Summary
Overview
Work History
Education
Skills
Certification
Languages
Work Availability
Quote
Timeline
Hi, I’m

Osarodion Samuel Tolofari

Glasgow
Osarodion Samuel Tolofari

Summary

Results-driven cybersecurity leader with over a decade of expertise in enterprise security, risk management, and compliance. Proven success in building high-performing teams, executing cybersecurity strategies, and aligning security frameworks with business objectives. Adept at incident response, vulnerability management, policy development, and deploying scalable security solutions. Trusted advisor to senior leadership, translating complex technical risks into actionable insights. Passionate about fostering a culture of security awareness and resilience across organisations.

Spearheaded ISO 27001 & Cyber Essentials+ compliance across multiple business units, achieving 100% audit success and strengthening security posture.

• Led strategic vulnerability management initiatives, reducing critical vulnerabilities by 70% through proactive patching and security enhancements.

• Developed and executed a multi-year cybersecurity roadmap, elevating security maturity by 40% and aligning efforts with digital transformation.

• Optimised third-party risk management framework, decreasing vendor-related security risks by 60% via enhanced assessments and SLA enforcement.

• Created a real-time cybersecurity KPI dashboard, enabling executives to monitor risk trends and security metrics with greater precision.

• Delivered company-wide phishing simulations & training, increasing employee threat reporting by 85% and reducing click rates by 40%.

Overview

10
years of professional experience
1
Certificate
1

Microsoft 365 Certified: Security Administrator Associate

1

CompTIA CySA+ RNP50BEX3RLLV3GV

1

CompTIA Security+ BFDN2RX4W4K6VL52

1

Certified in Cyber security (CC) Issued by (ISC)²

Work History

BJSS

Senior Information Security Analyst
07.2023 - Current

Job overview


  • Collaborate with multiple project teams to develop and maintain security standards and comprehensive information security policies and procedures.
  • Incident Management - Microsoft stack
  • Implementing and maintaining ZTA
  • Intelligence Driven Defence, Cyber Kill Chain, Unified Enterprise Defence
  • Conduct company risk assessment and remediation strategies.
  • Provide expert guidance in selecting and onboarding security tools.
  • NIST Cyber Security Framework and C2M2
  • Designed company-wide policies to bring operations in line with ISO, NIST and CIS standards.
  • Vulnerability Management - using Qualys.
  • Improved system performance by optimising configurations and identifying potential security risks implementing benchmark security recommendations.
  • Conduct regular audits to ensure compliance with industry standards, such as ISO 27001.
  • Enhanced network security.
  • Cybersecurity awareness through well-structured training programs and workshops with Knowbe4.
  • Manage vendor relationships effectively to implement third-party solutions that meet company requirements successfully.
  • Security reports and metrics to track security performance and strategy improvements.
  • Recommend improvements in security systems and procedures implementing NIST, and CIS.
  • Implemented security measures to reduce threats and damage related to cyber-attacks.
  • Mentor junior analysts within the team, providing guidance and support for their professional growth.
  • Collaborate with IT implementing post-red team recommendations.
  • Managed vendor relationships effectively to ensure successful implementation of third-party solutions that met company requirements.


Secrutiny | Acora

Cybersecurity Operation Analyst
06.2020 - 07.2023

Job overview

  • Manage and triage cybersecurity incidents.
  • Incident Management - using Google security stack
  • Vulnerability Management - using Tripwire and Qualys
  • Identify and follow up on, non-compliance with Group's cyber security policy framework.
  • Access Reviews
  • Identify opportunities for continuous process improvements within Cybersecurity and Compliance.
  • Conduct Tabletop exercises / anti-phishing campaigns.
  • Support cyber security assignments as well as supporting GDPR/Data Protection initiatives within responsible functions.
  • Managed multiple deadlines across several businesses to meet the dynamic needs of multiple clients.
  • Exceeded goals through effective task prioritization and great work ethic.
  • Conducted root cause analyses on operational inefficiencies, leading to the implementation of corrective actions that increased overall effectiveness.

