CALLEB KODO
Information Security Specialist
Summary
Professional Summary
Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience in implementing information security program and conducting vulnerability assessments. Versed in robust network defense strategies.
Overview
13
13
years of professional experience
5
5
Certifications
3
3
Languages
Work History
ICT Officer – (Information Security)
Kenya National Examinations Council
07.2017 - Current
- Monitoring and reporting on information systems threats and vulnerabilities, performance of network systems, and application security solutions to highlight areas of non-compliance and inform the development of improved practices and processes
- Performing information systems audit to establish any breaches to information security policies; establish information system vulnerabilities and risks to data and information resources and make recommendations
- Managing the allocation of access privileges of users to ensure appropriate security settings are applied under organization policies
- Assisting in security breach investigations to guide the refinement of Information Security policies and practices
- Reviewing Business Continuity Plan (BCP) and Disaster Recovery procedures and ensuring that they are enforced
- Managing the periodic maintenance of security systems and applications to ensure new threats are identified and managed and the security of the organization's assets is maintained
- Liaising with IT Security vendors, suppliers, service providers, and external resources; analyzing, recommending, installing, and maintaining software security applications; and monitoring contractual obligations, performance delivery, and service level agreements
- Preparing and maintaining documentation, policies, and instructions, and recording and detailing operational procedures and system logs
- Training and sensitizing users on Information Security.
Systems Administrator
The Nairobi Hospital
02.2011 - 07.2017
- Formulated ICT policies that controlled and restricted unauthorized use of computer resources in all the departments in the hospital
- Worked with users from various departments to analyze existing computer systems and recommended sustaining solutions that ensured the smooth running of information systems
- Planned and developed long-term solutions to persistent computer problems within the organization
- Represented the ICT department in customer care championship meetings to discuss and identify areas of improvement for better service delivery
- Communicated to users on matters concerning IT Security, trained and promoted security awareness among users to reduce incidents, and made users part of the hospital's security solution
- Coordinated with IT vendors to support, repair, and manage ICT equipment warranties and ensured installation of hardware and software
- Worked with users to analyze computing and network needs and installed appropriate solutions within each organization's budget
- Ensured network connectivity throughout the hospital's LAN/WAN infrastructure was at par with technical considerations
- Administered print server and file server and created/added/disabled users in Windows Server 2012 Active directory
- Maintained network facilities in individual machines, such as drivers and settings of personal computers as well as printers
- Provided technical support and quickly arranged for hardware repair or replacement in case of system failure
- Performed troubleshooting and resolved system application issues escalated from the helpdesk and other departments with a 99.9% success rate
- Investigated potential or actual security violations or incidents to identify issues and areas that required new security measures or policy changes
- Monitored network performance and provided security measures, troubleshooting, and maintenance of both local area networks and computer hardware
- Performed vulnerability assessment and penetration testing on the hospital's infrastructure and applications to ensure security from external or internal hacking attempts
- Performed research and provided technical security expertise on continuous persistent system threats affecting the hospital.
Education
Master of Science - Internet Security and Cybercrime
United States International University - Africa
Nairobi, Kenya 04.2017 - 2024.04
Bachelor of Science - Int'l Business Administration- Information Systems
United States International University - Africa
Nairobi, Kenya 04.2005 - 2010.04
Skills
Team Management
Cyber Threat Incident Management
Vulnerability Management
Penetration Testing
Network Administration & Design
Budgeting & System Auditing
Computerization Infrastructure
Project Management
Information Security Risk management
IDS/IPS Management
Firewall Management
Certification
CISSO - Certified Chief Information Security Officer
Additional Training
- Certificate of achievement: Hands-on Penetration Testing with BlackArch Linux.
- Certificate of achievement: Hands-on Penetration Testing with Netcat.
- Certificate of achievement: NSE 5 FortiSIEM 6.3
Accomplishments
- Successfully configured and set up an antivirus server that enhanced central management of endpoint security software i.e. Kaspersky Admin Kit by installing antivirus on over 300 computers at once in one day thus saving time by 95%.
- Performed Active Directory (AD) audit to establish any breaches to information security policies and compliance according to ISACA and ISO 27000 standards thereby offering recommendations thus reducing security threats and types of attacks by 85%.
