Oluwatobi Awolude

SOC Analyst · IT Security Engineer · Cloud Engineer

Newcastle, United Kingdom

oluwatobi.awolude@outlook.com +44 7727 111 482
Get in touch Download CV
About

Profile

SOC Analyst and Cloud-capable IT Security professional with 5+ years running enterprise security, cloud, and network operations across Microsoft Sentinel, Defender XDR, Azure, and Entra ID. Operates a global Tier 2 / Tier 3 SOC single-handed with zero supervision, closing 20+ tickets a day at a 30-minute MTTR while handling daily phishing cases for a worldwide user base. Authors KQL detections, drives Tenable-led vulnerability remediation in line with ISO 27001 and GDPR, and brings a strong cloud engineering foundation with hands-on Terraform, Azure DevOps, Docker, and CI/CD. Looking for a Cybersecurity, IT Security, or Cloud Engineer role where proactive detection and automation have direct business impact.

5+Years in security & cloud ops
20+SOC tickets closed daily
30minMean time to respond
5,000+End users supported at BT/EE
Highlights

Key achievements

Independent Tier 2 / Tier 3 SOC

Closes 20+ tickets per day at a 30-minute MTTR across Sentinel, Defender XDR, Zscaler, and BeyondTrust — owning every alert from triage to post-incident review.

Global phishing response

Handles daily phishing cases for a globally distributed user base, containing credential and payload-based attacks within the same shift they are reported.

Custom KQL detections

Engineered custom KQL detections and hunt queries in Sentinel that surfaced threats default rules missed — lifting overall detection fidelity.

Audit-ready estate

Keeps the estate audit-ready against ISO 27001 and GDPR by driving Tenable Nessus scans, remediation tracking, and fix validation with asset owners.

Supported 5,000+ users

Supported 5,000+ BT and EE users across UK sites while meeting SLAs on VPN, Windows 10/11, Intune, and Active Directory.

Security-as-code

Bridges security and cloud engineering — trained in Terraform, Docker, Jenkins, and Azure DevOps Pipelines (AppMigro 2024–2025) and applies security-as-code to detection content.

Career

Professional experience

  1. IT Analyst, Security (SOC Analyst)

    Jan 2025 – Present

    Mott MacDonald · Newcastle, UK (Hybrid)

    • Close 20+ tickets per day at a 30-minute MTTR as an independent Tier 2 / Tier 3 analyst across Sentinel, Defender XDR, and Zscaler — owning every alert from triage to review.
    • Respond to daily phishing cases for the global user base: analyse headers and payloads, extract IoCs, purge mailboxes, and harden detections to stop repeat campaigns.
    • Engineer custom KQL detections and hunt packs that surface threats default rules miss — raising detection quality across identity, endpoint, and network telemetry.
    • Drive vulnerability management in Tenable Nessus: scope scans, track remediation with asset owners, and validate fixes to keep the risk register clean.
    • Tighten identity and privileged access through Entra ID Conditional Access and BeyondTrust session monitoring, reducing standing privilege exposure.
    • Produce control evidence for ISO 27001 and GDPR, mapping SOC activity to audit requirements.
    • Treat detection content as code: version-controlled in Git and deployed through Azure DevOps Pipelines for repeatable rollouts.

  2. IT Analyst, Application and Cloud Support

    Apr 2023 – Mar 2025

    Mott MacDonald · Newcastle, UK (Hybrid)

    • Delivered L3 support across Microsoft 365, Azure, ServiceNow, AutoDesk, and Bentley for a global engineering user base — protecting uptime on critical platforms.
    • Hardened Intune, Autopilot, and Entra ID configurations, rolling out Conditional Access, device compliance, and zero-touch provisioning.
    • Troubleshot Azure App Services, virtualisation, and identity issues alongside platform teams to unblock upgrades and integrations.
    • Wrote knowledge-base articles, runbooks, and process flows that cut repeat tickets and lifted first-time fix rates.
    • Partnered with security on escalations and early Defender adoption — which led to my internal move into the SOC role.

