MOHAMMED ORUNSOLU

CYBERSECURITY PROFESSIONAL
Security Operations | Penetration Testing | Vulnerability Assessment
mohammedorunsolu@gmail.com | linkedin.com/in/mohammedorunsolu/ | github.com/MDPorsch
Ibadan, Oyo Nigeria
Top Technical Skills
Penetration Testing
95%
Security Operations
90%
Bash Scripting
88%
Network Security
92%
Vulnerability Assessment
89%
Cloud Security (AWS)
85%
Linux/Windows Admin
87%
OBJECTIVE STATEMENT

Cybersecurity professional with hands-on expertise in security operations, vulnerability assessment, and penetration testing, driven by a passion for breaking things to make them stronger. I build, test, and automate, from deploying integrated SOC stacks to executing full-stack penetration tests in my home lab. I thrive at the intersection of offensive and defensive security, and I am actively seeking an opportunity to bring this hands-on mindset to a forward-thinking team where I can contribute from day one and grow into an elite security professional.

CORE SKILLS & COMPETENCIES
  • Vulnerability Assessment, Penetration Testing & Ethical Hacking
  • Security Operations (SOC, SIEM, Incident Detection & Response)
  • Network Security & Traffic Analysis (Suricata, IDS/IPS)
  • Web Application & Offensive Security (Metasploit, Burp Suite, SQL Injection, XSS)
  • Cloud Security & Identity & Access Management (IAM)
  • Scripting, Automation & OS Proficiency (Bash, Linux, Windows)
  • Firewall Configuration, SSH Hardening & Risk Management

PROFESSIONAL ATTRIBUTES: Problem Solving, Discretion in Confidential Matters, Communication, Reliability, Cross-Functional Collaboration, Adaptability, Continuous Learning.

HOME LAB & PRACTICAL EXPERIENCE
  • Built and deployed a fully integrated SOC STACK (Wazuh, Suricata, VirusTotal) with automated threat detection, real-time alerting and active response scripting
  • Conducted EXPLOIT-DRIVEN VULNERABILITY ASSESSMENTS on Metasploitable & DevGuru, and performed a full-stack penetration test on VulnBank.org covering reconnaissance, business logic and API exploitation
  • Demonstrated POST-EXPLOITATION TECHNIQUES including PostgreSQL reverse shell, C2 session pivoting, lateral movement, SSH exploitation and Metasploit attack & defence simulation
  • Executed WEB APPLICATION ATTACKS covering SQL injection, XSS, session hijacking and brute force in hands-on lab environments
  • Performed NETWORK ENUMERATION & STEALTH ANALYSIS focused on detection thresholds and vulnerability discovery
  • Built an AUTOMATED SECURITY MONITORING TOOLKIT using Bash scripting and configured SSH hardening & firewall rules
WORK EXPERIENCE
Information Security Lead
Verixar Ltd. London, UK | Present

Built and implemented the company's information security programme from the ground up in a seed-stage InsurTech startup operating in the customer data verification and fraud prevention space.

Key responsibilities and achievements:

  • Designed and authored the company's full security documentation suite including the Information Security Policy, Cyber Incident Response Plan, Business Continuity and Disaster Recovery Plan, and Cyber Security Risk Register
  • Conducted a comprehensive vendor due diligence response addressing Oakley Capital's IT security, data protection, and AI governance questionnaires across 54 individual requirements
  • Leading the company's NCSC Cyber Essentials certification programme — mapping controls across firewalls, secure configuration, access control, malware protection, and patch management
  • Implemented MFA across all company accounts and platforms including GitHub, Vercel, Railway, Namecheap, and Private Email for all four team members
  • Established device security standards across a BYOD environment covering full disk encryption, screen lock policies, and DNS-level malware filtering via Cloudflare
  • Produced and delivered the company's first security awareness training session to all staff covering phishing recognition, password hygiene, and incident reporting
  • Created a Vendor Security Questionnaire and onboarding framework to assess third-party suppliers before granting system access
  • Developed a Cyber Essentials Evidence Log tracking all implemented controls across the five certification areas with supporting documentation and proof
  • Advised the founding team on GDPR obligations as a B2B data processor for regulated insurance clients, including data flow mapping and sub-processor management
EDUCATION AND CERTIFICATIONS
TS Academy | Cybersecurity Program
Nov 2025 — April 2026

Intensive program covering network security, ethical hacking, digital forensics, and security operations through hands-on labs and real-world simulations

Certificate of Completion Issued 2026

GoMyCode | Cybersecurity Bootcamp — CompTIA Security+ 701
Dec 2025 — Feb 2026

Covered foundations of IT for cybersecurity, general security concepts, threats, vulnerabilities and mitigations, security architecture, security operations, and security program management and oversight

Certificate of Completion Issued 2026

Coursera | Google Professional Cybersecurity Certificate
2025

Completed 9-course professional program covering foundations of cybersecurity, risk management, network security, Linux & SQL, threat & vulnerability analysis, detection & response, Python automation, and cybersecurity job readiness

Amazon Web Services (AWS) | Cloud Practitioner Essentials
2026
CompTIA | Security+ (SY0-701)
In View
Federal University of Technology Akure (FUTA) | B.Tech
Graduated 2023