Oluwagbemiga Joseph, Developer in Dubai, United Arab Emirates
Oluwagbemiga is available for hire
Hire Oluwagbemiga

Oluwagbemiga Joseph

Verified Expert  in Engineering

Bio

Oluwagbemiga is a lead cybersecurity architect proficient in digital computing security and engineering with a particular interest in information security, vulnerability assessment, penetration testing, risk management, security operations center, cloud security, DevSecOps, and open banking.

Portfolio

Emirates NBD
Azure, Identity & Access Management (IAM), Cloud Security...
Analytics Simplified
Penetration Testing, IT Security, SAML, SAML-auth, Single Sign-on (SSO)...
Foundever
Keycloak, Security, CloudOps, Kubernetes, Argo CD, Terraform, Encryption...

Experience

  • Web Security - 8 years
  • Azure - 8 years
  • Cybersecurity - 8 years
  • Security Software Development - 6 years
  • Cloud Security - 6 years
  • Information Technology - 5 years
  • Amazon Web Services (AWS) - 4 years
  • Security Engineering - 4 years

Availability

Full-time

Preferred Environment

GitHub, Azure, Amazon Web Services (AWS), Identity & Access Management (IAM), OWASP, Firewalls, DevSecOps, Application Security, Infrastructure as Code (IaC), Microsoft 365

The most amazing...

...consulting I've done is for a global cryptocurrency exchange delivering a secured platform. The external assessor gave it the go-ahead on first-time validation.

Work Experience

Senior Security Architect

2021 - PRESENT
Emirates NBD
  • Configured periodic scans on all cloud services by enabling Azure security center and AWS security hub. The score is a threshold of 85%, as anything below that is termed unacceptable.
  • Configured cloud and enterprise communications via only a private endpoint, leveraging the site-to-site virtual network configuration.
  • Performed periodical gap analysis on the cloud service capabilities. This helps to benchmark the cloud platform's maturity, transparency, and compliance with enterprise security standards like ISO 27001 and regulatory standards, namely PCI DSS.
  • Strove to discover the security mechanisms, including key management and data encryption, if or when available, and tune it to meet standards and policies.
  • Advised the application and infrastructure team on how to fix emerging vulnerabilities on time.
  • Enabled end-to-end applications logging of all security events, which helped create an end-to-end transaction view with non-repudiation characteristics.
  • Configured and maintained tools for web application firewall, data loss protection, file integrity monitoring, IAM, and database activity monitoring.
Technologies: Azure, Identity & Access Management (IAM), Cloud Security, Zero-day Vulnerabilities, Threat Modeling, Cloud, APIs, Vulnerability Assessment, Architecture, Security Architecture, NIST, PCI, Information Security, SAML, OAuth, CISSP, Cloudflare, Azure Network Security Groups, Antivirus Software, Windows, Application Security, SOC 2, Okta, Risk Assessment, Information Assurance, CI/CD Pipelines, Endpoint Security, CloudOps, Terraform, JavaScript, MongoDB, Encryption, Data Governance, Webflow

Penetration Tester

2024 - 2024
Analytics Simplified
  • Conducted vulnerability assessments and risk analysis of client's web application. Utilized industry-standard tools and methodologies to identify security weaknesses.
  • Performed black box penetration testing on the client's web application with a focused reference to the SAML SSO functionality.
  • Documented findings in detailed reports, including the nature of vulnerabilities, potential impact, and recommended remediation steps. Presented findings and recommendations to technical and non-technical stakeholders.
Technologies: Penetration Testing, IT Security, SAML, SAML-auth, Single Sign-on (SSO), Access Control, Amazon Web Services (AWS), Algorithms, Application Security, JavaScript, MongoDB, Encryption

