DAMOLA AMOSUN
London
Summary
Cybersecurity analyst with hands-on SOC experience across Azure Sentinel, Tenable Nessus, and phishing simulation. Demonstrated success in reducing cyber risk, improving user awareness, and aligning with frameworks like NIST and GDPR. Experienced in multi-site operations, incident response, and proactive threat intelligence adaptation. Flexible, on-call-ready, and committed to continuous professional development.
Overview
10
10
years of professional experience
7
7
years of post-secondary education
Work history
Information Security Analyst
EcomServe UK
London, England
09.2022 - 09.2025
- Participated in implementation and ongoing support of security technologies including Azure Sentinel (SIEM), Tenable (vulnerability scanning), and Microsoft MFA to improve infrastructure posture.
- Monitored and responded to cyber-related helpdesk tickets, collaborating with IT support teams to investigate phishing reports, privilege issues, and endpoint security events.
- Conducted internal vulnerability scans using Tenable Nessus and simulated phishing attacks to assess and improve user awareness and incident response readiness.
- Provided cybersecurity briefings and knowledge-sharing sessions with non-technical colleagues to raise awareness of social engineering and phishing threats.
- Worked closely with IT and infrastructure teams to ensure new system deployments followed security best practices, including configuration hardening and log visibility.
- Regularly tracked cyber threat trends and updated incident response procedures based on evolving attacker tactics and vulnerabilities.
- Implemented a vulnerability management lifecycle using Tenable Nessus scans, tracked remediation SLAs, and worked with IT teams to reduce critical vulnerabilities by 40% within 8 weeks.
- Designed and executed phishing simulations using open-source tools, tracked employee click-through rates, and created a post-campaign awareness training brief. Led to 60% reduction in phishing link clicks in two months.
- Generated weekly incident reports and phishing simulation metrics to track awareness KPIs and inform cyber posture improvements.
- Contributed to internal knowledge base and playbook documentation, detailing incident response procedures and root cause workflows.
- Flexible and available for on-call response and on-site incident support in a high-stakes, multi-location environment
Risk Analyst
Cybarik Limited
London, England
01.2022 - 05.2022
- Evaluated vendor security controls and internal business processes using risk frameworks (NIST, ISO 27005), producing executive-level reports for remediation planning.
- Drafted executive-level risk reports covering data handling practices, supplier security posture, and contractual compliance, contributing to strategic decision-making.
- Created a standardized Risk Register framework, enabling systematic tracking and mitigation of information and operational risks across departments.
- Collaborated with stakeholders to design mitigation strategies for risks affecting data confidentiality, availability, and integrity.
- Supported internal compliance initiatives by documenting control gaps, collecting evidence, and contributing to audit readiness documentation.
- Assessed data handling and exposure risks against GDPR and PCI-DSS benchmarks; recommended and documented mitigation strategies for each line of business.
- Fostered strong relationships with stakeholders through clear communication about potential risks and mitigation plans.
IT Support Analyst
Ministry of Science and Technology
Lagos, Nigeria
08.2018 - 12.2020
- Provided technical support for improved user experience.
- Assisted in the migration of servers for smoother transitions.
- Optimised network performance with routine system checks.
- Tested new software applications before deployment.
- Conducted training sessions to enhance staff's IT skills.
- Developed technical manuals for user guidance.
- Monitored server health regularly, maintaining optimal performance.
- Maintained up-to-date knowledge of new technologies for better problem resolution.
- Conducted server back-up and recovery operations in line with protocols.
- Established and troubleshot network and data communications systems.
IT Technical Support Intern
Lagos State University
Lagos, Nigeria
06.2015 - 07.2016
- Handled day-to-day IT operations, maintained a trouble-free working environment.
- Maintained IT inventory, ensured availability of essential devices.
- Provided technical assistance for smoother operations.
- Troubleshot operating systems, hardware and software problems to identify root causes.
- Gave first-line support to customers within agreed Service Line Agreement (SLA).
- Conducted hardware maintenance to prolong equipment life.
- Resolved complex software issues with detailed troubleshooting.
- Performed regular system checks for potential threats or malfunctions.
Education
Master of Science - Cybersecurity And Human Factors
Bournemouth University
Bournemouth, England 01.2021 - 11.2023
BSc - Computer Science
Lagos State University
Lagos, Nigeria 08.2014 - 04.2018
Skills
- Information security policies creation
- Cybersecurity frameworks knowledge
- Network protocols understanding
- Commitment to continuous learning
- Security incident event management
- IT governance implementation
- Data privacy understanding
- Network security enhancements
- Vulnerability testing
- Vulnerability assessment
- Threat intelligence interpretation
- Python programming
- Risk mitigation planning
- Tenable Nessus
- Interpersonal communication
- Wireshark, Sysinternals
- GDPR, NIST CSF, MITRE ATT&CK
Timeline
Information Security Analyst
EcomServe UK
09.2022 - 09.2025
Risk Analyst
Cybarik Limited
01.2022 - 05.2022
Master of Science - Cybersecurity And Human Factors
Bournemouth University
01.2021 - 11.2023
IT Support Analyst
Ministry of Science and Technology
08.2018 - 12.2020
IT Technical Support Intern
Lagos State University
06.2015 - 07.2016
BSc - Computer Science
Lagos State University
08.2014 - 04.2018