SHEKU KOROMA
Freetown
Summary
Goal-oriented IT professional with significant success in planning, analyzing and implementing of security plans and initiatives. Excel in developing comprehensive, secure network designs and systems.
Overview
6
6
years of professional experience
1
1
Certification
Work History
Cyber security Analyst
Sierra Leone Commercial Bank
03.2023 - Current
- No medium, high or critical vulnerability management findings from Internal and external audits and examinations
- Evidence of continuous tracking and follow up on remediation of vulnerabilities found in IT systems
- Vulnerability scans performed as per the annual vulnerability assessment work plan
- Evidence of log review to identify misuse of network resources or attempts to breach security protocols
- Evidence of monitor review of network communication devices (Firewall, routers and switches)
- No medium, High or critical internal audit finding for network security review
- To prepare incident register log sheet
- All reported security incidents are followed through to closure
- Record and report security incidents based on the BSL guidelines
- Proper documentation of all security incident base on the bank policy and procedure and base on regulatory guidelines
- To ensure 95% of computers are up-to-date with anti-malware solution
- To ensure that all computer and servers have anti-malware solution
- Conduct monthly APIs Scan for vulnerability
- Review Firewall rules
- Monitor all APIs and prepare report to management.
Head of Cyber Security
Access Bank PLC, Sierra Leone
06.2021 - 02.2023
- Threat Intelligence gathering using open-source tools; providing actionable threat advisories to IT stakeholders
- Vulnerability Management of the organization’s servers and key applications through performance of periodic vulnerability scans and provision of remediation actions
- Periodic threat hunting activities to identify presence of security threats or IOCs gathered from threat intelligence
- Patch Management of workstations and server’s deployment using WSUS and compliance tracking using ForeScout
- Incident Response and investigation of security breaches and escalated incidents from the SOC and EDR
- Drafting Standard Operating Procedure (SOP) documents and technical reports
- API Testing and Scanning
- Security monitoring to detect and prevent intrusions, compromise, or unauthorized activity
- Driving compliance to industry standards including PCIDSS and ISO 27001 by ensuring requirements are in place
- Review firewall rules for the organization
- Conduct ASV scan
- Review Active directory as best practise
- Review users access right
- Monitor SIEM solution in the organization
- Monitor license application use in the organization
- Setting information security Management goals
- Present security issues to management
- Monthly prepare security report to top management.
System Administration
Zenith Bank Sierra Leone
12.2018 - 05.2021
- Configuration Cisco Router and Switches Forensic Investigation and Email Analysis
- Setup and maintaining user administration account in the bank
- Configure new server for the
- Creating new users on Active Directory (AD)
- Configure new users on Bank application
- Monitor the network performance in the bank
- Configure new Atm for the Bank
- Monitor the ATM performance in the bank.
Education
MBA in Information Technology Management -
Dr. D.Y. PATIL VIDYAPEETH PUNE
01.2022
MBA in Information Technology Management -
Dr. D.Y. PATIL VIDYAPEETH PUNE
01.2022
BSc. Hons In Business and Information Technology Second Class lower division) -
Njala University
05-2016
BSc. Hons In Business and Information Technology Second Class lower division) -
NjalaUniversity
01.2016
Skills
- Network Security
- Access Control
- Patch management
- Compliance Monitoring
- Intrusion Detection
- Cybersecurity frameworks
- Application security
- Incident Response
- Anomaly Detection
- User Awareness Training
- Endpoint Protection
- System Hardening
- Public Key Infrastructure
- Database Security
- Threat Intelligence
- Security policy development
- Log Analysis
- Secure Network Design
- Security Architecture
- Wireless Security
- Software licenses and patches
Certification
- CompTIA Network+ (2021)
- CompTIA Security+ (2022)
- Lead Auditor in Information Security Management System (ISO 27001) (2022)
- Certified Cyber Security Analyst (2024)
Projectsexecuted
- Vulnerability Assessment and Penetration Testing for a Access Bank Sierra Leone internal network
- Vulnerability Assessment and Penetration Testing for Zenith Bank Sierra Leone Internal Network
- ISO 27001 Certification
- PCI-DSS Certification
Training
- ISO 22301:2012 Business Continuity Management (2022)
- ISO 27001:2013 Information Security Management (2022)
- PCI-DSS (2022)
Timeline
Cyber security Analyst
Sierra Leone Commercial Bank
03.2023 - Current
Head of Cyber Security
Access Bank PLC, Sierra Leone
06.2021 - 02.2023
System Administration
Zenith Bank Sierra Leone
12.2018 - 05.2021
MBA in Information Technology Management -
Dr. D.Y. PATIL VIDYAPEETH PUNE
MBA in Information Technology Management -
Dr. D.Y. PATIL VIDYAPEETH PUNE
BSc. Hons In Business and Information Technology Second Class lower division) -
Njala University
BSc. Hons In Business and Information Technology Second Class lower division) -
NjalaUniversity
- CompTIA Network+ (2021)
- CompTIA Security+ (2022)
- Lead Auditor in Information Security Management System (ISO 27001) (2022)
- Certified Cyber Security Analyst (2024)
Similar Profiles
Abdul KuyatehAbdul Kuyateh
Junior Financial Analyst at Sierra Leone Commercial BankJunior Financial Analyst at Sierra Leone Commercial Bank
Claudius WilliamsClaudius Williams
Banker at Sierra Leone Commercial Bank LtdBanker at Sierra Leone Commercial Bank Ltd
Gibrilla Elisha ContehGibrilla Elisha Conteh
Administrative and Finance Officer at African Development BankAdministrative and Finance Officer at African Development Bank