Profiles search
Michael Akinbamiro
Senior Cybersecurity Strategist | Security Risk Analyst | Project Management Enthusiast|
Richmond, TX, United States
Details
Experience:
• Conducted comprehensive risk assessments and vulnerability scans to identify potential security gaps and weaknesses, ensuring adherence to NIST, PCI DSS, and ISO standards.
• Developed and implemented robust risk management strategies, resulting in a significant reduction in security incidents and improved overall security posture.
• Assess, monitor, and enhance the security posture of the organization.
• Facilitate Vendor Management and Privileged Access Management controls.
• Complete annual vendor due diligence and resolve contract issues.
• Assist in implementing and documenting a Privileged Access Management solution.
• Coordinate with third-party audit vendors and ensure controls are operating effectively.
• Develop, implement, and enforce security policies, standards, and procedures.
• Stay updated on industry best practices, regulations, and compliance requirements.
• Collaborate with the training team to deliver security awareness programs.
• Assist in the evaluation, selection, and implementation of security technologies and tools.
• Maintain and update security tools to ensure proper functioning and efficiency.
• Collaborated with internal teams and third-party vendors to perform due diligence assessments, evaluating their security controls and compliance with relevant regulations.
• Successfully led cross-functional teams in conducting risk analysis exercises, fostering a culture of proactive risk identification and mitigation.
• Conducted gap assessments against security frameworks and regulatory requirements, delivering actionable recommendations to achieve and maintain compliance.
• Utilized data analysis and security metrics to monitor and report on the effectiveness of information security controls and risk management initiatives to executive stakeholders.
2021 : Present
Clariant
Cybersecurity Strategy & Risk Manager
• Assist in the cybersecurity authorization of all solutions utilizing the Risk Management Framework (RMF)
• Helps the Security team achieve authorizations to operate and work on external platforms by ensuring the platforms are secure and in compliance with industry best standards.
• Maintaining all production records and releases through continuous monitoring and reporting.
• Experience developing and maintaining security documentation like System Security Plans (SSPs), contingency plans, risk assessments, etc.
• Knowledge of NIST standards, RMF, and Assessment and Authorization processes.
• Ability to implement and manage security controls, policies, and procedures aligned to our organizational security requirements and policies.
• Background security control assessments, vulnerability scans, and supporting authorization activities.
• Experience collecting evidence and documentation to demonstrate compliance for audit purposes.
• Ability to interface with stakeholders throughout the SDLC process.
• Strong documentation and communication abilities
• Utilized SIEM tools to correlate and report on information from other bank systems to assist in proactively identifying security trends, risks, and potential threats.
• Perform security event investigations utilizing technical capabilities and established processes.
• Reviewed threat intelligence to make recommendations for detective and preventive controls to reduce the risk of threats to the environment. Support security governance requirements for process effectiveness and risk management.
• Participated in projects as required and facilitated representation of Security Operations to ensure projects meet security requirements.
2019 : 2021
State Street Bank, Quincy, IL
Security Analyst II
As part of the cyber security team working on behalf of the firm’s Chief Security officer some of my roles as the security analyst, includes but not limited to identifying potential security threats and vulnerabilities in our environment and developing industry standard strategies in mitigating them. Part of my responsibilities include analyzing security systems and protocols to ensure that they are effective and up-to-date, and for conducting risk assessments to identify areas where security measures may be lacking.
Additionally, I play a key role in developing and implementing security policies and procedures, as well as providing training and education to other employees on security best practices. I work closely with other members of the IT team within the Agile and waterfall methodologies to ensure that security protocols are integrated into all aspects of the organization's operations.
Overall, my number one commitment is to ensure that safety and security of my organization's sensitive information and assets, are well protect from any form of targeted or subtle potential threats and cyber-attacks.
As a security analyst I have deep understanding and implementation of good security controls and tools like OpenVAS in scanning my organization networks to catch vulnerabilities in the system and deploy a fix before those could be exploited by cyber criminals.
Ensuring the use of Intrusion Detection/Prevention Systems (IDS/IPS) : IDS/IPS are software or hardware systems that helps monitors network traffic and blocking any malicious activity. In my environment we currently use Snort for as our IDS tool.
Also using Splunk, this helps in organizing all our known assets in one location and can better collect, analyze, and correlate security events from various sources in our environment
2017 : 2019
Venice Engineering, LLC
IT Risk Analyst
• Developed and implemented robust risk management strategies, resulting in a significant reduction in security incidents and improved overall security posture.
• Assess, monitor, and enhance the security posture of the organization.
• Facilitate Vendor Management and Privileged Access Management controls.
• Complete annual vendor due diligence and resolve contract issues.
• Assist in implementing and documenting a Privileged Access Management solution.
