Raymond Agyemang

Work Experience

Security Analyst, National Audit Office (NAO) (July 2021 -)     

• Collaborated with the Information Security team in order to ensure compliance with Information Security standards and controls.
• Clear concise reporting on the security of IT systems.
  • Identified and assessed risk in accordance with the NAO Risk Management Framework. 
  • Leveraged Threat Intelligence feeds to maintain awareness of global security threats, vulnerabilities and collaborated with other teams to mitigate risk and maintain/improve the organisational security posture.
  • Maintained awareness of security industry best practice in order to drive continuous improvement within the organisation, particularly in the area of cyber security.
  • The delivery and day-to-day management of key technical security controls across the organisation to ensure that security posture is effectively managed in line with enterprise risk appetite. 
  • Maintained vigilant security monitoring of the IT estate and the execution of agreed upon protocols and processes in a consistent and timely manner when security issues arose. 
  • Assisted with the continuous development and continuous improvement of the security policy, process, standards and tools
  • Provided technical expertise in support of internal security designs, projects and activities.
  • Working with cloud technology – including IaaS, PaaS, SaaS and hybrid cloud environments
  • Use of Identity & Access Management platforms (such as Azure Active Directory) & Threat Protection tools (such as Defender ATP, Office 365 ATP and Cloud App Security)
  • Use of Security Incident & Event Management (SIEM) platforms such as Azure Sentinel & Vulnerability Management tools such as Tenable & Qualys

IT Security Specialist, Sedgwick (January 2021 – July 2021)     

• Analysing and investigating security incidents and phishing alerts
• Conducts research of emerging security threat
• Ran an internal penetration test and offered remediation
• Maintain great working relationships with infrastructure and other teams
• Working and supporting the security operations teams across the organisation with the monitoring for attacks and intrusions and supporting the mitigation efforts for attempted/identified breaches and vulnerabilities 
• Use of Carbon Black to approve files and to create rules. 
• Use of Darktrace to investigate module breaches.
• Configured and troubleshooted IT Security infrastructure devices
• Monitored dashboards for any security breaches
• Undertaking activities to identify, monitor and address security weaknesses, threats and vulnerabilities, conducting vulnerability assessments and analysing resulting risks and issues to help secure the technology infrastructure

Technical Specialist – Cyber and Computing, Staffordshire University (September 2020 – January 2021)     

• Provided effective technical support and advice to staff and students specialising in Cyber Security 
• Assisted with the planned maintenance, repair and servicing
• Provided technical support for research projects
• Provided security expertise and guidance in support of security assessments
• Provided specialist advice and guidance in the setting up of labs, workshops and studios for timetabled teaching sessions, open access, research, open days, Schools and College events.
• Performed security assessment on the applications, web sites, web applications to determine the security posture.
• Worked with project teams to help implement internal systems
• Taught a module on python
• Conducted presentations on the Essentials of Cyber Security on behalf of the Department of Technology. This included presenting to multi-stakeholders in order to build partnerships.

Security Engineer, Addison Lee (June 2019 – September 2020)     

• Conducting IT audit assessments for systems or applications as required and recommend solution on how to mitigate risk.
• Issuing access privileges to new users and modifying privileges for existing users.
• Administration of Active Directory Users and Computers
• Carried out day to day maintenance, administration and support on all computer systems as per the daily operations check list.
• Provided security expertise and guidance in support of security assessments
• Created Security awareness training for new employers and existing employers
• Performed security assessment on the applications, web sites, web applications to determine the security posture.
• Worked with project teams to help implement internal systems
• Monitored and responded to Cyber Security threats
• Use of Mimecast to monitor spam emails
• Use of Splunk for log analysis and management
• Use of Nessus to scan vulnerabilities 

Analyst, University College London (UCL) (Feb 2019 – May 2019)

·     Providing IT support and advice over the phone, via the Service Desk Portal through email and in person.

       ·      Part of team that provided IT support to 38000 students and 13000 staff.

       ·      Resolved up to 50 tickets a day over the phone  

       ·      Configuring and troubleshooting remote issues.

       ·      Performed risk assessments to help create optimal prevention and management plans 

       ·      Visiting University Student Centre and providing IT support 

       ·      Analysing security and log data to identify potential threats or weaknesses.

Junior Security Analyst, Tagadab LTD 2017 - 2018

·      Dealing with enquiries both face to face and via the telephone

       ·      Assisted in creating information security policies and procedures

       ·      Configuring Control panels like Plesk and WHM   

       ·      Liaised with stakeholders in relation to cyber security issues and provided recommendations

• Tested and evaluated security products

Security Analyst, Olympic City 2015 – 2019 (Part-time)

·      Information Security system policies, plans, and baselines were developed and reviewed.

       ·      Reviewed Security logs to ensure compliance with policies and procedures.

       ·      Assisted in the development of an information security continuous monitoring strategy to help in maintaining an ongoing awareness of security.   

       ·      Liaised with stakeholders in relation to cyber security issues and provided recommendations

Desktop Support Engineer, Ocean Intelligent Communications (2014-2016)

·       Active Directory Administration (Setting/Removing Users, Password Resets)

       ·      Microsoft Exchange Administration (Configuring Email Addresses, Distribution Groups)

       ·      Installed and configured computer hardware systems and IT software  

       ·      Using HTML and CSS to update websites 

       ·      Participated in software testing and other quality assurance activities 

       ·      Monitored IT networks to maintain availability to internal and external users 

       ·      Develop and implement tasks from Jira

       ·      Maintained and updated assets by ensuring asset tags are attached to equipment where appropriate and associating configuration items to the appropriate users