Blessed Uyo, Developer in Porto, Portugal
Blessed is available for hire
Hire Blessed

Blessed Uyo

Verified Expert  in Engineering

Cybersecurity Analyst and Developer

Location
Porto, Portugal
Toptal Member Since
April 6, 2022

Blessed is a senior information security analyst and engineer with a decade of experience aligning enterprise security architecture, policies, and processes with security standards and frameworks to meet business goals. He specializes in designing and implementing security solutions for enterprise-grade cyber defense teams and conducting penetration testing. Blessed has also been in red/blue teams, implemented ISO 27001 ISMS, and operated as a security lead in a DevSecOps environment.

Availability

Part-time

Preferred Environment

Amazon Web Services (AWS), Azure, Windows Server, Linux, Penetration Testing, DevSecOps, Vulnerability Assessment, Information Security Management Systems (ISMS), Application Security, Oracle Cloud

The most amazing...

...thing I've built was Wazuh SIEM in Amazon EKS on a master node, integrated with Elasticsearch and Kibana in high availability and fault/fail tolerant zones.

Work Experience

Information Security

2022 - PRESENT
Toptal Client
  • Architected and designed a plan for FreeSurfer, brain imaging and processing application for Toptal client, in Oracle Cloud environment.
  • Used Terraform IaC to design the infrastructure's template files, including FreeSurfer compartment and fault domains, two Ubuntu instances with 8O CPUs and 73GB of memory, object storage, and virtual cloud network, subnet, and security lists.
  • Deployed FreeSurfer application. Set up environment variables necessary for the application to start on CLI, linked servers to the object storage, and created cron jobs to automate fetching processed files from back-end servers to the object storage bucket.
  • Built FreeSurfer golden image on a virtual machine (VM) based on Ubuntu with connections to the cloud servers for the clients' analysts. The golden image is linked to the specific subjects directory on the cloud server via SFTP using SSH keys.
  • Trained clients' team of three. Wrote automated scripts for clients to execute commands via triggers. Trained team members on using and modifying scripts based on specificity and instructed the client's IT staff on Oracle Cloud server management.
Technologies: Application Security, DevSecOps, Server Security, Server Architecture, Serverless Architecture, Linux Server Administration, Amazon Web Services (AWS), Oracle Cloud, Azure, Architecture, CI/CD Pipelines, Cloud, Vulnerability Identification, Security Testing, Wazuh, Serverless, AWS IAM, Confluence, Windows Server 2016, Web Application Firewall (WAF), Detection Engineering, Automation, Azure Cloud Security

Product Security Expert

2022 - 2023
Bloomberg Industry Group - Main
  • Led an investigation on malicious behaviors of a desktop client product for Bloomberg Industry Group by conducting a reverse engineering/malware analysis on all .exe and .msi files submitted.
  • Led in-depth developer-focused testing and analysis of GitGuardian pre-receive hook implementation for Bloomberg Industry Group. Recorded and proposed possible outcomes for development teams.
  • Worked on CICD template design and enhancement for all security tools within Bloomberg's software development environments. [Sonatype, Veracode, Gitguardian, Semgrep, Snyk].
  • Worked with different development teams to integrate GitGuardian, Sonatype, and Veracode security templates into their CI/CD pipeline to ensure their products comply with Bloomberg's application security requirements.
  • Conducted security assessments and testing on four open-source software for Bloomberg, using a third-party risk assessment methodology to identify threats in these applications.
  • Led an in-depth developer-focused testing and analysis of Sonatype firewall integration for software components and package management for Bloomberg Industry Group. [Sonatype Firewall Implementation].
  • Designed and implemented Runbooks for automated security and operational testing for Sonatype and GitGuardian Servers for pre and post-upgrade testing.
  • Reported vulnerabilities in Bloomberg's products to development teams and worked with them to triage security findings.
Technologies: Security Testing, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Security, Penetration Testing, DevSecOps, Agile Software Testing, Security Automation, Supply Chain Management, Web Application Firewall (WAF), Detection Engineering, Automation, Server Security

