Disclaimer: This information was obtained from publicly available sources online and is believed to be accurate at the time of publication. Valimates collects this information with proprietary technology and cannot guarantee the accuracy or completeness of the data. The purpose of the data is to inform the reader about the expertise of the individual and should not be used for any other purpose. Valimates does not have any affiliation with the individual.
Chidi Emetanjo
Technical Risk Manager | Application Security Consultant
at
The Depository Trust & Clearing Corporation (DTCC)
Chidi Emetanjo is a highly experienced cybersecurity professional with over 10 years of expertise in the field. Currently serving as a Technical Risk Manager and an Application Security Consultant at The Depository Trust & Clearing Corporation (DTCC), Chidi holds certifications in CISM, AWS Security Specialty, Generative Artificial Intelligence, Microsoft Azure, Scrum Master, Scrum Product Owner, and DevOps Generalist.
In their role, Chidi conducts offensive application testing, application threat hunting, and collaborates with development teams to generate vulnerability reports and offer remediation recommendations. They are also skilled in integrating risk and control processes. Chidi has a strong academic background in computer software engineering and information systems, and they are fluent in Yoruba. Additionally, they founded TechStars Meet, a community of tech enthusiasts and professionals sharing insights on emerging technologies such as blockchain and NFTs, and they have published articles and podcasts on these subjects.
Throughout their career, Chidi has consistently demonstrated their passion for conflict resolution, delivering excellence, and fostering long-term customer relationships. They are proficient in articulating complex technology concepts to diverse audiences, making them an invaluable asset in any cybersecurity team.
More about this expert
- Full name
- Chidi Emetanjo
- Location
- Irving, Texas, United States
- Title
- Technical Risk Manager | Application Security Consultant
- Industry
- Business Consulting and Services
- LinkedIn profile
- https://www.linkedin.com/in/chidi-emetanjo/
- LinkedIn Connections
- 2398
- Summary
- With over 10 years of experience in cybersecurity, I am currently serving as a Technical Risk Manager and an Application Security Consultant at The Depository Trust & Clearing Corporation (DTCC), the premier post-trade market infrastructure for the global financial services industry. I hold certifications in CISM, AWS Security Specialty, Generative Artificial Intelligence, Microsoft Azure, Scrum Master, Scrum Product Owner, and DevOps Generalist. My skills encompass Splunk Enterprise Security, Azure Sentinel, and DevSecOps. In my current role, I conduct DAST and SAST offensive application testing, perform application threat hunting, collaborate with development teams, generate vulnerability reports, and offer remediation recommendations. Additionally, I integrate risk and control processes. I possess experience in planning, managing, and conducting IT audits across various frameworks, regulations, and guidelines. Passionate about conflict resolution, delivering excellence, and fostering long-term customer relationships, I bring a strong academic background in computer software engineering and information systems. Proficient in articulating complex technology concepts to diverse audiences, I am also the founder of TechStars Meeta community of tech enthusiasts and professionals sharing insights and best practices on emerging technologies, including blockchain and NFTs. I have published articles and podcasts on these subjects and am fluent in Yoruba.
- Skills
- Mitre attack framework DevSecOps
Education
- International MBA Institute
-
MBA
Field of study: Management
Positions
-
The Depository Trust & Clearing Corporation (DTCC)
United States · Hybrid
-
Technical Risk Manager | Application Security Consultant
May 2023 - Present
● Performing offensive application testing against applications and
APIs..
● Conducting application threat hunting to evaluate risk to applications.
● Improved efficiency and reliability by streamlining and automating the
deployment process for Amazon ECS and EKS.
● Worked collaboratively with scrum teams focused on microservice
application development to simplify code deployments using Kubernetes
for container orchestration, resulting in enhanced release velocity and
increased reliability.
● Developed robust CI/CD pipelines for microservices, applications, and
their supporting components.
● Ensured consistency and efficiency in development practices by
implementing standardized CI/CD approaches across supported teams.
● Oversaw security requirements, including patching and compliance, while
maintaining existing security authorizations.
● Oversaw security requirements, including patching and compliance, while
maintaining existing security authorizations, with a strong emphasis on
GitLab and Sonatype Nexus for comprehensive security practices.
● Collaborated closely with scrum teams specializing in microservice
application development to simplify code deployments using Kubernetes
for container orchestration, leading to enhanced release velocity and
increased reliability. GitLab was instrumental in facilitating
collaboration and code management.
● Provided on-call support and incident response, using PagerDuty to
manage and resolve system alerts efficiently.
● Implemented blue-green and canary deployment strategies to minimize
downtime and reduce the risk of production issues during releases.
● Managed configuration as code using tools like Ansible and Terraform,
ensuring infrastructure consistency and reproducibility.
● Performing threat modeling.
-
S.C. Department of Health & Environmental Control
United States
-
Sr Security Analyst - Project Lead
Mar 2023 - May 2023
Responsibilities and duties involve planning, managing, and conducting
Information Technology audits and activities. I use various frameworks,
regulations, and guidelines such as COBIT, COSO, ISO, ITIL, and NIST to plan
and analyze IT systems. Assisted the Board and DHEC Management in
assessing and improving agency programs and operations by conducting routine,
special, and investigative audits. I work under limited supervision to ensure
the success of the project.
