Oluwagbemiga is available for hire

Oluwagbemiga Joseph

Verified Expert in Engineering

Security Architect Developer

Location

Dubai, United Arab Emirates

Toptal Member Since

November 22, 2022

Oluwagbemiga is a lead cybersecurity architect proficient in digital computing security and engineering with a particular interest in information security, vulnerability assessment, penetration testing, risk management, security operations center, cloud security, DevSecOps, and open banking.

Portfolio

Emirates NBD

Azure, Identity & Access Management (IAM), Cloud Security...

Peacock Media

Business Services, Security, Google Workspace, IT Security, Web Security, Gmail...

DadGum Marketing, LLC

Database Security, Penetration Testing, Security, IT Security, Cybersecurity...

Experience

Web Security - 8 years Azure - 8 years Cybersecurity - 8 years Security Software Development - 6 years Cloud Security - 6 years Information Technology - 5 years Amazon Web Services (AWS) - 4 years Security Engineering - 4 years

Availability

Part-time

Preferred Environment

GitHub, Azure, Amazon Web Services (AWS), Identity & Access Management (IAM), OWASP, Firewalls, DevSecOps, Application Security, Infrastructure as Code (IaC), Microsoft 365

The most amazing...

...consulting I've done is for a global cryptocurrency exchange delivering a secured platform. The external assessor gave it the go-ahead on first-time validation.

Work Experience

Senior Security Architect

2021 - PRESENT

Emirates NBD

Configured periodic scans on all cloud services by enabling Azure security center and AWS security hub. The score is a threshold of 85%, as anything below that is termed unacceptable.
Configured cloud and enterprise communications via only a private endpoint, leveraging the site-to-site virtual network configuration.
Performed periodical gap analysis on the cloud service capabilities. This helps to benchmark the cloud platform's maturity, transparency, and compliance with enterprise security standards like ISO 27001 and regulatory standards, namely PCI DSS.
Strove to discover the security mechanisms, including key management and data encryption, if or when available, and tune it to meet standards and policies.
Advised the application and infrastructure team on how to fix emerging vulnerabilities on time.
Enabled end-to-end applications logging of all security events, which helped create an end-to-end transaction view with non-repudiation characteristics.
Configured and maintained tools for web application firewall, data loss protection, file integrity monitoring, IAM, and database activity monitoring.

Technologies: Azure, Identity & Access Management (IAM), Cloud Security, Zero-day Vulnerabilities, Threat Modeling, Cloud, APIs, Vulnerability Assessment, Architecture, Security Architecture, NIST, PCI, Information Security, SAML, OAuth, CISSP, Cloudflare, Azure Network Security Groups, Antivirus Software, Windows, Application Security, SOC 2, Okta, Risk Assessment, Information Assurance, CI/CD Pipelines, Endpoint Security, CloudOps

Google Workspace and Hosting Expert

2023 - 2023

Peacock Media

Carried out the clean up of an unused domain. Reviewed the client's Google Workspace to find anomalous activities. Assisted with the domain transfer from register to Azure DNS.
Reviewed Google Drive to check for unauthorized activities, reviewed profile sync settings and start up configurations, filtered admin logs for email recovery action and inaction, and discovered some disparity in Google logs presentation.
Completed the security review and concluded the SOW around security optimization of the entire client's Google Workspace.

Technologies: Business Services, Security, Google Workspace, IT Security, Web Security, Gmail, VPN

SecOps engineer | White Hat Hacker

2023 - 2023

DadGum Marketing, LLC

Conducted security audits of cloud configurations to ensure compliance with security best practices.
Evaluated the security of cloud-based systems and infrastructure. Introduced cloud tooling to protect organizations against DOS and DDOS attacks.
Prepared detailed reports outlining vulnerabilities, risks, and recommended remediation strategies.
Worked closely with the DevOps engineer and lead software developer to address security concerns and implement solutions.

Technologies: Database Security, Penetration Testing, Security, IT Security, Cybersecurity, Certified Ethical Hacker (CEH), Risk Assessment, SecOps, Web Security, Keycloak

Cloud Solutions Engineer

2023 - 2023

UWS ie Ltd.

Deployed Prometheus/Grafana and ELK, mainly for back-end services.
Created backup and redundancy for the services, like AKS and Datastores, for high availability and fault tolerant systems.
Enforced security advisory recommendations and improved security score from 42% to 85%.