- Conducted vulnerability assessment and penetration test on Kenya National Examinations Council's web server and recommended revamping of the old website which increased efficient usage of online resources and minimized impending threats during the first quarter of the financial year 2017.
- Encrypted over one hundred laptops used by staff members to prevent data loss, unauthorized access to data, and controlled usage of such computing devices.
- Implemented network monitoring tools for checking links to other offices outside the city center which have reduced troubleshooting time by 90% during network downtime.
- Successfully trained over one hundred senior staff members on cyber security awareness in order to proactively eliminate social engineering while handling confidential information.
- Participated in installation and configuration of Fortinet firewall at the Council's network perimeter thus reducing threats and external intrusion by 90%.
Affiliations
2021-02-01 - Present: Electronic Commerce Council (EC-Council)
- Participating in cybersecurity activities i.e. conferences, workshops and training.
- Participating in setting CCISO examination for EC - Council.
- Participating in online cyber security webinars organized by EC-Council.
Hobbies
Athletics, , Body Fitness, Listening to music.
Awards
- Awarded with a certificate of participation for participating in the POSTBANK-SIFE Kenya Essay and debate competition on ‘Save to invest and grow the Economy Nov 2008 - Jan 2009’.
- Awarded with a certificate of participation for participating in the Human Rights Awareness Essay writing competition entitled “HIV/AIDS and Human Rights in Kenya” organized by The Legal Resources Foundation in Jan –May 2004.
Leadership Roles
2013-01-01- 2017-07-01: ICT Customer Service Representative - The Nairobi Hospital
- Presented and submitted ICT customer service index report to the hospital's customer service committee.
- Collected and reviewed users' complaints, and views, provided resolutions, and suggested areas of improvement.
- Represented the ICT manager and submitted reports of ongoing ICT projects in customer service meetings.
2008-02-01, 2009-08-01: Captain - USIU Athletics Team
- Attended USIU Leadership retreat as campus official about providing solutions to the problems affecting learning and student activities held at Soi Lodge- Baringo in May 2009.
- Represented USIU at Kenya Polytechnic University Open Championships in 100m and 200m contests on 10Th July 2009.
References
1. Mr. Edward Tuitoek
ICT Manager
HACO Industries Kenya LTD
P. O. Box 43903 - 00100 Nairobi
Mobile: +254 728663719
2. Mr. Michael Ndavi
AG. ICT Manager
The Nairobi Hospital
P. O. Box 30026 - 00100 Nairobi, ,
Mobile: +254 723990516,
Email: michaelndavi@nbihosp.org
3. Mr. Paul Kimemia
Assistant Director, Information Security
Kenya National Examinations Council
P.O. Box 73598, Nairobi, 00200, Kenya
Mobile: +254 724373369
Email: pkimemia@knec.ac.ke
Timeline
ICT Officer – (Information Security)
Kenya National Examinations Council
07.2017 - Current
Master of Science - Internet Security and Cybercrime
United States International University - Africa
04.2017 - 2024.04
Systems Administrator
The Nairobi Hospital
02.2011 - 07.2017
Bachelor of Science - Int'l Business Administration- Information Systems
United States International University - Africa
04.2005 - 2010.04
CISSO - Certified Chief Information Security Officer
CEH - Certified Ethical Hacker
NSE2- Certificate in Fortinet Network Security Expert.
Certificate in Data Protection.
NSE 5 - FortiSIEM 6.3
Similar Profiles
Emily GwallahEmily Gwallah
Records Officer at Kenya National Examinations Council, KNECRecords Officer at Kenya National Examinations Council, KNEC
KING'ORI GITAHIKING'ORI GITAHI
Chem/Phy teacher at Teachers Service Commission KenyaChem/Phy teacher at Teachers Service Commission Kenya
MUSA OREMBE AKALIMUSA OREMBE AKALI
Teacher (Biology/Chemistry and SNE Provider) at WINDLE INTERNATIONAL-KENYATeacher (Biology/Chemistry and SNE Provider) at WINDLE INTERNATIONAL-KENYA