Senior CloudOps Engineer

2024 - 2024
Foundever
  • Deployed Keycloak instances using Terraform and Helm.
  • Installed, configured, and managed Keycloak instances using infrastructure as a code. Integrated Keycloak with various applications and services, ensuring seamless authentication and authorization.
  • Ensured security best practices were followed in Keycloak configurations and implementations. Updated Keycloak configurations to address security vulnerabilities and compliance requirements.
Technologies: Keycloak, Security, CloudOps, Kubernetes, Argo CD, Terraform, Encryption, Google Cloud Platform (GCP)

Azure Security Engineer

2023 - 2024
Outdoor Living Supply
  • Implemented best practices for Azure service principal, Key Vault, and identity and access management (IAM).
  • Evaluated the use of privileges, credentials, and secrets to support the development of Power Automate workflows and Dataverse, as well as Power BI workflows and Power Apps development.
  • Documented and enforced security best practices around the usage of service accounts and service principals in an enterprise setting.
Technologies: Identity & Access Management (IAM), SecOps, Azure Key Vault, Azure, SharePoint, Encryption, Email

Google Workspace and Hosting Expert

2023 - 2023
Peacock Media
  • Carried out the clean up of an unused domain. Reviewed the client's Google Workspace to find anomalous activities. Assisted with the domain transfer from register to Azure DNS.
  • Reviewed Google Drive to check for unauthorized activities, reviewed profile sync settings and start up configurations, filtered admin logs for email recovery action and inaction, and discovered some disparity in Google logs presentation.
  • Completed the security review and concluded the SOW around security optimization of the entire client's Google Workspace.
Technologies: Business Services, Security, Google Workspace, IT Security, Web Security, Gmail, VPN, Email

SecOps Engineer | White Hat Hacker

2023 - 2023
DadGum Marketing, LLC
  • Conducted security audits of cloud configurations to ensure compliance with security best practices.
  • Evaluated the security of cloud-based systems and infrastructure. Introduced cloud tooling to protect organizations against DOS and DDOS attacks.
  • Prepared detailed reports outlining vulnerabilities, risks, and recommended remediation strategies.
  • Worked closely with the DevOps engineer and lead software developer to address security concerns and implement solutions.
Technologies: Database Security, Penetration Testing, Security, IT Security, Cybersecurity, Certified Ethical Hacker (CEH), Risk Assessment, SecOps, Web Security, Keycloak, TypeScript

Cloud Solutions Engineer

2023 - 2023
UWS ie Ltd.
  • Deployed Prometheus/Grafana and ELK, mainly for back-end services.
  • Created backup and redundancy for the services, like AKS and Datastores, for high availability and fault tolerant systems.
  • Enforced security advisory recommendations and improved security score from 42% to 85%.
Technologies: Azure, Prometheus, Azure Kubernetes Service (AKS), GitOps, Application Monitoring, Logging, Azure Monitor, Kubernetes, CI/CD Pipelines, Keycloak, CloudOps

Senior Security Analyst

2021 - 2022
Bitso
  • Developed tools for automated build, test, deployment, and management of the platform.
  • Improved continuous integration and delivery systems by adopting a shift left security framework.
  • Monitored system events to ensure health, maximum system availability, and service quality. Performed system and application patching.
  • Designed, built, deployed, and maintained AWS resources, including VPC, security groups, IAM, AWS Inspector and Detective, CloudFront, GuardDuty, CloudTrail, CloudWatch, S3, AWS Security Hub, AWS Shield, AWS, and AWS Secrets Manager.
  • Participated in the definition of standards, guidelines, and best practices.
Technologies: Amazon Web Services (AWS), AWS IAM, System-on-a-Chip (SoC), GitHub Actions, SQL, Cloud Security, Linux, Threat Modeling, SecOps, Vulnerability Assessment, Architecture, Security Architecture, PCI, Risk Management, SAML, OAuth, Cloudflare, Antivirus Software, Monitoring, OWASP Top 10, Application Security, Security Audits, Risk Assessment, Information Assurance, ISO 27001, CI/CD Pipelines, Kali Linux, Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), Endpoint Security, JavaScript, Email

