within the Enterprise across cloud and on-prem infrastructure.
Development and communication of Security Baselines for Cloud Security, Active Directory, Operating Systems,
Databases, Networks to Technology teams using CIS Standards and NIST Frameworks.
Design, Development and Management of Vulnerability management program.
Management of vulnerabilities on all endpoints and business applications to prevent financial losses from cyber
security breaches and reduced risk to an acceptable threshold as determined by management.
Manage all Security compliance requirements that are part of ISO 20000, ISO27000, PCI DSS and Data
Privacy standards.
Provision of Cybersecurity Advisory on all new products and projects within the organization and
recommending proven architectures and solutions to support the business.
Management of endpoint security solutions on servers and workstations.
Periodic Penetration testing of all business applications and coordination of phishing campaigns.
10/2018
-
12/2019
Information Security Governance Officer, Enterprise Risk Management
The Nigerian Stock Exchange
findings.
Development of business-relevant metrics to measure the efficiency and effectiveness of the programs,
facilitate appropriate resource allocation and enhance the maturity of the security and compliance program.
Conducted risk assessments using established frameworks such as OWASP top ten and the NIST
frameworks and recommending appropriate controls to mitigate identified risks.
Develop and manage the information security training program for employees within the Exchange.
Evaluate potential risks to The
countermeasures to address those risks.
Development of business-relevant metrics to measure the efficiency and effectiveness of the programs,
facilitate appropriate resource allocation and enhance the maturity of the security and compliance program.
Conducted risk assessments using established frameworks such as OWASP top ten and the NIST
frameworks and recommending appropriate controls to mitigate identified risks.
Develop and manage the information security training program for employees within the Exchange.
Evaluate potential risks to The
countermeasures to address those risks.
09/2017
-
10/2018
Information Security Officer, IT and Cyber Risk Management
Guaranty Trust Bank Plc
Web Application and API security testing using Nessus, Qualys, Burp Suite, and Kali Linux.
Mobile Application assessment using APPuse, Apktool, dex2jar and jd-Gui tools
Operating systems and Databases risk assessment and compliance monitoring
Maintenance of ISO Integrated Management System certification (ISO 270001,223001 and 20000)
Maintenance and Testing of PCIDSS Controls
Maintenance and configuration of firewall monitoring solutions
Mobile Application assessment using APPuse, Apktool, dex2jar and jd-Gui tools
Operating systems and Databases risk assessment and compliance monitoring
Maintenance of ISO Integrated Management System certification (ISO 270001,223001 and 20000)
Maintenance and Testing of PCIDSS Controls
Maintenance and configuration of firewall monitoring solutions
09/2014
-
09/2017
Information Security Officer, ISMS Monitoring and Incident Management
Guaranty Trust Bank Plc
Created and maintained processes within the Unit to ensure compliance with ISO 270001 and ISO 27032 standards.
Successfully detected and re-mediated systems infected with ransom ware using Palo Alto NGFW.
Provided support to business units in the investigation and remediation of information security incidents and other
policy violations using QRadar SEIM, Imperva DAM, Imperva WAF, Palo Alto NGFW, ForeScout and TrendMicro
Cloud Protection.
Successfully deployed and maintai
ForeScout) with minimal downtime and business disruption.
Achieved 30% reduction in compromised credentials by carrying out intensive Information security awareness
training and reporting violations to management.
Collaborated with risk assessment team to develop effective controls targeted at identified risks.
Vulnerability assessment and application security testing using Nessus, Qualys, Burp Suite, and Kali Linux.
Successfully detected and re-mediated systems infected with ransom ware using Palo Alto NGFW.
Provided support to business units in the investigation and remediation of information security incidents and other
policy violations using QRadar SEIM, Imperva DAM, Imperva WAF, Palo Alto NGFW, ForeScout and TrendMicro
Cloud Protection.
Successfully deployed and maintai
ForeScout) with minimal downtime and business disruption.
Achieved 30% reduction in compromised credentials by carrying out intensive Information security awareness
training and reporting violations to management.
Collaborated with risk assessment team to develop effective controls targeted at identified risks.
Vulnerability assessment and application security testing using Nessus, Qualys, Burp Suite, and Kali Linux.
08/2012
-
09/2014
Electronic Fraud Investigator
Guaranty Trust Bank Plc
Managed a team that reduced incidents and loses due to Internet Banking frauds by over 80%. This was achieved
by reviewing previously successful frauds and creating controls around observed lapses.
Ensured constant satisfaction of customers (Internal and External) by consistently meeting our 24hour SLA for
investigating and responding to customer complaints.
Created and maintained processes within the Unit to ensure compliance with PCIDSS standards.
-channels using Postilion and other echannel
management tools.
Managed indemnity requests from third parties including law enforcement and compiled reports for regulatory
agencies.
by reviewing previously successful frauds and creating controls around observed lapses.
Ensured constant satisfaction of customers (Internal and External) by consistently meeting our 24hour SLA for
investigating and responding to customer complaints.
Created and maintained processes within the Unit to ensure compliance with PCIDSS standards.
-channels using Postilion and other echannel
management tools.
Managed indemnity requests from third parties including law enforcement and compiled reports for regulatory
agencies.
12/2008
-
08/2012
Internal Control Officer
Guaranty Trust Bank Plc
Reduction of losses to the bank from excess charge complaints by over 60%. This was achieved by reconciling
charges to customers with details of their executed loan agreements.
Apprehended and interrogated over 25 different fraudsters for alleged financial crimes against the bank. Testified
against a few currently behind bars.
Maintained a compliance level of over 90% for branches under supervision against a benchmark of 80%.
charges to customers with details of their executed loan agreements.
Apprehended and interrogated over 25 different fraudsters for alleged financial crimes against the bank. Testified
against a few currently behind bars.
Maintained a compliance level of over 90% for branches under supervision against a benchmark of 80%.
07/2008
-
11/2008
Web Developer
Cognitive Solutions Nig.Ltd.
Design and Development of Web Portals using Python, PHP, MySql, JavaScript and HTML.
Certifications
Local Availability
Only available in these countries:
Nigeria
I am open to travel, however I am currently in Lagos, Nigeria. I shuttle between here and Bahrain.
