Trusted Cyber Security professional with 5 years protecting companies against both internal and external threats. Talented at preemptively detecting unidentified threat vectors and applying preventive measures to mitigate security flaws. Employs technological solutions and personnel training to harden both people and machines against malicious actors.
Overview
10
10
years of professional experience
6
6
years of post-secondary education
8
8
Certifications
Work History
Cloud Security Engineer
Stanbic Bank Kenya Limited
06.2022 - Current
Achievements/Tasks
Led Azure workloads security remediation leading to significant rise in Secure Score as per cloud security baselines
Led deployment of Microsoft Sentinel on all on-premises workloads and linking cloud workloads to sentinel workspace to enable centralized view for logs, security monitoring and threat intelligence
Deployed vulnerability management solution to cloud to ensure proper vulnerability assessment and management on cloud workloads
Leads incident response programs including simulations and actual incidents
Continuous training of team members regarding security awareness and operations
Continuously monitor evolving threat landscape and make recommendations on improvements that need to be put in place
Worked with teams of talented software engineers to define, build and maintain cloud infrastructure
Provided technical leadership and delivered innovative products and services to address customer specific requirements
Developed security metrics and technical analysis to give insight into performance and trends
Cyber-security and Vulnerability Management Specialist
Stanbic Bank Kenya Limited
12.2020 - 06.2022
Achievements/Tasks
Enforced Network Access Control posturing for all endpoints and devices accessing corporate network
Supported go-live of various bank initiatives by conducting timely cyber-security assessments and providing remediation guidelines
Led roll-out and administration of various security tools such as DAM, SIEM and vulnerability management system as security technical expert
Formulated additional use cases for SIEM monitoring
Deployment of endpoint controls such as DLP, encryption, antivirus and EDR
Maintenance and management of information security tools to ensure system health for all tools
Work closely with various business and IT stakeholders to detect and respond to information security incidents, maintain and follow procedures for security event alerting and participate in ICT related security investigations
Continuous training of team members regarding security awareness and operations
Continuously monitor evolving threat landscape and make recommendations on improvements that need to be put in place to secure bank
Closely worked with IT teams in remediation of discovered vulnerabilities
Information Security Officer
SOC, Equity Bank Limited
04.2020 - 12.2020
Achievements/Tasks
Increased Enterprise Anti-Virus Coverage by 30%
Assisted Head of SOC in formulation of SOC processes, procedures, escalationmatrix , SOC run-book and
implementation of various use cases
Maintenance and management of information security tools to ensure system health for all tools
Actively involved in documenting all activities during an incident and providing leadershipwith
status updates during the life cycle of the incident
Work closely with various business and ITstakeholders to detect and respond to information security
incidents, maintainand followprocedures for security event alerting and participatein ICT related
security investigations
Continuous training of team members regarding security operations
Analyze a variety of network and host-based security appliance logs (Firewalls, FIM, SysLogs, etc.)
to determine the corrective or mitigation actions and escalation paths for each incident.
Security Operations Centre Lead
Co‐operative Bank of Kenya Limited
01.2020 - 03.2020
Led and coordinated deployment of SIEM in D.R datacenter to ensure SIEM resilience
Developed an effective SOC escalationmatrix and incident response procedure/guideline
Planned staff shifts to ensure 24/7 cybersecurity monitoring
Reviewed issues raised bySOC analysts and resolve thosewithin the unit’s scope andfollow up to closure all issues
escalated to ICT support teams
Documented all activities relating to a cybersecurity incident and provided leadership
throughout an incident lifecycle
Ensured proper knowledge transfer within the team as well as identified training opportunities to
further enhance the team’s skills
Worked closely with various stakeholders in identification of cybersecurity incidents as well as resolution
to reduce business disruption.
ICT Security Risk Monitoring Analyst
Co‐operative Bank of Kenya Limited
06.2019 - 01.2020
Achievements/Tasks
Identified hosts infested with a credentialdumping toolbefore the attackers harvested
criticalcredentials
This prevented a possible costly enterprise compromise
Developed use cases on SIEM to identify lateralmovements and detection of rogue hosts within the network
Work collaboratively with the IT Security Operations, ICT Risk and Control, and Security Services teams
to detect and respond to information security incidents, maintain and followprocedures for security
event alerting and participate in ICT related security investigations
Monitoringopen-sourceintelligence sources for potentialthreats against the Bank, and
ensure appropriate defensive actions are taken with respect to these
Triage issues and escalate them to the ICT respective units and ensure that appropriate follow-up
actions are taken to mitigatethe exposure
Document all activities during an incident andproviding leadershipwith status updates duringthe life
cycle of the incident
Independentlyfollow procedures to contain, analyze, and eradicate malicious activity.
Branch Core Banking System Administrator
Co‐operative Bank of Kenya Limited
12.2012 - 11.2014
Education
Bachelors of Business Management - Information Technology
Kabarak University
05.2008 - 05.2011
Kenya Certificate of Secondary Education -
Evelyn Memorial Christian School
01.2004 - 05.2007
Skills
Excellent Communication
undefined
Certification
CISSP - Certified Information Systems Security Professional (ISC2)
Affiliations
1. ISACA
2. ISC2
Timeline
Cloud Security Engineer
Stanbic Bank Kenya Limited
06.2022 - Current
Cyber-security and Vulnerability Management Specialist
Stanbic Bank Kenya Limited
12.2020 - 06.2022
Information Security Officer
SOC, Equity Bank Limited
04.2020 - 12.2020
Security Operations Centre Lead
Co‐operative Bank of Kenya Limited
01.2020 - 03.2020
ICT Security Risk Monitoring Analyst
Co‐operative Bank of Kenya Limited
06.2019 - 01.2020
Branch Core Banking System Administrator
Co‐operative Bank of Kenya Limited
12.2012 - 11.2014
Bachelors of Business Management - Information Technology
Kabarak University
05.2008 - 05.2011
Kenya Certificate of Secondary Education -
Evelyn Memorial Christian School
01.2004 - 05.2007
Similar Profiles
VALERIE GAYAVALERIE GAYA
Transactional Banker, Private Banking at Stanbic Bank Kenya LimitedTransactional Banker, Private Banking at Stanbic Bank Kenya Limited