Information Security Architect

2020 - 2021
Standard Bank South Africa
  • Sourced and implemented new security solutions to better protect the organization.
  • Enforced security standards by adopting spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) and ISO 27001 SOC2 type 2 regulations and frameworks.
  • Supported the DevSecOps pipeline that performs quality assurance and validation using Compliance-as-code files.
  • Acted as a cybersecurity technical lead in product and vendor selection, providing the security evaluation of products, options, and responses to tenders.
  • Protected the organization's cloud and on-premises infrastructures, monitored data to identify suspicious activity, and identified and mitigated risks before a breach occurred.
  • Identified current and emerging technology issues, including security trends, vulnerabilities, and threats.
  • Performed vulnerability assessment and penetration testing on computer systems, networks, and applications, generally in a vacuum.
Technologies: Azure, DevOps, Shell, Penetration Testing, Vulnerability Management, Azure DevOps, Azure PaaS, Cloud Security, DevSecOps, Authentication, SecOps, Vulnerability Assessment, Security Architecture, NIST, PCI, SAML, OAuth, Azure Network Security Groups, Monitoring, Windows, OWASP Top 10, Application Security, Compliance, On-premise, Security Audits, Information Assurance, Stakeholder Management, ISO 27001, Kali Linux, Data Loss Prevention (DLP), Keycloak, CloudOps, STRIDE, Email

Enterprise Integration and Security Architect

2018 - 2020
Fidelity Investments
  • Enforced secure coding standards by adopting the Open Web Application Security Project (OWASP) and assisted in threat modeling activities using STRIDE and MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Standards.
  • Drove the adoption of CI/CD, Azure DevSecOps, using the Agile Scrum Framework across all the software development teams of the bank.
  • Managed CI/CD efforts for cloud application development and deployment.
  • Designed, built, deployed, and maintained the cloud stack, including Azure VMs and Kubernetes, integrated solely into the Azure DevOps release pipelines.
  • Guided development teams with suggestions for frameworks, architecture, and other technologies.
  • Engineered and tuned the cloud security solutions for enrollments, monitoring, alerting, and maintaining defined security posture in Azure and AWS.
  • Planned and executed the migration of legacy applications to the cloud and engineered the API manager of the bank leveraging Azure.
Technologies: Azure, Oracle, SQL, DevOps, GitHub Actions, Azure PaaS, Cloud Security, Penetration Testing, Vulnerability Assessment, Authentication, SecOps, Architecture, Security Architecture, PCI, Risk Management, SAML, OAuth, Monitoring, OWASP Top 10, Application Security, Compliance, On-premise, Stakeholder Management, Kali Linux, Data Loss Prevention (DLP), Keycloak, CloudOps

Network Security Engineer

2015 - 2018
IHS Holding
  • Installed and configured computer networks and systems.
  • Monitored the performance of systems and services, documented trends, and initiated action.
  • Identified and solved any problems that arose with computer networks and systems.
  • Monitored computer networks and systems to identify how performance could be improved.
  • Configured firewalls, routers, switches, and rules of the access control list (ACL).
Technologies: Cisco, Aviatrix, IT Manufacturing, Palo Alto Networks, SQL, Architecture, PCI, Risk Management, SAML, Cloudflare, Stakeholder Management

Digital Banking Application

A digital bank app with insurance, everyday banking, credit, and stock trading for over 30 million customers.

The system was built on a microservice pattern, orchestrated with Azure Kubernetes service, and managed databases in a cloud environment. Other endpoints and integration via APIs to third-party are also enabled on a subscription basis via a developer portal.

Corporate Banking App

This application was designed to allow digital onboarding for corporate customers and allow seamless banking. This application is currently used across five countries and has generated revenue for the bank.

