I'm a Computer Science graduate based in Leeds, UK, moving into cybersecurity. I spent five years as a Transaction Officer at GTBank in Lagos, one of West Africa's biggest banks. The job was supposed to be about processing transactions, but what stuck with me were the fraud cases. I kept seeing the same patterns — social engineering that worked on smart people, access controls that broke down when staff got comfortable, suspicious activity that slipped through because nobody was looking closely enough. After a while I stopped wanting to just flag those things and started wanting to be the person who actually stops them.

Now I'm building security tools in Python, studying for my CompTIA Security+, and applying to an MSc in Cybersecurity & Threat Intelligence. Most of my evenings go towards reading up on threats or writing code that does something useful on the defensive side.

I’m looking for an entry-level Governance, Risk & Compliance (GRC) role in the UK. I’m keen to learn from experienced professionals while delivering practical value immediately—helping maintain policies and standards, supporting risk and control reviews, collecting compliance evidence, and improving documentation and reporting that strengthens security outcomes.

If you're hiring or mentoring — kindly reach out.

AI has changed cybersecurity in a big way, and not all of it is good. AI-generated phishing emails now have a 54% click-through rate versus 12% for the old-school ones. Polymorphic malware reshapes itself every 15 seconds. Deepfake-as-a-Service is an actual product you can buy in 2025.

That said, I think the defence side has the stronger hand. Organisations using AI in their security operations are cutting breach costs by $1.9 million on average (IBM, 2025). Behavioural analytics, automated threat hunting, AI-assisted SIEM/SOAR — these tools are already working. The attackers have speed, but defenders have context, and context is harder to fake.

I think about this a lot: we need to adopt AI for defence faster and more deliberately than attackers are adopting it for offence. That's what keeps me motivated.

I've also been paying attention to the security side of "vibe coding" — people building full applications with AI tools without really understanding what's happening under the hood. The thing about security is that it's not just about what you build. It's about what you think about while you're building it. A developer with training thinks about authentication, input validation, session management, and a dozen other things that never show up in a feature request. An AI generating code from a prompt doesn't worry about those things on its own, and the person using it might not know to check. AI code review tools are getting better at catching these gaps, which is encouraging — but someone still needs to know which questions to ask.

I built these because I wanted working tools, not just coursework. They're documented well enough that anyone can pick them up and understand what's going on.

VulnScout — Network Vulnerability Scanner Scans networks for open ports, identifies services through banner grabbing, looks up known CVEs from the NIST National Vulnerability Database, and generates HTML reports you could actually hand to a client.

Python TCP Scanning Banner Grabbing NIST NVD API CVE Lookup Report Generation

PhishGuard — Phishing Email & URL Analyzer Runs 22 checks on emails and URLs — typosquatting detection, SPF/DKIM validation, mismatched link detection, urgency language scoring, and more. Pulls threat data from URLhaus. Every finding comes with a plain-English explanation of why it's flagged.

Python Phishing Detection Threat Intelligence Email Forensics URLhaus API Risk Scoring

Network Simulation — Cisco Packet Tracer Network topologies with routers, switches, VLANs, and security configurations. The kind of hands-on work that makes Wireshark output actually make sense.

Cisco VLANs Routing & Switching Network Architecture

Wireshark Traffic Analysis | DNS Lookup Analysis Packet captures, protocol analysis, traffic filtering, anomaly detection — the bread and butter of SOC work, practiced on real traffic.

Wireshark Packet Analysis DNS Protocol Analysis Network Forensics

Transaction Officer — Guaranty Trust Bank (GTBank), Lagos (2019–2024)

Five years at one of West Africa's biggest banks. I processed thousands of client transactions, but the part that shaped me was the fraud. I watched social engineering work on careful, intelligent people. I saw how access controls fail when staff get comfortable. I escalated suspicious activity, worked with authenticated systems daily, and handled sensitive data under strict confidentiality requirements.

What banking taught me is that security comes down to people — their habits, their blind spots, and whether the systems around them are good enough to catch what they miss.

BSc Computer Science — Networking, programming, and security fundamentals.

MSc Cybersecurity & Threat Intelligence — Currently applying. Focus areas: digital forensics, security operations, threat analysis.

• Studying for CompTIA Security+
• Mapping detection rules to real techniques using the MITRE ATT&CK framework
• Learning Splunk for SIEM log analysis
• Writing about AI in cybersecurity — where it helps defenders and where it creates new risks
• Building more security tools and contributing to open-source projects

• How SOAR platforms are changing what a SOC analyst's day actually looks like
• The UK's cybersecurity skills gap (143,000 workforce, still thousands of unfilled roles)
• Whether "vibe coding" without security awareness is creating a new attack surface
• The NIST AI Risk Management Framework and what AI governance looks like in practice