You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
John MosesJM

John Moses

CYBERSECURITY PROFFESIONAL |MSc|CEH|PNPT|CySa+|AZ

€579/day
Lagos, NG
8-15 years
VAPT
IT-Security
Security Engineeering
System administration
Cloud Adminstrator

Average response time: 1 hour

About John

An Information Security leader with 10+ years of experience, I possess expertise in IT
Security System Implementation, GRC, Security Engineering, Vulnerability Assessment &
Penetration Testing. My proficiency in these areas is instrumental in Safeguarding Digital
Infrastructures, Networks, and Applications against evolving threats.

I excel in implementing industry-leading IT security standards and best practices, ensuring
optimal performance and adherence to stringent security policies and procedures.
Leveraging my skills and knowledge, I contribute to establishing a fortified digital estate
against potential vulnerabilities and breaches.
Digital and IT Services
E-commerce
Education Companies
Education Systems, Research, and Universities
Banking and Financial Services

  • English

    Native or bilingual

Remote only
Primarily works remotely

Experience

  • ACCESS HOLDINGS [AB-MFB]
    CYBERSECURITY ANALYST| ENGINEER [LEAD]
    August 2022 - Today (3 years and 10 months)
    • Conduct comprehensive cybersecurity assessments and penetration tests on both cloud and on-premises IT assets.
    • Perform web and mobile application security reviews, providing support throughout the development process, from a security perspective
    • Ensure compliance with the DevSecOps framework throughout the Software Development Life Cycle (SDLC)
    • Collaborate with system administrators, network engineers, and DevOps teams to plan, design, and deploy security measures for the protection of networks, data, database systems, asset access, applications, and Users.
    • Collaborate with cross-functional teams to ensure compliance with industry standards and best practices (ISO, CIS, OWASP, NIST, PCI-DSS).
    • Track, investigate, and resolve security incidents from detection to resolution.
    • Cybersecurity Awareness and On-Boarding Training
    • Ensure compliance with ISMS & IMS policies and related control and procedures
    • Threat Modelling with emerging security trends in different security operations.
  • PAYVESSEL
    LEAD CYBERSECURITY CONSULTANT
    December 2024 - Today (1 year and 6 months)
    • Develop and implement comprehensive cybersecurity strategies to mitigate risks and ensure regulatory compliance.
    • Lead vulnerability assessments and penetration testing for all web and mobile applications while ensuring development best practices are complied with.
    • Managing and maintaining IT systems, including servers, networks, and cloud infrastructure.
    • Conduct thorough threat analysis to identify potential vulnerabilities and recommend countermeasures.
    • Lead incident response efforts to contain and remediate cybersecurity breaches.
    • Ensure compliance with relevant cybersecurity regulations, standards, and frameworks.
    • Stay up-to-date with emerging threats, technologies, & trends in cybersecurity, analyze and apply this knowledge to improve the organization's cybersecurity.
    • Lead and mentor junior cybersecurity analysts/engineers to develop their skills and expertise.
  • GOMYCODE
    CYBERSECURITY INSTRUCTOR
    January 2024 - January 2025 (1 year)
    • Develop course materials, lab guides, slide decks, and assessments for topics such as network security, web/mobile app security, API security, cloud security, incident response, and vulnerability testing.
    • Deliver instructor-led training (virtual or classroom) and live demonstrations with clear step-by-step instructions.
    • Design and maintain hands-on labs (VMs, containers, cloud sandboxes) and practical exercises that mirror real-world scenarios.
    • Create and grade practical assessments, quizzes, and capstone projects, providing timely and actionable feedback.
    • Mentor learners one-on-one and run office hours, review student work, and track progress.
    • Update course content to reflect current threats, tools, and best practices.
    • Work with the curriculum team to map learning outcomes and measure training effectiveness.
    • Assist in building certification or badge programs where applicable.
    • Maintain a secure training environment and ensure the safe and legal use of offensive tools in labs.
    • Support recruitment, student screening, and onboarding for training cohorts when needed.
Check out John's experience

Recommendations

Be the first to recommend John

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • MSc
    EC-COUNCIL UNIVERSITY
    2026
    MSc
  • B.TECH
    OGUN STATE INSTITUTE OF TECHNOLOGY
    2019
    B.TECH
Check out John's education

Certifications

  • Certified Etical Hacker - CEH V13
    EC-COUNCIL
    2024
    Web & Application Security Penetration Testing AI in Cybersecurity Network & Perimeter Attacks Vulnerability Analysis & System Attacks Core Security Knowledge Reconnaissance & Information Gathering Vulnerability Assessment
  • Practical Network Penetration Tester - PNPT
    TCM Security
    2024
    Privilege Escalation Penetration Testing External Network Attacks Active Directory Exploitation Open-Source Intelligence (OSINT) Reconnaissance & Information Gathering Tool & Methodology Mastery Report Writing
John's certifications are only visible to Malt Community members

Skill set

IT Project Management
IT Architecture
System Integration
Testing and Quality Assurance
Software Architecture
DevSecOps
Cybersecurity Incident Management
GRC (Governance, Risk and Compliance)
Least Privilege Principles
Data Privacy (GDPR, CCPA)
Penetration Testing
Threat Intelligence
Security Awareness Training
Risk and Vulnerability Assessment
Data Migration and Backup
Data Integrity and Governance
Cloud Platforms and Infrastructure
Digital Transformation
Workshops Facilitation
IT Service Management
IT Strategy
Embedded software
IT Vendor Management and Procurement

Categories