Cybersecurity - Associate Consultant - Sardonyx Technologies - Lagos, Lagos State, Nigeria
(2025-06)
- Delivered comprehensive training programs to over 50 candidates on ethical hacking and penetration testing, utilizing tools such as Nmap, OpenVAS, FFUF, Metasploit, Burp Suite, Hetty and OWASP ZAP to build practical, hands-on cybersecurity skills.
- Performed vulnerability assessments and penetration testing on web applications, APIs, and Android mobile applications, adhering to OWASP Top 10 standards to identify, prioritize, and mitigate security vulnerabilities.
- Designed and deployed cybersecurity labs using Windows Server 2019, Windows Server 2022, and Ubuntu, providing a controlled environment for practical ethical hacking and penetration testing exercises.
- Conducted four OSINT investigations for four (4) top organizations in Nigeria, leveraging tools such as Maltego, OSINT Framework, and Shodan to gather intelligence, analyze threats, and support security decision-making.
CTF Player - TryHackMe || HackTheBox
(2022-01)
- Gained practical, hands-on experience in penetration testing and ethical hacking by solving real-world scenarios on TryHackMe and Hack The Box platforms.
- Developed and refined skills in network exploitation, web application security, privilege escalation, and OSINT through guided and unguided challenges.
- Completed numerous capture-the-flag (CTF) challenges to simulate real-world attack methodologies and strengthen offensive security expertise.
- Built proficiency with industry-standard tools such as Burp Suite, Nmap, Metasploit, Gobuster, and Hydra while honing problem-solving and critical-thinking skills.
Cyber Security Analyst - Secure Edge Technologies - Ikeja, Lagos State, Nigeria
(2024-01 - 2025-06)
- Conducted vulnerability assessments and penetration testing on 14+ web applications and 5+ API documentations, following OWASP Top 10 standards to identify and remediate critical security risks.
- Utilized tools such as Burp Suite, OpenVAS, and Postman to uncover vulnerabilities while adhering to OWASP Top 10 standards and best practices.
- Performed security testing on Android mobile applications to detect insecure coding practices, data leaks, and potential attack vectors. Leveraged specialized tools such as Ghidra, MobSF, Frida and Burpsuite to conduct dynamic and static analysis of mobile apps.
- Supported compliance audits for frameworks and standards which includes; PCI-DSS, ISO 27001, ISO 8583, and ISO 22301:2019, ensuring alignment with regulatory and industry requirements.
- Designed and delivered three cybersecurity awareness training sessions covering social engineering, phishing attack detection, open-source intelligence (OSINT), and various cyberattack techniques to promote a security-first culture within the organization.
- Conducted OSINT investigations using tools such as Maltego, Google Maps, and Google Earth to gather intelligence, analyze digital footprints, and provide actionable insights for threat detection and security assessments.
Python + Cyber Security Engineer - Turing (Contract) - United States
(2025-03 - 2025-04)
- Reviewed python source code to identify insecure coding practices and provided practical guidance on remediation techniques to help developers write more secure and resilient code.
- Collaborated with development teams to integrate security best practices into the software development lifecycle (SDLC), fostering a security-first mindset across projects.
Penetration Tester - FireSwitch Technologies Ltd - Nigeria
(2023-07 - 2023-12)
- Conducted penetration testing on six (6) in-house e-commerce web applications, utilizing tools such as Burp Suite, OWASP ZAP, Acunetix, and Nessus to identify vulnerabilities and ensure security compliance with OWASP guidelines.
- Performed API penetration testing on two different API collections using Postman, focusing on security risks in alignment with the OWASP API Security Top 10 standards.
- Delivered comprehensive, actionable reports with clear remediation steps to address and mitigate identified critical vulnerabilities.
- Conducted security awareness sessions and knowledge-sharing workshops to educate developers on common cybersecurity vulnerabilities, including those outlined in the OWASP Top 10.
Information Security Administrator - Virtually Testing Foundation - Remote
(2022-09 - 2022-11)
- Performed penetration testing on both Windows and Linux servers using tools such as Nmap (Network Mapper) and Metasploit to identify and exploit vulnerabilities.
- Conducted penetration testing on three web (3+) applications, leveraging tools like Burp Suite and Metasploit to assess application security and uncover potential attack vectors.
- Carried out OSINT (Open-Source Intelligence) investigations using tools such as Maltego, Google Maps, and Google Earth to gather actionable intelligence and support security assessments.
- Conducted security research and threat analysis, leveraging platforms like Twitter/TweetDeck to identify emerging vulnerabilities, attack trends, and threat actor activities.
Cyber Intern Researcher - SISTMR - Australia, Remote
(2022-02 - 2022-04)
- Conducted security research and analysis to identify emerging threats, vulnerabilities, and evolving attack techniques.
- Assisted the team in staying up-to-date with the latest security trends, tools, and methodologies, fostering continuous improvement and knowledge growth.
- Actively participated in security meetings and presentations, contributing insights and sharing findings to strengthen the organization's overall security posture.
