About
Highly accomplished Senior Application Security & DevSecOps Engineer with over 6 years of expertise in integrating robust security measures across the SDLC and CI/CD pipelines. Specializes in securing cloud-native applications, vulnerability management, penetration testing, and API security. Leverages strong proficiency in AWS, Azure, Terraform, Docker, and Kubernetes to drive security automation and ensure comprehensive protection for complex systems.
Work
Remote, N/A, N/A
→
Summary
Leads advanced DevSecOps and Application Security initiatives, embedding robust security practices into the software development lifecycle for enhanced system integrity and compliance.
Highlights
Integrated and optimized SAST/DAST tools, including SonarQube and OWASP ZAP, into CI/CD pipelines (GitHub Actions, Jenkins), enhancing automated vulnerability detection by an estimated 30%.
Directed comprehensive application penetration testing efforts, identifying critical vulnerabilities and coordinating remediation strategies to significantly reduce attack surface.
Engineered and deployed advanced API security solutions, including OAuth2, API key rotation, and WAF protections, safeguarding critical data and preventing unauthorized access.
Managed and enforced cryptographic standards utilizing AWS KMS and device certificates, ensuring robust data encryption and compliance with industry regulations.
Remote, N/A, N/A
→
Summary
Specialized in designing and implementing secure, multi-cloud DevOps solutions, focusing on infrastructure automation and robust security posture management.
Highlights
Designed and deployed secure multi-cloud workloads across AWS and Azure environments, implementing hardened IAM policies to minimize access risks and enhance security posture.
Automated infrastructure provisioning and configuration management using Terraform and Ansible, integrating HashiCorp Vault for secure secrets management to improve operational efficiency by 25%.
Conducted regular vulnerability scanning and compliance reporting across cloud infrastructure, identifying and addressing security gaps to maintain regulatory adherence.
Lagos, Lagos, Nigeria
→
Summary
Developed secure iOS applications with a strong focus on application security, integrating robust authentication and encryption for fintech transactions.
Highlights
Developed and secured APIs with advanced authentication mechanisms, including OAuth2 and JWT, to protect sensitive financial data for iOS applications.
Integrated Jenkins and Fastlane pipelines with automated security checks, streamlining the secure delivery of iOS applications and reducing deployment vulnerabilities by 15%.
Enforced strong encryption-in-transit and at-rest protocols for all fintech transactions, ensuring data integrity and compliance with financial security standards.
Certificates
Skills
Application Security
Vulnerability Scanning, Penetration Testing, SAST/DAST, API Security, Cryptography, HSMs, Secrets Management.
Cloud Security
AWS, Azure, Cloud-Native Security, IAM Policies.
DevSecOps & Automation
Terraform, Ansible, Jenkins, GitLab CI/CD, GitHub Actions, Docker, Kubernetes, Security Automation.
Programming & Scripting
Python, C#, Java, OAuth2, JWT.