Cyberdefense Specialist | DevSecOps Engineer

2022 - 2023
Jumia
  • Managed Wazuh deployment on AWS EKS in high availability, fault-tolerant, and failure-proof environment. The environment has a master node for the Wazuh manager and worker nodes for Elasticsearch, Kibana, and the Wazuh indexes.
  • Recognized the potential threat or attempted breach by closing off the security vulnerabilities on infrastructure and applications both on-prem and in the AWS cloud.
  • Provided security during the development stages of software systems, networks, and data centers on AWS. Designed various strategies and defensive systems against intruders and monitored systems for any unusual activities using Wazuh.
  • Ran a diagnostic on any information changes to verify undetected breaches. Developed and implemented information security standards, guidelines, and procedures and prepared an action plan for remediation.
  • Took care of the cyber security projects and ensured they met cyber security objectives. Closely coordinated with the stakeholders and other groups related to cybersecurity-related matters.
  • Offered cyber security operations such as process re-engineering, automation, and documentation. Recognized cyber security issues and devised and drove effective mitigation.
  • Built Python integrations to integrate SecurityScorecard, GuardDuty, CloudTrail, and CloudWatch log groups to Wazuh SIEM. Built lambda functions to filter specific use cases from 68 AWS accounts and send alerts to OpenSearch to investigate incidence.
  • Tracked vulnerabilities and collaborated with internal network teams to ensure closure and remediation of vulnerabilities. Detected compromisable patterns, insecure features, and malicious activities in the infrastructure. (OWASP testing methodology).
  • Monitored and evaluated Kubernetes environment in AWS cloud against best security practices and standards. Also, I worked on monitoring and enforcing security on AWS cloud infrastructure.
  • Configured logging, monitoring, and security for Redis ElastiCache in AWS. Used ACLs, Syslog facility, and priority to enable logging of users' authentication, authorization, and command execution on Redis Cluster.
Technologies: Application Security, Linux Server Administration, Amazon EKS, Amazon Web Services (AWS), Okta, Elasticsearch, Cloudflare, Terraform, Wazuh, Redis Clusters, Redis, Architecture, CI/CD Pipelines, Cloud, Vulnerability Identification, Jira Administrator, Confluence, Amazon OpenSearch, ELK (Elastic Stack), Security Testing, Kubernetes, Windows Server 2016, DevSecOps, Web Application Firewall (WAF), Detection Engineering, Automation, Server Security

Linux Systems Administrator for Oracle Cloud Instance

2022 - 2022
Ugorji Radiology Consultants LLC
  • Built a secure and stable version of Windows Server 2016 with secure RDP configured to allow connections on an obfuscated port, 2FA, and whitelisted IPs.
  • Configured account lockout via local policies to prevent brute force and malicious account takeover.
  • Installed nordicBrainEx application, brain slice, and imagery application for brain MRI analysis and data processing. Tested the application to fine-tune its processed data for the client.
Technologies: Linux, Oracle Cloud, Windows Server 2016, Application Security, Remote Desktop Protocol (RDP), Data Integration, Security Testing, Confluence, Web Application Firewall (WAF), Detection Engineering, Automation, DevSecOps, Server Security

Senior Security Engineer

2022 - 2022
AMBISIG Mozambique
  • Reviewed security policies and proposed requirements for security alignment for a government agency in Mozambique.
  • Evaluated and made recommendations on security requirements for an insurance company in Mozambique.
  • Drafted a proposal for infrastructure penetration testing for a major insurance company in Mozambique.
  • Conducted penetration testing on two web applications for a Government agency in Mozambique.
  • Performed scanning and enumeration, initial access, privilege escalation, lateral movement (pivoting), and persistence using Cron, Anacron, schedule tasks, host files, and more.
  • Worked as a DevOps security engineer for a DevOps pipeline. Coordinated all security testing and procedures for the entire pipeline.
  • Collaborated on threat modeling, IDE security, pre-commit hooks, SAST and DAST, security unit tests, and container and server security.
Technologies: Penetration Testing, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Azure Active Directory, Cloud Migration, Bash Script, IP Networks, Windows Server, Risk Assessment, Security Audits, ConfigServer Security & Firewall (CSF), Firewalls, Proxies, CSS3, Risk Analysis, Linux Privileged Access Management (PAM), AWS CodePipeline, AWS CloudFormation, Identity & Access Management (IAM), Cloud Security, Lateral Movement, Pivoting, Privilege Escalation, Firewall Evasion, Information Security, Vulnerability Management, Web Security, Web App Security, Networks, Linux, IT Security, System Administration, Security, Certified Ethical Hacker (CEH), Network Security, CCNA Security, Python, Architecture, Cloud, Vulnerability Identification, Oracle Cloud, Automation, Server Security