  3. IT Support Engineer, 2nd & 3rd Line

    Oct 2021 – Mar 2023

    BT / EE via Hays Talent Solutions · Gosforth, North Tyneside & Remote

    • Supported 5,000+ BT and EE users across UK call centres and remote sites — hitting SLAs on Windows 10/11, Microsoft 365, VPN, and Active Directory incidents.
    • Provisioned users and devices through AD and Intune, enforced Group Policy and Conditional Access baselines, and executed Windows patching through SCCM.
    • Acted as backfill engineer across UK sites for upgrades, new-site rollouts, and decommissioning projects.
    • Worked with the cybersecurity team on phishing triage, access reviews, and incident escalations — sharpening the security mindset I use in the SOC today.

  4. IT Analyst, Remote Infrastructure & Cloud

    May 2019 – Sep 2021

    Naynav Engineering Services · Newcastle, UK (Remote)

    • Delivered infrastructure and cloud support for a remote workforce, covering Intune policies, Conditional Access, and Microsoft 365.
    • Performed compliance checks and helped implement cloud security policies across Entra ID and Azure workloads.
    • Documented SOPs and onboarding guides that reduced repeat queries and scaled operational knowledge.

  5. NOC Engineer & Network Surveillance Specialist

    Sep 2017 – Apr 2019

    Biswal Telecoms · Lagos, Nigeria

    • Monitored telecom networks 24×7, triaged critical alarms across regions, and coordinated field engineers to hit MTTR and SLA targets.
    • Produced incident reports and shift handovers that kept the NOC synchronised and customer-facing services stable.
    • Built the TCP/IP, routing, and fault-management fundamentals that still underpin how I investigate today.
Toolbox

Core skills

Security Operations

SOC Tier 2 / Tier 3 Incident Response Threat Hunting Triage Chain-of-Custody

SIEM & Detection

Microsoft Sentinel KQL Log Correlation Detection Engineering SOAR Playbooks

Endpoint & Network Security

Defender XDR Defender for Endpoint Zscaler BeyondTrust Aternity Phishing Triage

Vulnerability Management

Tenable Nessus Patch Reporting Remediation Tracking

Cloud & Identity

Microsoft Azure Entra ID Conditional Access Intune Autopilot SC-900 aligned

Cloud Engineering

Azure App Services Terraform Azure DevOps Pipelines Docker Jenkins Git CI/CD IaC

Networking

TCP/IP Routing & Switching VLANs VPN DNS DHCP NOC Monitoring MTTR Management

Systems & Platforms

Windows Server 2012–2019 Active Directory Group Policy SCCM Citrix Microsoft 365

Compliance & Frameworks

ISO 27001 GDPR NIST-aligned ITIL v4

Scripting & Automation

PowerShell Bash KQL YAML
Credentials

Certifications & training

CEH v12

Certified Ethical Hacker · EC-Council

ISC2 CC

Certified in Cybersecurity

SC-900

Microsoft Security, Compliance & Identity Fundamentals

AWS CCP

AWS Certified Cloud Practitioner

CompTIA Network+

Networking fundamentals

ITIL v4 Foundation

Service management

Azure DevOps & IaC

AppMigro 2024–2025 · Terraform, Docker, Jenkins, Git, CI/CD

In view: CompTIA Security+ · Microsoft MD-102 · Microsoft AZ-900 · ServiceNow Admin

Education

Academic background

B.Tech, Computer Science

Ladoke Akintola University of Technology, Nigeria · 2011

Affiliations

Professional memberships

ISC2 EC-Council BCS (British Computer Society)
Get in touch

Let's talk

Open to Cybersecurity, IT Security, or Cloud Engineer roles where proactive detection and automation have direct business impact. Based in Newcastle, available UK-wide and hybrid/remote.

Email

oluwatobi.awolude@outlook.com

Phone

+44 7727 111 482