Olu Taiwo

Cybersecurity Leader | Incident Response & Threat Hunting Expert | Pen-Testing, Cloud Security & SIEM Specialist | Driving Zero Trust & SOC Maturity

Houston, Texas, United States

About

I am a Cybersecurity Leader with 10+ years of experience protecting global enterprises, financial institutions, and Fortune 500 organizations from advanced cyber threats. My background spans incident response, threat hunting, penetration testing, cloud security, digital forensics, SOC leadership, and Zero Trust transformation. Across roles at Cisco, JPMorgan Chase, Dell Technologies, and DXC, I’ve led high-impact security teams, built enterprise-grade detection and response programs, and delivered measurable improvements in risk reduction, compliance, and operational resilience. I specialize in: Incident Response & DFIR: Memory, disk, malware, network forensics, RCA, IOC development Penetration Testing & VAPT: Exploit development, privilege escalation, red-team simulations SIEM & XDR Leadership: Splunk, QRadar, ArcSight, CrowdStrike, SentinelOne Cloud Security (AWS): GuardDuty, Security Hub, IAM hardening, misconfiguration detection Zero Trust & SOC Maturity: Identity-centric controls, policy engineering, automation Frameworks & Compliance: MITRE ATT&CK, NIST, ISO 27001, PCI-DSS, HIPAA, GDPR I’m recognized for my ability to balance technical depth with strategic vision—collaborating with executives, engineers, and cross-functional stakeholders to strengthen security posture and align cybersecurity initiatives with business priorities. I bring a passion for building resilient systems, leading incident response under pressure, and mentoring teams to stay ahead of evolving threats. If you're looking for a cybersecurity leader who can solve complex problems, drive enterprise security strategy, and elevate operational excellence, let’s connect.

Experience

  • Cybersecurity Team Lead at Cisco
    Sep 2022 - Present · 3 yrs 11 mos

    • Led the cybersecurity team in executing Vulnerability Assessment & Penetration Testing (VAPT) across networks, applications, and cloud environments, identifying critical vulnerabilities and improving overall security posture by 30%. • Directed advanced penetration testing operations, simulating real-world attack scenarios to uncover exploit paths, privilege escalation opportunities, and configuration flaws. • Oversaw enterprise-wide SIEM monitoring using Splunk, QRadar, and ArcSight, correlating multi-source logs to proactively detect sophisticated threats and ensure continuous compliance with NIST and ISO 27001 standards. • Managed EDR/XDR security operations with CrowdStrike, implementing hardened detection and prevention policies that reduced alert fatigue by 90% and strengthened endpoint resilience. • Led the team in daily incident response operations, performing triage, containment, eradication, and post-incident forensics using MITRE ATT&CK and Cyber Kill Chain methodologies. • Conducted in-depth malware, memory, disk, and log forensics to identify attacker techniques, lateral movement, persistence mechanisms, and root cause of high-severity breaches. • Directed continuous vulnerability management using Nessus, Qualys, and Tenable, prioritizing remediation efforts based on CVSS scoring, exploitability, and business impact. • Architected and maintained enterprise network defenses using Palo Alto Firewalls, Cisco ASA, Snort IDS/IPS, and Cloudflare WAF, achieving 99.9% network uptime while blocking high-risk threats. • Championed and implemented Zero Trust security architecture, reducing insider threat exposure by over 60% and improving identity-based access controls across the organization. • Oversaw secure cloud governance in AWS using Security Hub, GuardDuty, CloudWatch, and IAM configuration reviews to protect workloads from misconfigurations and malicious activity.

  • Manager- Technology, Risk Advisory, & Cybersecurity (TRAC)- Pen-testing & Incident Response at Citrin Cooperman
    Feb 2021 - Sep 2022 · 1 yr 8 mos

    • Assisted with scoping prospective engagements and participating in investigations from kickoff through remediation. • Documented technical issues identified during security assessments utilizing standard CWE and CVSS classifications. • Developed comprehensive and accurate reports and presentations for both technical and executive audiences. • Worked with security and IT operations at clients to implement remediation plans in response to incidents. • Interacted with customers collaboratively, in a consultative manner, to deliver results and provide feedback and remediation recommendations on vulnerability and penetration testing findings. • Effectively communicated investigative findings and strategy to client stakeholders, including technical staff, executive leadership, and legal counsel. • Conducted host forensics, network forensics, log analysis, and malware triage in support of incident response investigations. • Conducted large-scale investigations and examined endpoint and network-based sources of evidence. • Recognized and codified attacker tools, tactics, and procedures as indicators of compromise (IOCs) that can be applied to current and future investigations. • Generated new business opportunities by participating in market-facing activities and developing thought leadership materials, hosting roundtables and webinars, speaking at conferences, attending conferences, and drafting proposals. • Worked independently to manage client engagements and deliverables while consistently meeting project and customer deadlines • Stayed current on emerging security threats, attack vectors, and offensive techniques to enhance testing methodologies and advisory recommendations • Performed advanced penetration testing across diverse applications, networks, and cloud environments to identify high-impact vulnerabilities • Identified and exploited complex security weaknesses, delivering actionable remediation guidance to reduce client risk exposure.