Senior Cybersecurity Analyst | Researcher

2020 - 2022
Caresoft Lda
  • Worked as a security consultant in a DevOps environment charged with security in migrating a core banking application from C to Java programming.
  • Analyzed the architecture and policies in the ISO 27001 requirements for Mozambique's major cloud service providers.
  • Evaluated and proposed a security monitoring tool for Mozambique's major cloud service provider.
  • Migrated three front-end (Static Applications) applications to AWS S3 buckets, configured IAM roles to manage access, configured route 53 for a domain, configured ACL to manage ports and access, and configured CloudFront for CDN.
  • Configured 500 EC2 workloads (Windows and Linux) for test environments for pipelines.
  • Calibrated SAST and DAST for three pre-build and post-build applications using a combination of OWASP ZAP, Burp suite, Snyk, Puma Scan, and other tools.
  • Configured penetration test on a Windows Active Directory domain with 500 Windows hosts and five servers.
  • Conducted vulnerability scanning and patch management on all digital assets for a client of Ambisig.
  • Investigated three cybersecurity incidents that led to the compromise of confidentiality and integrity of data and assets.
Technologies: Cybersecurity, Agile Software Testing, Penetration Testing, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Smoke Testing, DevSecOps, OWASP Zed Attack Proxy (ZAP), Burp Suite, Bash Script, IP Networks, Server Message Block (SMB), Windows Server, Digital Forensics, Incident Response, Risk Assessment, Bro Network Security Monitor, Social Engineering, Application Security, Security Audits, Cloud Migration, Active Directory Programming, ConfigServer Security & Firewall (CSF), Firewalls, Proxies, VPN, Cisco Routers, Windows PowerShell, Vulnerability Assessment, Web & Mobile Applications, Red Teaming, JavaScript, Automation, Python, Risk Analysis, Risk Management, Information Security Management Systems (ISMS), ISO 27001, Azure Administrator, Azure, User Management, Linux File Systems, Linux Privileged Access Management (PAM), Linux Server Configuration, Linux Server Administration, Linux Administration, Information Security, Vulnerability Management, Web Security, Web App Security, Amazon Web Services (AWS), Networks, Linux, IT Security, System Administration, Security, Certified Ethical Hacker (CEH), Network Security, CCNA Security, Architecture, Cloud, Vulnerability Identification, Oracle Cloud