• Coordinate with third-party audit vendors and ensure controls are operating effectively.
• Develop, implement, and enforce security policies, standards, and procedures.
• Stay updated on industry best practices, regulations, and compliance requirements.
• Collaborate with the training team to deliver security awareness programs.
• Assist in the evaluation, selection, and implementation of security technologies and tools.
• Maintain and update security tools to ensure proper functioning and efficiency.
• Collaborated with internal teams and third-party vendors to perform due diligence assessments, evaluating their security controls and compliance with relevant regulations.
• Successfully led cross-functional teams in conducting risk analysis exercises, fostering a culture of proactive risk identification and mitigation.
• Conducted gap assessments against security frameworks and regulatory requirements, delivering actionable recommendations to achieve and maintain compliance.
• Utilized data analysis and security metrics to monitor and report on the effectiveness of information security controls and risk management initiatives to executive stakeholders.
2021 : Present
Clariant
Cybersecurity Strategy & Risk Manager
• Assist in the cybersecurity authorization of all solutions utilizing the Risk Management Framework (RMF)
• Helps the Security team achieve authorizations to operate and work on external platforms by ensuring the platforms are secure and in compliance with industry best standards.
• Maintaining all production records and releases through continuous monitoring and reporting.
• Experience developing and maintaining security documentation like System Security Plans (SSPs), contingency plans, risk assessments, etc.
• Knowledge of NIST standards, RMF, and Assessment and Authorization processes.
• Ability to implement and manage security controls, policies, and procedures aligned to our organizational security requirements and policies.
• Background security control assessments, vulnerability scans, and supporting authorization activities.
• Experience collecting evidence and documentation to demonstrate compliance for audit purposes.
• Ability to interface with stakeholders throughout the SDLC process.
• Strong documentation and communication abilities
• Utilized SIEM tools to correlate and report on information from other bank systems to assist in proactively identifying security trends, risks, and potential threats.
• Perform security event investigations utilizing technical capabilities and established processes.
• Reviewed threat intelligence to make recommendations for detective and preventive controls to reduce the risk of threats to the environment. Support security governance requirements for process effectiveness and risk management.
• Participated in projects as required and facilitated representation of Security Operations to ensure projects meet security requirements.
2019 : 2021
State Street Bank, Quincy, IL
Security Analyst II
As part of the cyber security team working on behalf of the firm’s Chief Security officer some of my roles as the security analyst, includes but not limited to identifying potential security threats and vulnerabilities in our environment and developing industry standard strategies in mitigating them. Part of my responsibilities include analyzing security systems and protocols to ensure that they are effective and up-to-date, and for conducting risk assessments to identify areas where security measures may be lacking.
Additionally, I play a key role in developing and implementing security policies and procedures, as well as providing training and education to other employees on security best practices. I work closely with other members of the IT team within the Agile and waterfall methodologies to ensure that security protocols are integrated into all aspects of the organization's operations.
Overall, my number one commitment is to ensure that safety and security of my organization's sensitive information and assets, are well protect from any form of targeted or subtle potential threats and cyber-attacks.
As a security analyst I have deep understanding and implementation of good security controls and tools like OpenVAS in scanning my organization networks to catch vulnerabilities in the system and deploy a fix before those could be exploited by cyber criminals.
Ensuring the use of Intrusion Detection/Prevention Systems (IDS/IPS) : IDS/IPS are software or hardware systems that helps monitors network traffic and blocking any malicious activity. In my environment we currently use Snort for as our IDS tool.
Also using Splunk, this helps in organizing all our known assets in one location and can better collect, analyze, and correlate security events from various sources in our environment
2017 : 2019
Venice Engineering, LLC
IT Risk Analyst
Company:
Clariant
About
With a decade of rigorous experience in the realm of cybersecurity, I have nurtured an expertise that stretches from risk assessment, vulnerability management, incidence repose and security analysis to strategic cybersecurity implementations. My knowledge repository includes renowned security frameworks such as NIST, ISO 27001, PCI-DSS, and more. A certified CISM & CISA, I possess an innate ability to identify and mitigate potential threats, ensuring that organizations remain fortified against evolving cyber challenges.
Core Skills & Expertise
🔹 Security Frameworks: NIST, ISO 27001, PCI-DSS, HIPPA, FISMA, CIS
🔹 Security & Risk Management Tools: Nessus, Qualys, Splunk, RSA Archer, JIRA, Trello, Azure
🔹 Risk Analysis & Strategy: Threat Modeling, Business Impact Analysis, ISO 27005 Framework
🔹 Compliance & Regulations: GDPR, SOX, CCPA, ITIL, COBIT, HIPPA, HITRUST
🔹 Project Management: Agile Methodologies (Scrum, Kanban), Microsoft Project, Monday.com
Profile Photo