  • Incident Responder at JPMorganChase
    Jan 2020 - Jan 2021 · 1 yr 1 mo

    • Neutralized high-severity threats by analyzing alerts from firewalls, IDS/IPS, antivirus, EDR, and multi-source telemetry, ensuring rapid containment across critical banking systems. • Detected emerging threats through continuous real-time security monitoring, escalating both known and unknown attack patterns targeting financial infrastructure. • Executed full lifecycle incident response—triage, containment, eradication, recovery, and post-incident validation—to significantly reduce MTTR. • Engineered enhanced threat response playbooks and procedures, improving SOC efficiency, detection accuracy, and response velocity. • Correlated internal logs, security alerts, and threat intelligence feeds to determine threat severity, impact, and adversary intent. • Collaborated with security, network, and application teams to remediate vulnerabilities, close incidents quickly, and meet strict SLA deadlines. • Mitigated DDoS and WAF-related threats using Cloudflare protections, maintaining uptime and safeguarding application integrity. • Documented detailed RCAs, IOCs, attacker TTPs, and lessons learned to strengthen future detection and response capabilities. • Communicated clear incident summaries and threat briefings to leadership, enabling informed security decision-making and risk reduction. • Tracked incident progress through Remedy, ensuring accurate documentation and supporting audit readiness. • Administered and monitored security operations tools, endpoint security platforms, and network defense technologies to maintain a hardened security posture. • Researched and responded to vulnerabilities, correlating CVEs with exploitability and operational impact to recommend prioritized remediation measures.

  • Cyber Security Analyst at Dell Technologies
    Aug 2017 - Dec 2019 · 2 yrs 5 mos

    • Led weekly POA&M management meetings with stakeholders, ensuring alignment and progress tracking, while delivering actionable milestone reports to senior management. • Investigate and document threat actor tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK and Cyber Kill Chain. • Leveraged SentinelOne autonomous detection and rollback capabilities to eradicate malware and restore affected systems. • Investigated network intrusions using Snort IDS, analyzing packet payloads for malicious signatures and evasion patterns. • Neutralized endpoint intrusions using CrowdStrike Falcon, isolating compromised hosts and performing process-level forensics to contain threats. • Reduced attack surface using Nessus, validating critical vulnerabilities and driving immediate remediation across servers and applications. • Improved patch prioritization through Tenable.io, applying CVSS scoring and exploit insights to target high-risk weaknesses first. • Lead third-party risk assessments for vendors, ensuring compliance with policies and regulatory requirements such as HIPAA and GDPR, minimizing vendor-related security risks by 15%. • Enhanced Security Assessment Reports (SARs) by refining documentation processes, reducing post-audit findings by 30%.

  • Security Analyst at DXC Technology
    Aug 2015 - Jul 2017 · 2 yrs

    • Conducted access reviews and enforced least privilege through Active Directory and Azure role-based access controls (RBAC). • Managed and optimized the CrowdStrike Falcon EDR platform by refining detection rules and threat intelligence feeds, reducing incident response time by 40%. • Implement and maintain firewalls and IDS/IPS solutions to protect the organization’s perimeter and internal networks. • Managed and monitored VPN connections (IPSec, SSL) and network configurations (DNS, DHCP, VLANs, LAN/WAN) to maintain secure connectivity. • Administered and optimized firewall security policies on Cisco ASA and Palo Alto Networks to control and secure data traffic. • Investigated attack patterns, mapped adversary behaviors to MITRE ATT&CK, and recommended security improvements. • Utilize SIEM tools like Splunk, ArcSight to monitor and correlate security logs, detecting potential vulnerabilities and malicious activity. • Assisted with support in vulnerability management. Applied knowledge of common vulnerability frameworks, such as CVSS and OWASP Top 10, to evaluate the severity and impact of vulnerabilities.