Technologies: Azure, Prometheus, Azure Kubernetes Service (AKS), GitOps, Application Monitoring, Logging, Azure Monitor, Kubernetes, CI/CD Pipelines, Keycloak, CloudOps

Senior Security Analyst

2021 - 2022

Bitso

Developed tools for automated build, test, deployment, and management of the platform.
Improved continuous integration and delivery systems by adopting a shift left security framework.
Monitored system events to ensure health, maximum system availability, and service quality. Performed system and application patching.
Designed, built, deployed, and maintained AWS resources, including VPC, security groups, IAM, AWS Inspector and Detective, CloudFront, GuardDuty, CloudTrail, CloudWatch, S3, AWS Security Hub, AWS Shield, AWS, and AWS Secrets Manager.
Participated in the definition of standards, guidelines, and best practices.

Technologies: Amazon Web Services (AWS), AWS IAM, System-on-a-Chip (SoC), GitHub Actions, SQL, Cloud Security, Linux, Threat Modeling, SecOps, Vulnerability Assessment, Architecture, Security Architecture, PCI, Risk Management, SAML, OAuth, Cloudflare, Antivirus Software, Monitoring, OWASP Top 10, Application Security, Security Audits, Risk Assessment, Information Assurance, ISO 27001, CI/CD Pipelines, Kali Linux, Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), Endpoint Security

Information Security Architect

2020 - 2021

Standard Bank South Africa

Sourced and implemented new security solutions to better protect the organization.
Enforced security standards by adopting spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) and ISO 27001 SOC2 type 2 regulations and frameworks.
Supported the DevSecOps pipeline that performs quality assurance and validation using Compliance-as-code files.
Acted as a cybersecurity technical lead in product and vendor selection, providing the security evaluation of products, options, and responses to tenders.
Protected the organization's cloud and on-premises infrastructures, monitored data to identify suspicious activity, and identified and mitigated risks before a breach occurred.
Identified current and emerging technology issues, including security trends, vulnerabilities, and threats.
Performed vulnerability assessment and penetration testing on computer systems, networks, and applications, generally in a vacuum.

Technologies: Azure, DevOps, Shell, Penetration Testing, Vulnerability Management, Azure DevOps, Azure PaaS, Cloud Security, DevSecOps, Authentication, SecOps, Vulnerability Assessment, Security Architecture, NIST, PCI, SAML, OAuth, Azure Network Security Groups, Monitoring, Windows, OWASP Top 10, Application Security, Compliance, On-premise, Security Audits, Information Assurance, Stakeholder Management, ISO 27001, Kali Linux, Data Loss Prevention (DLP), Keycloak, CloudOps

Enterprise Integration and Security Architect

2018 - 2020

Fidelity Investments

Enforced secure coding standards by adopting the Open Web Application Security Project (OWASP) and assisted in threat modeling activities using STRIDE and MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Standards.
Drove the adoption of CI/CD, Azure DevSecOps, using the Agile Scrum Framework across all the software development teams of the bank.
Managed CI/CD efforts for cloud application development and deployment.
Designed, built, deployed, and maintained the cloud stack, including Azure VMs and Kubernetes, integrated solely into the Azure DevOps release pipelines.
Guided development teams with suggestions for frameworks, architecture, and other technologies.
Engineered and tuned the cloud security solutions for enrollments, monitoring, alerting, and maintaining defined security posture in Azure and AWS.
Planned and executed the migration of legacy applications to the cloud and engineered the API manager of the bank leveraging Azure.

Technologies: Azure, Oracle, SQL, DevOps, GitHub Actions, Azure PaaS, Cloud Security, Penetration Testing, Vulnerability Assessment, Authentication, SecOps, Architecture, Security Architecture, PCI, Risk Management, SAML, OAuth, Monitoring, OWASP Top 10, Application Security, Compliance, On-premise, Stakeholder Management, Kali Linux, Data Loss Prevention (DLP), Keycloak, CloudOps

Network Security Engineer

2015 - 2018

IHS Holding

Installed and configured computer networks and systems.
Monitored the performance of systems and services, documented trends, and initiated action.
Identified and solved any problems that arose with computer networks and systems.
Monitored computer networks and systems to identify how performance could be improved.
Configured firewalls, routers, switches, and rules of the access control list (ACL).