Senior Cybersecurity Analyst | Senior Penetration Tester

2017 - 2022
CyberPro Tec Lda
  • Conducted security audits and testing on Netplus web and mobile applications for Standard Bank Mozambique.
  • Performed penetration testing on three email servers in ICVL Mozambique. Deployed the .NET application to the AWS environment using RDS for the database server and Elastic BeanStalk to rapidly redeploy to production.
  • Performed a security review on the T24 core banking application for a Mozambique bank. Securely configured JBoss Middleware Agent on RHEL server to integrate services, linking IT resources, data, services, and applications for a Senegal-based Bank.
  • Conducted Active Directory (AD) penetration testing on more than 2,000 Windows hosts in an AD infrastructure with three domain controllers.
  • Led a team of forensics investigators to investigate a cyberattack on a major insurance company in Senegal.
  • Worked as a security consultant in a DevOps environment, charged with security in migrating 500 application workloads to AWS.
  • Conducted penetration testing on a major insurance company's assets in Mozambique, including the client's Linux and Windows servers, DNS, DHCP, Windows hosts, Firewalls, IPS/IDS, and web application.
  • Built three front-end applications using HTML, CSS, Bootstrap, and JavaScript. Hosted these applications on Amazon S3 buckets and configured versioning. Acquired domain name with Route 53. Configured IAM roles in managing access.
  • Calibrated VPCs and ACLs to manage ports and external access to buckets and resources. Configured CloudFront to manage CDN and encryption (HTTPS). Configured CloudWatch, Cloud Inspect, and Security Hub to orchestrate security on all assets.
  • Configured fine-grained access control with ACLs on three Linux servers using a combination of commands, including chown, chmod, usermod, useradd, getfacl, and setfacl -d -m.
Technologies: Penetration Testing, Application Security, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Security Audits, Cloud Migration, DevSecOps, Active Directory Programming, ConfigServer Security & Firewall (CSF), OWASP Zed Attack Proxy (ZAP), Burp Suite, Bash Script, IP Networks, Server Message Block (SMB), Windows Server, Digital Forensics, Risk Assessment, Bro Network Security Monitor, Social Engineering, Cybersecurity, Agile Software Testing, Smoke Testing, Firewalls, Proxies, VPN, Cisco Routers, Windows PowerShell, Vulnerability Assessment, Web & Mobile Applications, Red Teaming, Bootstrap, JavaScript, CSS3, Automation, Risk Analysis, Risk Management, Information Security Management Systems (ISMS), ISO 27001, Azure Administrator, Azure, User Management, Linux File Systems, Linux Network Stack, Configuration Management, Linux Privileged Access Management (PAM), Linux Server Processes, Linux Server Configuration, Linux Server Administration, Linux Administration, AWS CodePipeline, AWS CloudFormation, Identity & Access Management (IAM), Cloud Security, Pivoting, Lateral Movement, Privilege Escalation, Firewall Evasion, Information Security, Vulnerability Management, Web Security, Web App Security, Amazon Web Services (AWS), Networks, JBoss EAP, Linux, IT Security, System Administration, Security, Certified Ethical Hacker (CEH), Network Security, CCNA Security, Python, Architecture, Oracle Cloud, Security Testing, Server Security

Teacher | Senior IT Security Researcher

2018 - 2021
Willow International School Matola
  • Scanned for vulnerabilities on all digital assets, patched 300 CVEs, implemented ten security controls on firewalls to manage intrusions, and audited the Active Directory domain with 500 users and 30 groups.
  • Managed 900 students' databases and login credentials, a web and mobile application, 300 PCs, ten routers, and four fingerprint scanners. Performed Vulnerability assessment, CVE identification, vulnerability, remediation, and SAST and DAST.
  • Conducted three security awareness training for all employees in the facility.
  • Adjusted three Cisco routers and five Cisco Switches in a two-tiered architecture.
  • Configured VPN for 100 hosts to connect to a high availability zone.
Technologies: Security Audits, Active Directory Programming, Web & Mobile Applications, OWASP Zed Attack Proxy (ZAP), Burp Suite, Bash Script, IP Networks, Server Message Block (SMB), Windows Server, Risk Assessment, Penetration Testing, Cybersecurity, Dynamic Application Security Testing (DAST), Smoke Testing, Application Security, Firewalls, Proxies, Information Security Management Systems (ISMS), Information Security, Vulnerability Management, Web Security, Web App Security, Networks, Linux, IT Security, System Administration, Security, Certified Ethical Hacker (CEH), Network Security, CCNA Security

A Portfolio Application

http://blesseduyo.com/
As a developer and security engineer for this application, I delivered the following:
• Wrote the HTML, CSS, and JavaScript codes.
• Testing the application for best security practices, from IDE to the production environment.
• Migrated the application to AWS, using a combination of AWS S3 buckets and Route 53 to host it.
• Configured network security groups, ACLs, and CloudFront for CDN and security management.

Bug Bounty Automation Tool

https://github.com/bleszily/Bug-Recon-Automation
A Bash automation tool I built for my bug bounty engagements and penetration testing reconnaissance. It automates the entire reconnaissance phase, using Amass, sublist3r, subfinder, isup.sh, MassDNS, WhatWeb, Nuclei, and JSFinder to enumerate a target.

Audit Active DIrectory - Build Active Directory (Automation Script)

https://github.com/bleszily/Build-Active-Directory
A PowerShell script to build and rapidly deploy Active Directory domain on a Windows server with users, groups, departments, and other attributes. This project has been tested on Windows servers 2008, 2012 R2, 2016, 2019, and 2022.

Web Aplication for City of David Mozambique

A web application for the church built on React, Emotion, NodeJs, Express, and Heroku (PaaS). I was the project lead and coordinator responsible for the build, testing, security compliance, and hosting of the web application. I actively maintain the appliation.

Tools

OWASP Zed Attack Proxy (ZAP), ConfigServer Security & Firewall (CSF), AWS CloudFormation, VPN, Terraform, Bro Network Security Monitor, Amazon EKS, Confluence, Amazon OpenSearch, ELK (Elastic Stack), AWS IAM

Paradigms

Penetration Testing, Server Message Block (SMB), DevSecOps, Automation, Serverless Architecture

Platforms

Windows Server, Amazon Web Services (AWS), Linux, Burp Suite, JBoss EAP, Heroku, Azure, Kubernetes, Wazuh, Windows Server 2016

Industry Expertise

Cybersecurity, Network Security

Other

IP Networks, Incident Response, Risk Assessment, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Application Security, Information Security, Vulnerability Management, IT Security, System Administration, Security, Certified Ethical Hacker (CEH), Architecture, Cloud, Vulnerability Identification, Digital Forensics, Social Engineering, Agile Software Testing, Smoke Testing, Security Audits, Cloud Migration, Firewalls, Firewall Evasion, Privilege Escalation, Cloud Security, Identity & Access Management (IAM), AWS CodePipeline, Linux Administration, Linux Server Administration, Linux Server Processes, Linux Privileged Access Management (PAM), User Management, ISO 27001, Information Security Management Systems (ISMS), Risk Management, Risk Analysis, Cisco Routers, Cisco Switches, Proxies, Web Security, Web App Security, Networks, CCNA Security, Server Security, CI/CD Pipelines, Security Testing, Active Directory Programming, Linux Network Stack, Configuration Management, Linux Server Configuration, Web Application Firewall (WAF), Detection Engineering, Lateral Movement, Azure Administrator, Red Teaming, Web & Mobile Applications, Vulnerability Assessment, Server Architecture, Okta, Cloudflare, AWS DevOps, Development, Serverless, Redis Clusters, Remote Desktop Protocol (RDP), Jira Administrator, Pivoting, Security Automation, Supply Chain Management, Azure Cloud Security

Languages

Bash Script, Python, HTML5, CSS3, JavaScript

Storage

Linux File Systems, Oracle Cloud, Azure Active Directory, Elasticsearch, Redis, Data Integration

Frameworks

Bootstrap, Windows PowerShell, Express.js

Libraries/APIs

React, Node.js

2019 - 2022

Master's Degree in Security Analyst (Cybersecurity)

EC-Council University - New Mexico, USA

2008 - 2013

Bachelor's Degree in Physics

Unversity of Port Harcourt - Rivers State, Nigeria

APRIL 2023 - APRIL 2026

AWS Solutions Architect Associate

AWS

JUNE 2022 - JUNE 2025

AWS Certified Developer Associate

AWS

SEPTEMBER 2021 - SEPTEMBER 2022

Microsoft Certified: Azure Administrator Associate

Microsoft

SEPTEMBER 2021 - SEPTEMBER 2022

Microsoft Certified: Azure Security Engineer Associate

Microsoft

SEPTEMBER 2021 - SEPTEMBER 2024

AWS Certified Security – Specialty

AWS

MARCH 2021 - PRESENT

ISO 27001 Lead Implementer Course

Advisera Expert Solutions Ltd

DECEMBER 2020 - PRESENT

52 Weeks of Python

David Bombal

SEPTEMBER 2020 - PRESENT

TestOut Linux Pro Certification

TestOut Corporation

JULY 2020 - JULY 2023

Certified Ethical Hacker (CEH Master)

EC-Council

MAY 2020 - MAY 2023

Certified Ethical Hacker (CEH)

EC-Council

APRIL 2020 - APRIL 2023

Certified Network Defender (CND)

EC-Council

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring