Victor Akinmoyero - CISM, PMP, MSc., MBA

GRC Analyst at SRG Security Resource Group Inc
  • Claim this Profile
Contact Information
us****@****om
(386) 825-5501
Location
Saskatoon, Saskatchewan, Canada, CA

Topline Score

Topline score feature will be out soon.

Bio

Generated by
Topline AI

You need to have a working account to view this content.
Join now
You need to have a working account to view this content.
Join now

Credentials

  • CISSP Cert Prep (2021): 3 Security Architecture and Engineering
    LinkedIn
    Dec, 2022
    - Sep, 2024
  • CISSP Cert Prep (2021): 4 Communication and Network Security
    LinkedIn
    Dec, 2022
    - Sep, 2024
  • CISSP Cert Prep (2021): 5 Identity and Access Management
    LinkedIn
    Dec, 2022
    - Sep, 2024
  • CISSP Cert Prep (2021): 6 Security Assessment and Testing
    LinkedIn
    Dec, 2022
    - Sep, 2024
  • CISSP Cert Prep (2021): 7 Security Operations
    LinkedIn
    Dec, 2022
    - Sep, 2024
  • CISSP Cert Prep (2021): 1 Security and Risk Management
    LinkedIn
    Nov, 2022
    - Sep, 2024
  • CISSP Cert Prep (2021): 2 Asset Security
    LinkedIn
    Nov, 2022
    - Sep, 2024
  • Certified in Cybersecurity (CC)
    (ISC)²
    Apr, 2023
    - Sep, 2024
  • Architecting Microsoft Azure Solutions
    Microsoft
  • Certified Information Security Manager (CISM)
    ISACA
  • CompTIA A+
    CompTIA
  • CompTIA Security+
    CompTIA
  • ITIL v4
    AXELOS Global Best Practice
  • Microsoft Certified Solutions Associate (MCSA)
    Microsoft
  • Microsoft Certified Systems Administrator: Data Engineering with Azure
    Microsoft
  • Project Management Professional (PMP)
    Project Management Institute
  • Upgrading Your Skills to MCSA: Windows Server 2016
    Microsoft

Experience

  • SRG Security Resource Group Inc
    • Canada
    • Security and Investigations
    • 1 - 100 Employee
    • GRC Analyst
      • May 2022 - Present

      • Conduct comprehensive assessments of Clients cybersecurity controls against the NIST CSF framework.• Evaluate the effectiveness and maturity level of controls based on the NIST CSF Control Categories: Identify, Protect, Detect, Respond, and Recover.• Analyze current security practices, policies, and procedures to identify gaps and areas for improvement.• Provide recommendations and guidance on remediation strategies to address identified control deficiencies.• Track and monitor progress on control implementation and remediation efforts.• Conduct vulnerability assessments and penetration testing to identify potential security risks and vulnerabilities.• Complete walkthroughs and testing for all SOC 2 controls, ensuring compliance with industry standards.• Manage customer audits, including conducting customer discussions and working collaboratively with internal cross-functional teams to prepare for audits and address findings.• Collaborate with cross-functional teams and control owners to determine compliance with regulatory, contractual, and compliance requirements.• Maintain up-to-date knowledge of certifications and controls such as SOC 2, ISO 27001 / ISO 27018, NIST 900-53, FedRAMP, and IT SOX.• Collect and review evidence to ensure compliance with regulatory requirements, presenting evidence to auditors to demonstrate compliance.• Manage audits of services and solutions against frameworks such as ISO 27001, SOC 2, GDPR, and PCI-DSS, ensuring alignment and adherence to industry standards.• Support the design and implementation of organizational policies and risk assessments, providing valuable insights to enhance security posture.• Identify security risks through in-depth research and analysis, focusing on technology, architecture, policies, and standards, and provide recommendations for risk mitigation.• Participate in the planning and development of cybersecurity initiatives, policies, and designs to strengthen overall security posture. Show less

    • Security Analyst (SOC)
      • Nov 2021 - Apr 2022

      • Managed and operated SIEM platforms, overseeing the collection, correlation, and analysis of security events from various sources to identify potential threats and vulnerabilities.• Utilized advanced knowledge of SIEM and EDR technologies to perform in-depth analysis of security events and incidents, ensuring accurate detection and response to security threats.• Developed and implemented SOAR workflows and playbooks to automate incident response processes, resulting in increased efficiency and reduced response time.• Collaborated with internal teams and external vendors to optimize SIEM and EDR configurations, ensuring the collection of relevant security event data and timely response to incidents.• Conducted vulnerability assessments and scans using industry-standard tools to identify system weaknesses and provide recommendations for remediation.• Actively participated in security incident handling and investigation, applying incident response procedures to contain and mitigate security incidents.• Provided tier 2 support to resolve complex security-related issues, leveraging expertise in SIEM, SOAR, and EDR tools to identify root causes and implement effective solutions.• Assisted in the development and maintenance of security policies, procedures, and guidelines, ensuring compliance with industry standards and regulatory requirements.• Prepared detailed reports and documentation on security incidents, including root cause analysis, containment strategies, and lessons learned, to support knowledge sharing and continuous improvement efforts. Show less

  • TOP Group Technologies, Largo, MD
    • Information Security Specialist
      • Sep 2019 - Oct 2021

      • Conducted kick off meetings to collect systems information (information type, boundary, inventory, etc.) and categorize systems based on NIST SP 800-60, and other meetings related to SAP and OA. • Performed vulnerability assessment, ensured risks are assessed and appropriate actions are taken to mitigate or resolve each. • Conducted IT controls risk assessments including reviewing organizational policies, standards and procedures, as well as providing advice on their adequacy, accuracy and compliance with industry standards. • Collaborated with system owners, stakeholders, third party vendor partners to drive security awareness training & best practices to ensure the protection of corporate data. • Ensured all Security Authorization documentation for assigned systems remains accurate and up to date on a continuous basis, including, but not limited to, accurate and valid lists of assets (hardware/software), accurate boundary diagrams, accurate ports, and protocols, etc. • Compiled, updated, finalized, produced, and supported activities for IT Security Common Control Catalogs and related documentation including, but not limited to, Security Plans or other documents required. • Compiled, updated, finalized, and produced all FISMA documentation and associated artifacts as required by Client in a manner compliant with all Federal security requirements and policies. • Ascertained all FISMA documents are updated within 6 months of a new policy release. • Managed the Interconnection Security Agreements for all systems, including creation, tracking, and vetting. • Reviewed all ISSO provided documentation for accuracy and relevancy, provided follow-up to ISSOs to ensure documents are properly completed. • Prepared Security Assessment and Authorization (SA&A) packages to ascertain that management, operational and technical security controls adhere to NIST SP 800-53 standards. Show less

  • Bethel Marketing Services Limited
    • Senior Information Security Analyst
      • Apr 2016 - Dec 2018

      • Conducted security control assessments to assess the adequacy of management, operational privacy, and technical security controls implemented. Security Assessment Reports (SAR) were developed detailing the results of the assessment along with Plan of Action and Milestones (POA&M). • Developed system security plans to provide an overview of federal information system security requirements and described the controls in place or to meet those requirements. • Created and updated the following Security Assessment and Authorization (SA&A) artifacts; FIPS 199, Security Test and Evaluations (ST&Es), Risk Assessments (RAs), Privacy Threshold Analysis (PTA), Privacy Impact Analysis (PIA), E-Authentication, Contingency Plan, Plan of Action and Milestones (POAMs). • Prepared Security Assessment and Authorization (SA&A) packages to ascertain that management, operational and technical security controls adhere to NIST SP 800-53 standards. • Performed vulnerability assessment, making sure risks are assessed and proper, actions taken to mitigate them. • Conduct IT controls risk assessments including reviewing organizational policies, standards and procedures and providing advice on their adequacy, accuracy and compliance with industry standards. • Developed risk assessment reports. These reports identified threats and vulnerabilities. In addition, it also evaluates the likelihood that vulnerabilities can be exploited, assess the impact associated with these threats and vulnerabilities, and identified the overall risk level. Show less

Education

  • Saskatoon Business College
    Diploma, IT Networking and Administration
    2019 - 2020
  • The University of Manchester
    MSc, Innovation Management and Entrepreneurship Studies
    2012 - 2014
  • Obafemi Awolowo University
    Master of Business Administration - MBA, Human Resources Management/Personnel Administration, General
    2010 - 2012
  • Ogun State University
    Bachelor of Science - BS, Accounting Technology/Technician and Bookkeeping

Community

You need to have a working account to view this content. Click here to join now