JUFFALI KENZI
Summary
Results-driven and accomplished IT professional with seventeen years of experience in leadership, driving business innovation, ensuring strategic alignment, IT risk management, and value delivery. Successful international track record in building and managing high performing teams enabling technology-driven business outcomes. Impeccable professional qualifications and extensive practical experience underpinned by unbridled passion for digital transformation.
Overview
18
18
years of professional experience
1
1
Certification
Work History
Senior Cybersecurity Project Manager, Consultant
African Development Bank Group
05.2023 - 01.2025
- Responsible for leading and coordinating cross-functional cybersecurity projects ensuring value delivery, resource optimization and risk management.
- Established and matured Security Engineering, Operations and Threat Intelligence programs to operationalize the Bank's Cybersecurity Strategic Framework under the Head of Cybersecurity Unit.
- Managed the delivery of successful Cybersecurity funding investment proposals to justify strategic next generation security technology portfolios enabling the adoption of Secure Artificial Intelligence driven solutions by the business.
- Managed the development of an Enterprise Security Architecture to provide structured mechanisms that consistently translates business requirements for security, and best practices, into operational security and risk management solutions specific
Principal Cybersecurity Consultant
Ipseity Security Solutions
04.2022 - 03.2023
- Responsible for cybersecurity delivery management, client relations and providing technical project management support in designing, and implementing cybersecurity solutions.
- Led the implementation of a privileged access management capability including threat analytics for the Canada Pension Plan Investment Board, enhancing overall security governance and facilitating proactive cyber risk management.
Senior IT Consultant
Salaam Technology Ltd
01.2022 - 01.2023
- Developed and supported the implementation of an Enterprise Architecture program for a Pan-African Science Innovation and Technology Institution to integrate fragmented legacy processes providing foundational and re-usable building blocks for digital transformation.
- Identity governance and administration solution for a Financial Services Organization with a client base of over 5000, which enabled secure remote work and integrated risk monitoring. This solution was critical in ensuring the security of the organization's sensitive data and preventing unauthorized access, while also improving the efficiency and productivity of their remote workforce.
Cybersecurity Consultant
Applied Principles
01.2022 - 01.2023
- Implementation of a scalable cyber risk quantification solution for a Financial Services provider. The solution enabled visibility across a range of risk metrics, calculated risk scores, and provided remediation recommendations. This has helped the organization access custom summative dashboards to identify cyber risks and prioritize efforts to mitigate them.
ICT Manager
African Economic Research Consortium
04.2011 - 01.2022
- Responsible for innovating AERC's value delivery through secure digital technologies to transform, modernize and integrate delivery channels and operations to achieve measurable quality impact in capacity building to influence economic policy making across Africa.
- Partnered with the business to develop AERC's 2020-2025 digital innovation roadmap enabling the organization's drive towards improving quality of research outcomes, sustainability and influence in economic policy making in Africa.
- Established a technology fusion hub to capitalize on emerging technologies by identifying, testing and accelerating the execution of innovative technology enabled changes aligned with the business strategy.
- Redesigned the IT Solution Service Delivery Framework adapting DevOps capabilities and integrating security across the solution lifecycle leading to improved agility in responding to business priorities, security assurance and reduced development and maintenance costs.
- Led the development and implemented a zero-trust architecture cloud security road-map enabling the successful migration and integration of flagship digital products across Africa.
- Led the implementation of a Managed Security Information and Event Management Solution, improving the organizations security posture by enhanced visibility of the attack surface, integrated response capabilities, reduced administrative costs and improved assurance reporting.
IT Administrator
African Economic Research Consortium
04.2007 - 03.2011
- Responsible for driving the integration of information technologies across AERC operations to improve efficiency and enable new products in Training, Research and Policy outreach.
- Working with multiple vendors and cross-functional teams Implemented an E-Learning platform standardizing graduate training programs across 34 African Universities in 27 countries and increasing student uptake from 60 to 130.
- Adopted NIST SP 80-30 risk management framework leading a cultural shift towards risk ownership, structured controls appraisal, performance monitoring and integration of IT risks into the internal controls system across IT projects and operations.
- In collaboration with the World Food Programme, implemented a data analysis and knowledge management hub for the dissemination of global best practices to enable smallholder farmers in Sub-Saharan Africa access higher market value chains.
- Implemented end to end continuous security compliance monitoring of the technology ecosystem ensuring effective assurance and enabling timely detection and response to security policy infractions.
- Data centre virtualization moving 40% of processing load to the cloud, resulting in a capital investment and maintenance cost savings of USD$ 790,000 over 3 years and enabling real-time disaster recovery.
Education
MASTER OF SCIENCE - PROJECT MANAGEMENT
Jomo Kenyatta University of Agriculture and Technology
01.2022
BACHELOR OF SCIENCE - INFORMATION TECHNOLOGY
Jomo Kenyatta University of Agriculture and Technology
01.2005
Skills
- IT Governance Risk & Compliance
- IT Security Strategy Formulation & Road-map Development
- Cyber Risk Resilience
- Enterprise Architecture
- AI Security Risk Governance
- IT Portfolio Management
- Secure SDLC & DevSecOps
- Cloud Security Solutions Architecture (Azure & AWS)
- Identity & Access Management
- Zero-Trust Security Architecture
- Agile Project Management and Change Management
Certification
- TOGAF 9 Foundation, 2024
- ISO/IEC 27001 Information Security Management System Lead Auditor, 2022
- Change Management, PROSCI, 2020
- Six Sigma Greenbelt (SSGB), PECB, 2017
- ISO/IEC27001 Information Security Management System Lead Implementer, 2016
- COBIT 5 for Risk and Information Systems Security, 2014
- Certified in Risk and Information Systems Control (CRISC), 2012
- Certified in Governance of Enterprise IT (CGEIT), 2012
- Project Management Professional (PMP), 2010
- Certified Information Systems Security Professional (CISSP), 2010
- Certified Information Security Manager (CISM), 2008
- Certified Information Systems Auditor (CISA), 2007
Affiliations
- TRECCERT, Subject Matter Expert, ISO 27001 Lead Implementer & ISO 27001 Lead Auditor, 2022
- International Information Systems Security Certification Consortium (ISC2), Subject Matter Expert, Certified Information Systems Security Professional (CISSP), 2020
- ISACA, Subject Matter Expert, Global Certification Committee-Certified in Risk and Information Systems Controls (CRISC), 2015
- ISACA, Subject Matter Expert, Global Test Enhancement Subcommittee-Certified in Risk and Information Systems Controls (CRISC), 2012
- Disaster Recovery Institute (DRI), Member
- Project Management Institute (PMI), Member
- Business Relationship Management Institute (BRMI), Member
- ISACA, Member
Referees
William Lyakurwa, Former Executive Director,
African Economic Research Consortium, wmshabaa@gmail.com, Cell: +225 556 152 923
Sameer Shaikh, Head Information Security Governance,
Galaxkey Limited, sameer.shaikh@galaxkey.com, Cell +971 508497005
Preston Odera, Former Chief Executive ISACA Kenya,
preston.odera@gmail. com, Cell:+254 722771 478
Timeline
Senior Cybersecurity Project Manager, Consultant
African Development Bank Group
05.2023 - 01.2025
Principal Cybersecurity Consultant
Ipseity Security Solutions
04.2022 - 03.2023
Senior IT Consultant
Salaam Technology Ltd
01.2022 - 01.2023
Cybersecurity Consultant
Applied Principles
01.2022 - 01.2023
ICT Manager
African Economic Research Consortium
04.2011 - 01.2022
IT Administrator
African Economic Research Consortium
04.2007 - 03.2011
BACHELOR OF SCIENCE - INFORMATION TECHNOLOGY
Jomo Kenyatta University of Agriculture and Technology
MASTER OF SCIENCE - PROJECT MANAGEMENT
Jomo Kenyatta University of Agriculture and Technology
Similar Profiles
Eric Nkunzi MugemaneEric Nkunzi Mugemane
ICT Officer at African Development Bank GroupICT Officer at African Development Bank Group
Prisca Geraldine NdendendaPrisca Geraldine Ndendenda
Treasury Assistant, managing capital subscriptions at AFRICAN DEVELOPMENT BANK GROUPTreasury Assistant, managing capital subscriptions at AFRICAN DEVELOPMENT BANK GROUP
Enoma OdiaEnoma Odia
Chief Information Technology Auditor at The African Development Bank GroupChief Information Technology Auditor at The African Development Bank Group