Technologies: Cisco, Aviatrix, IT Manufacturing, Palo Alto Networks, SQL, Architecture, PCI, Risk Management, SAML, Cloudflare, Stakeholder Management

Experience

Digital Banking Application

A digital bank app with insurance, everyday banking, credit, and stock trading for over 30 million customers.

The system was built on a microservice pattern, orchestrated with Azure Kubernetes service, and managed databases in a cloud environment. Other endpoints and integration via APIs to third-party are also enabled on a subscription basis via a developer portal.

Corporate Banking App

This application was designed to allow digital onboarding for corporate customers and allow seamless banking. This application is currently used across five countries and has generated revenue for the bank.

Developer Portal for Open Banking

An API management portal based on Azure API Management service that helps the bank to create custom APIs, transform these APIs, and abstract the internal content of such APIs. This portal allows third-party clients to connect with some of the out-of-the-box open banking offerings and can easily subscribe.

Skillset

Tools

Azure Network Security Groups, Shell, Keycloak, CloudOps, Auth0, GitHub, AWS IAM, Azure Kubernetes Service (AKS), Logging, Azure Monitor, VPN

Paradigms

Security Software Development, Penetration Testing, DevSecOps, DevOps, Azure DevOps

Platforms

Amazon Web Services (AWS), Azure, Azure PaaS, Azure IaaS, Linux, Kali Linux, Windows, Oracle, Kubernetes

Industry Expertise

Cybersecurity, Network Security

Storage

Database Security, On-premise

Other

Web Security, IT Security, Identity & Access Management (IAM), Cisco, Cloud Security, Cloud, OWASP, Threat Modeling, Security, Authentication, SecOps, Architecture, Security Architecture, Security Engineering, Cloudflare, Azure Cloud Security, Antivirus Software, Monitoring, OWASP Top 10, Application Security, Compliance, Risk Assessment, ISO 27001, CI/CD Pipelines, Endpoint Security, IT Audits, IT Operations Management (ITOM), Identity, Access Control, Vulnerability Assessment, EVoting, Networking, Cryptography, Red Teaming, NIST, APIs, PCI, Risk Management, Communication, Information Technology, OAuth, IDS/IPS, SOC 2, Okta, Security Audits, Information Assurance, Stakeholder Management, Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), Azure VDI, Asset Protection, Zero-day Vulnerabilities, Vulnerability Management, System-on-a-Chip (SoC), GitHub Actions, Aviatrix, IT Manufacturing, Palo Alto Networks, IoT Security, Informatica Cloud, Cryptographic Protocols, Algorithms, Programming, Cyber Forensics, Data-level Security, MITRE ATT&CK, Cybersecurity Operations, Firewalls, API Gateways, Incident Management, Information Security, CISSP, CISM, Infrastructure as Code (IaC), Microsoft 365, Prometheus, GitOps, Application Monitoring, Certified Ethical Hacker (CEH), Business Services, Google Workspace, Gmail

Languages

SAML, Python, SQL, Embedded C

Libraries/APIs

React

Education

2018 - 2019

Master's Degree in Information and Communication Technology

Bayero University Kano - Kano, Nigeria

2009 - 2014

Bachelor's Degree in Computer Engineering

Federal University of Technology - Minna, Nigeria

Certifications

NOVEMBER 2022 - NOVEMBER 2024

Microsoft Certified: Azure Solutions Architect Expert

Microsoft

NOVEMBER 2022 - NOVEMBER 2025

Certified Information Systems Security Professional (CISSP)

isc2

OCTOBER 2022 - PRESENT

API Security Architect

API Academy

JULY 2022 - JULY 2025

Certified Information Security Auditor® (CISA)

ISACA

JULY 2022 - JULY 2025

Certified Information Security Manager® (CISM)

ISACA

JUNE 2022 - JUNE 2025

AWS Certified Security | Specialty

Amazon Web Services

OCTOBER 2020 - PRESENT

Foundations of Operationalizing MITRE ATT&CK

AttackIQ

AUGUST 2020 - AUGUST 2023

Aviatrix Certified Engineer | Multicloud Network Associate

aviatrix

AUGUST 2020 - AUGUST 2024

Microsoft Certified: Azure Security Engineer Associate

Microsoft

JUNE 2020 - JUNE 2023

AWS Solutions Architect Associate

Amazon Web Services

FEBRUARY 2020 - FEBRUARY 2023

CompTIA Security+ Certification

CompTIA

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring