Favour Sobechi Opara

I'm a Cybersecurity professional

About

I'm a dedicated cybersecurity analyst with a profound expertise in Risk management. This usually involves risk identification, analysis, mitigation, and monitoring. I've had experience in managing risk within complex IT infrastructure. They include networks, applications, cloud, backups, Hyperconverged infrastructure, and datacenters. Risk management is conducted to protect the confidentiality, integrity, and availability of sensitive data by conducting risk assessments on these complex infrastructures using a dedicated live checklist. The checklist highlights risk that might emerge from process owners, application and database servers, domain controllers, and end users. It also highlights risks that might emerge if certain controls hasn't been implemented. These controls include (but are not limited to) WAF, perimeter and host firewall configurations, implementation of Privilege Access Management (PAM), Database Activity Monitoring (DAM), File Integrity Monitoring (FIM) Security Information and Event Management (SIEM), and Network Access Control (NAC). I coordinate and maintain a register containing risk exceptions raised against responsible stakeholders. These risks emanates from risk assessment and KRI (Key Risk Indicators or risk monitoring) carried out on monthly basis on all applications and IT processes used in the organizaton. With a strong focus on risk management and a commitment to upholding the highest standards of data security using ISO 27001, 22301, and PCIDSS standards, I am dedicated to ensuring the continued safety and compliance of people, process, and technology in the organization. I also ensure all stakeholders are actively involved in remediating discovered threats and vulnerabilities. My reports are usually seen by top management to make informed decision in the direction of the company.

Cybersecurity professional & Risk management.

Favour is a focused and hardworking individual with a keen eye for detail. He is a certified ISO 27001 Implementer. He has also attained his CompTIA Security+ and ISC2 CC certification. He is a trained network adminsitrator in accordance to the CompTIA Network+ standards.

  • Birthday: 20th January
  • Website: www.favouropara.github.io
  • Phone: +44 7392 982752
  • City: Sunderland, United Kingdom
  • Age: 26
  • Degree: Msc. Cybersecurity
  • Email: favouropara48@gmail.com
  • Availability: Always available

You can reach me by sending an email, calling, or sending a message using the text box at the bottom of this page. It'll be redirected to my email automatically.

Trainings completed Networks, security, virtualization, cloud.

Projects PCIDSS audit, ISO auditing, Risk reports, KRI reports, Vuln. analysis, KRI reports, Change mgt, firewall setup, router setup, switch setup.

Support Customer support

Stakeholders Security Eng., Network Sec., IS Control, Access mgt, System admin, Server mgt., Digital delivery.

Skills

Skills acquired from my work experience. Subject to change as I progress.

Risk management 100%
Rapid7 (InsightVM, Appspider, CTI) 90%
Networks and network security 75%
PAM (Thycotic Secret Server, Beyondtrust) 80%
IBM Guardium (DAM) 90%
Tripwire (FIM) 50%
Qradar / Sentinel / Seceon ASIEM (SIEM) 40%
Technical reporting 100%
Microsoft products (MDATP, Office 365, Power BI, active directory) 80%
Crowdstrike Falcon (AD Security) 60%
VSphere client (Hyperconverged Infrastructure) 50%
System administration (Group policies, SCCM, Domain management) 60%

Resume

The list below showcases where I attained all my work experiences.

Summary

Favour Sobechi Opara

Innovative and 2+ years experienced cybersecurity analyst with a focus on Risk management. .

  • SR4 7BB 68 Hylton road, Sunderland UK.
  • +44 7392 982752
  • favouropara48@gmail.com

Education

Master of Cybersecurity

2024 - 2025

University of Sunderland, Sunderland UK.

GRC, Secure coding, cryptography, Identity and Access management, network security

Bachelor of Mechanical Engineering

2014 - 2019

Landmark University, Nigeria.

Mechatronics, thermodynamics, automobile engineering, optimization research

Professional Experience

IT Risk analyst

2022-2024

Fidelity Bank Plc, Nigeria.

  • Periodically conducted risk assessment on critical iT infrastructure in line with best practices.
  • Developed strategies to mitigate risks during stakeholders engagement. This was followed up with risk monitoring to ensure controls implemented are performing as they should.
  • Ensured all IT and business process aligns with regulatory requirements such as GDPR, PCIDSS, and ISO 27001.
  • Periodically conducted risk monitoring exercises (Key Risk Indicator) on implemented controls such as PAM, DAM, SIEM, FIM, MDATP, AD Security, Beyondtrust, firewalls, and NAC.
  • Effectively kept a well documented risk register, and followed up with respective teams on remediating risk exceptions raised against them to ensure risks are reduced before quarterly board meetings.
  • Participates in root cause analysis during forensic investigation with CISO, CIO, and CTO and other security professionals.
  • Conducts change management review on Business Requirement Documents (BRD) and project charters and ensures all risks associated with changes made in the Bank are treated before go-live.
  • Ensures full involvment in any new implementation in the Bank and reports on these projects to my supervisor.

Portfolio

My portfolio includes my reports on risk assessments I've carried out. They all link to my google drive, and can be reviewed. However for confidentiality reasons, information regarding evidences, server names, and stakeholders will be not disclosed in the report.

  • All
  • Risk assessment reports
  • Key risk indicators
  • Change management
  • Risk register

Virtual infrastructure

A dive into the risk assessment I carried out on the Vsphere Client

External intrusion prevention

Monitoring controls to prevent external intrusion

Risk assessment on new implementation (Third-party)

Carrying out an assessment on a new change

Risk assessment register

To ensure stakeholders treat risk exceptions

Datacenter Infrastructure

Review my assessment on Mainone and Rack center datacenters

Database monitoring

Monitoring activities in the database servers

Risk assessment of a Change upgrade (on-premise)

Carrying out an assessment of a change upgrade

KRI register

Risk monitoring register

Social media platforms

What attracts customers must also be secure to prevent defamation.

Privilege access management

monitoring the Management of privilege access to critical servers

Windows upgrade change

Risk assessment on change process involving Windows OS server upgrades

Contact

You can reach me either through email or phone. These are listed below.

Address

68 Hlyton road, Sunderland UK. SR4 7BB

Call me

+44 7392 982752

Email me

favouropara48@gmail.com

Loading
Seems an error occurred
Your message has been sent. Thank you!