Selected Contributions:
● Developed data-driven insights to influence account and product security strategy, identifying new signals for anomaly detection.
● Compiled and tracked anomalous request patterns, providing potential mitigations for enhanced security.
● Planned and recommended changes to increase the security of the network and service stack.
● Analyzed error logs to quantify potential device-level vulnerabilities, identifying endpoints susceptible to exploitation.
● Developed characterizations of request attributes across diverse devices and client ecosystems to quantify potential automation
● Demonstrated passion for protecting customers and products through proactive security measures.
● Applied expertise in various fraud and abuse types, including DDoS, Account Takeover, and Ads fraud, to enhance security protocols.
● Utilized analytics tools such as SQL (Presto, sparkSql, python) and
● critical thinking to contribute to data-driven insights
-
Deloitte
Dallas, Texas, United States
-
Senior Consultant (SOC analyst Manager)
Jun 2021 - Mar 2023
Responsible for developing, administering, implementing, maintaining, and
evaluating security policies, and procedures for the protection of sensitive
material, facilities, and personnel throughout the Company. Provisioning and
de- provisioning users in Active Directory and other critical applications.
Participate in user training and resolving user access control issues, and be a
part of the IT Security Team in developing security policies and general IT
policies. Assist in ongoing efforts to transition the IT infrastructure from a
manual-based system to a fully automated platform.
Selected Contributions:
● Performed analysis of security incidents, vulnerability, and threat
identification, and conducted remediation to improve existing processes and
procedures.
● Coordinated and facilitated Security Control Assessment (SCA) and Independent
Verification and Validation (IV&V) activities while creating and maintaining
the associated documentation.
● Communicated with all levels of the client and contractor organizations
regarding the system security categorization and authority to operate and make
recommendations where necessary to ensure compliance.
● Created and managed the Plan of Action and Milestone (POA&M) process in order
to plan and track the resolution of system vulnerabilities and weaknesses.
● Reviewed, analyzed, and investigated authorized system access with system
administrators and make recommendations for revoking access, where necessary.
● Served as a liaison to the business and infrastructure communities to
maintain productive collaboration and manage overlapping objectives.
● Conducted penetration testing on various systems and applications, including
web, network, and mobile devices.
● Utilized tools like Metasploit, Nmap, Burp Suite, and Wireshark to identify
and exploit vulnerabilities.
● Conducted vulnerability assessments and reported findings to clients, while
working with them to remediate vulnerabilities and Threats
-
Verizon
Irving, TX, United States
-
SOC Analyst II
Jan 2019 - Feb 2021
Responsible for developing, administering, implementing, maintaining, and
evaluating security policies and procedures for the protection of sensitive
information. Implement preventative and detective information security controls
to secure the company's data, information, and resources. Perform vulnerability
scanning on internal and external systems to identify and mitigate
vulnerabilities. Monitor and maintain the web security gateway, investigate and
control user and suspicious web activity. Conduct a risk assessment to minimize
the company's security, financial, and legal exposure.
Selected Contributions:
● Managed the SOC team to ensure that all incidents were investigated and
resolved in a timely manner.
● Provided incident response support for critical systems, including but not
limited to: Active Directory, Exchange, SharePoint, SQL Server, VMware
ESX/ESXi, Citrix XenApp/XenDesktop and Cisco UCS Manager.
● Assisted with developing new security policies and procedures and providing
ongoing training on current best practices related to information security.
● Participated in regular meetings with management to discuss trends within the
environment and provide recommendations for improvement where applicable.
● Performed analysis of network traffic using tools such as Wireshark and
TcpVantage to identify potential threats or anomalies within the environment.
● Utilized ADB command prompt to install APK files on Android virtual devices
after performing static malware analysis on isolated virtual servers.
-
Capital One
Dover, Delaware Area
-
Software QA Engineer III
Nov 2017 - Dec 2018
Responsible for testing desktop and mobile versions of the web application in QA
and production environments. Develop flow based test cases under test plan and
schemed functions requirements. Identify functional modules, structure, and
logic for testing the system internals. Construct and perform test cases and
test suites for a range of functionalities. Testing GUI and usability of new
builds based on usability and web standards guidelines. Utilizing the bug
tracking system and performing bug fix verification testing. Participate in
weekly QA meetings to discuss the bug fixes and latest builds. Perform
functional testing in production and QA environments, using ADB, etc.
Selected Contributions:
● Performed load testing for all kinds of internet connections with different
kinds of environmental conditions.
● Utilized SDK-based android virtual device and Apk files installation
simulators for testing purposes.
● Executed compatibility testing using a selenium grid to make sure that app can
work smoothly and equally for each environment combination on different
platforms, os, and devices.
● Created & executed functional automation scripts using selenium web driver,
java, eclipse, testing and gradle. ● Wrote and executed SQL queries