TVI GLOBAL

Consultant Cybersecurity Analyst
05.2017 - 05.2020

Job overview

  • Support, and assist Cyber Incident Response Team (CIRT) and execute and deliver Cyber Response Services.
  • Provide recommendations for mitigating identified security risks using technical measures.
  • Analyse cybersecurity Incidents using threat intelligence data sources.
  • Conduct root cause analysis to identify gaps and recommendations, ultimately remediating risks.
  • Collaborate closely with Cyber threat Intelligence, Investigations teams.
  • Worked closely with team members to deliver project requirements, develop solutions, and meet deadlines.

Sic Lazaro

Cybersecurity Analyst
05.2015 - 05.2017

Job overview

  • Analyse cybersecurity Incidents using threat intelligence data sources.
  • Conduct root cause analysis to identify gaps and recommendations, ultimately remediating risks to the firm.
  • Assessed optimised and elevated operations to target current and expected demands.
  • Organised and prioritised work to complete assignments quickly and efficiently.
  • Developed and maintained incident response protocols to mitigate damage and liability during security breaches.
  • Reviewed violations of computer security procedures and developed mitigation plans.

Education

University of Port Harcourt

Bachelor of Science from Human Anatomy

University Overview

University of Essex
ESSEX

Post Graduate Certificate from cyber security
09.2022

University Overview

Skills

  • Incident Management
  • Risk Management
  • Vulnerability Management
  • Asset management
  • Compliance review and Audit preparations
  • Reporting documentation
  • Microsoft 365 Suite
  • EDR: Netskope, Sophos,Sentinel-One, Defender
  • SIEM: Chronicle, Azure Sentinel
  • Email gateway: Proofpoint, Mimecast
  • FW-Meraki,
  • XSOAR-Siemplify, Palo Alto SOAR
  • ServiceNow, Azure O365 Freshservice
  • Encryption
  • Network and operating System
  • Ability to Work Under Pressure
  • Strong Communication Skills
  • Data Analyst & logs Correlations
  • Threat intelligence
  • Cyber security Frameworks
  • Critical Thinking Skills
  • Information Protection
  • Security Planning
  • Access Control
  • Endpoint Security
  • Incident Response
  • Patch management
  • Penetration Testing
  • Threat Intelligence

Certification

  • Certified Information Security Manager CISM
  • Microsoft Security Operations Analyst SC-200 Certified
  • SSCP -Systems Security Certified Practitioner (ISC)²
  • Security Administrator Associate Certified in Cyber
  • Security (CC) Issued by (ISC)²
  • CompTIA CYSA+ RNP50BEX3RLLV3G
  • CompTIA Security+ BFDN2RX4W4K6VL52
  • CompTIA Security Analytics Professional – CSAP
  • SANS Hacker Tools, Technique, Exploits and Incident Handling Training
  • Certificate of Continuing Education Completion: Malware threats
  • Certificate of Continuing Education Completion:
  • Fundamental Windows Security Overview
  • Certificate of Continuing Education Completion:
  • Cyber Threat Intelligent Certificate of Continuing Education Completion:
  • Lean SIX Sigma Yellow Belt Certificate of Continuing Education Completion:
  • WebDefence Fundamentals Certificate of Continuing Education Completion: WebDefence Fundamentals
  • International English Language Testing System (IELTS)


Languages

English
Native language
English
Proficient
C2
Spanish
Proficient
C2
Availability
See my work availability
Not Available
Available
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Quote

There is a powerful driving force inside every human being that, once unleashed, can make any vision, dream, or desire a reality.
Tony Robbins

Timeline

Senior Information Security Analyst
BJSS
07.2023 - Current
Cybersecurity Operation Analyst
Secrutiny | Acora
06.2020 - 07.2023
Consultant Cybersecurity Analyst
TVI GLOBAL
05.2017 - 05.2020
Cybersecurity Analyst
Sic Lazaro
05.2015 - 05.2017
University of Port Harcourt
Bachelor of Science from Human Anatomy
University of Essex
Post Graduate Certificate from cyber security
Osarodion Samuel Tolofari