Developer Portal for Open Banking

An API management portal based on Azure API Management service that helps the bank to create custom APIs, transform these APIs, and abstract the internal content of such APIs. This portal allows third-party clients to connect with some of the out-of-the-box open banking offerings and can easily subscribe.
2018 - 2019

Master's Degree in Information and Communication Technology

Bayero University Kano - Kano, Nigeria

2009 - 2014

Bachelor's Degree in Computer Engineering

Federal University of Technology - Minna, Nigeria

NOVEMBER 2022 - NOVEMBER 2024

Microsoft Certified: Azure Solutions Architect Expert

Microsoft

NOVEMBER 2022 - NOVEMBER 2025

Certified Information Systems Security Professional (CISSP)

isc2

OCTOBER 2022 - PRESENT

API Security Architect

API Academy

JULY 2022 - JULY 2025

Certified Information Security Auditor (CISA)

ISACA

JULY 2022 - JULY 2025

Certified Information Security Manager (CISM)

ISACA

JUNE 2022 - JUNE 2025

AWS Certified Security | Specialty

Amazon Web Services

OCTOBER 2020 - PRESENT

Foundations of Operationalizing MITRE ATT&CK

AttackIQ

AUGUST 2020 - AUGUST 2023

Aviatrix Certified Engineer | Multicloud Network Associate

aviatrix

AUGUST 2020 - AUGUST 2024

Microsoft Certified: Azure Security Engineer Associate

Microsoft

JUNE 2020 - JUNE 2023

AWS Solutions Architect Associate

Amazon Web Services

FEBRUARY 2020 - FEBRUARY 2023

CompTIA Security+ Certification

CompTIA

Libraries/APIs

React

Tools

Azure Network Security Groups, Google Workspace, Shell, Keycloak, CloudOps, Terraform, Auth0, GitHub, AWS IAM, Azure Kubernetes Service (AKS), Logging, Azure Monitor, VPN, Azure Key Vault

Paradigms

Security Software Development, Penetration Testing, DevSecOps, DevOps, Azure DevOps

Platforms

Amazon Web Services (AWS), Azure, Azure PaaS, Azure IaaS, Linux, Kali Linux, Windows, Google Cloud Platform (GCP), Webflow, Oracle, Kubernetes, SharePoint

Industry Expertise

Cybersecurity, Network Security

Storage

Database Security, MongoDB, On-premise

Languages

SAML, JavaScript, Python, SQL, Embedded C, TypeScript

Other

Web Security, IT Security, Identity & Access Management (IAM), Cisco, Cloud Security, Cloud, OWASP, Threat Modeling, Security, Authentication, SecOps, Architecture, Security Architecture, Security Engineering, Cloudflare, Azure Cloud Security, Antivirus Software, Monitoring, OWASP Top 10, Application Security, Compliance, Risk Assessment, ISO 27001, CI/CD Pipelines, Endpoint Security, Encryption, Data Governance, IT Audits, IT Operations Management (ITOM), Identity, Access Control, Vulnerability Assessment, EVoting, Networking, Cryptography, Red Teaming, NIST, APIs, PCI, Risk Management, Communication, Information Technology, OAuth, IDS/IPS, SOC 2, Okta, Security Audits, Information Assurance, Stakeholder Management, Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), Email, Azure VDI, Asset Protection, Zero-day Vulnerabilities, Vulnerability Management, System-on-a-Chip (SoC), GitHub Actions, Aviatrix, IT Manufacturing, Palo Alto Networks, IoT Security, Informatica Cloud, Cryptographic Protocols, Algorithms, Programming, Cyber Forensics, Data-level Security, MITRE ATT&CK, Cybersecurity Operations, Firewalls, API Gateways, Incident Management, Information Security, CISSP, CISM, Infrastructure as Code (IaC), Microsoft 365, Prometheus, GitOps, Application Monitoring, Certified Ethical Hacker (CEH), Business Services, Gmail, STRIDE, Argo CD, SAML-auth, Single Sign-on (SSO)

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring