About

Work Experience

• Cloud Solution Architect/Cloud Security Engineer, Safaricom PLC

  Jul, 2022 - Present

  Directed Safaricom’s cloud strategy, achieving a 30% reduction in operational costs through optimized cloud adoption, infrastructure design, and management, while ensuring robust security across public and private cloud environments.

  • Co-architected the mpesa application for AWS public cloud. https://www.safaricom.co.ke/main-mpesa/m-pesa-services

  • Co-architected the myCounty solution for AWS public cloud. https://mycounty.co.ke

  • Provided architectural direction to implement Safaricom's cloud strategy.

  • Framed the cloud adoption plan, application design, and strategies for cloud management and monitoring.

  • Maintained a highly available server infrastructure for deploying instances on public and private clouds.

  • Supported cloud operations by collaborating with external and internal stakeholders.

  • Administered container orchestration software for public and private clouds.

  • Planned and designed cloud infrastructure and software solutions.

  • Deployed cloud orchestration tools to automate infrastructure management.

  • Applied operating system updates, manage configuration changes, and optimize system performance on public and private cloud accounts.

  • Implemented fixes for cloud security vulnerabilities, risks, and audit findings on public and private clouds.

  • Reduced operational costs by applying best practices for cost optimization.

• Head, ICT Security Operations, Co-operative Bank of Kenya

  Jan, 2021 - Jun, 20221 year 6 months

  Led the Security Operations Centre (SOC) and cybersecurity initiatives, ensuring 24/7 monitoring, compliance with ISO 27001, progress toward PCI DSS certification, adherence to NIST Cybersecurity Framework, secure cloud migration, and alignment with the Kenya Data Protection Act, while delivering comprehensive security reporting to stakeholders.

  • Oversaw the Security Operations Centre (SOC) and ensured 24/7 security monitoring.

  • Achieved ISO IEC 27001:2013 certification by identifying risks, assessing implications, and implementing systematic controls to safeguard the bank.

  • Implemented systematic steps to attain PCI DSS certification, ensuring the protection of cardholder data during processing, storage, and transmission.

  • Aligned cybersecurity activities with the NIST Cybersecurity Framework, integrating business drivers and risk management processes.

  • Developed, implemented, and enforced the bank's comprehensive cybersecurity program.

  • Led new projects by providing ICT security guidance, ensuring compliance with baseline security standards, and mapping business initiatives to a technical security architecture.

  • Delivered timely daily, weekly, monthly, and quarterly reports to senior management and shareholders, highlighting the ICT security posture, emerging threats, trends, and future plans.

• Applications and Infrastructure Security Officer, Co-operative Bank of Kenya

  Sep, 2018 - Dec, 20202 years 3 months

  Led red team penetration testing, security assessments (web, mobile, API), vulnerability and risk assessments, incident response, malware analysis, automation scripting, and cloud adoption planning, while enhancing cybersecurity awareness and aligning with frameworks like OWASP and NIST.

  • Performed red team penetration testing to improve enterprise information assurance by demonstrating the impacts of successful attacks and effective defense strategies.

  • Conducted web, mobile, and API security assessments following OWASP Top Ten guidelines.

  • Identified and addressed known vulnerabilities through timely vulnerability assessments, reducing organizational risk exposure to acceptable levels.

  • Performed cyber risk assessments guided by the NIST Cybersecurity Framework.

  • Provided training and shared knowledge with team members, the division, and the organization to enhance cybersecurity awareness.

  • Developed custom Linux Bash and Python scripts to automate daily tasks with detailed reporting.

  • Created the cloud adoption roadmap, advising the bank on technology gaps to ensure cybersecurity visibility.

  • Led the cyber incident response and forensics stream.

  • Conducting static, dynamic and post-mortem malware analysis.

  • Managed cyber incident response across physical and remote Windows and Unix/Linux environments, including laptops, desktops, servers, and embedded appliances.

• Computer Incident Response and Forensics Manager, Equity Group Holdings

  Apr, 2017 - Sep, 20181 year 5 months

  Led cyber incident response and forensics aligned with ISO 27001:2013, including malware analysis, policy development, security testing for web and mobile applications, and managing incidents across Windows and Unix/Linux environments.

  • Led the cyber incident response and forensics stream, adhering to ISO IEC 27001:2013 standards to ensure digital forensic evidence was admissible and of evidential value in court.

  • Performed static, dynamic, and post-mortem malware analysis.

  • Managed cyber incident response across physical and remote Windows and Unix/Linux environments, including laptops, desktops, and servers.

  • Developed and implemented incident response policies and procedures aligned with ISO IEC 27001:2013 standards.

  • Conducted web and mobile application security testing for various functions of the bank and its subsidiaries.

• Team Lead, Cyber Security and Cyber Forensics, Constellis (Formerly Olive Group)

  Jan, 2017 - Mar, 20173 months

  Performed malware analysis, penetration testing, cloud security management (AWS, Azure), incident response, policy reviews, and security testing for web, mobile, and IT environments, while conducting forensic analysis across servers, desktops, and mobile devices.

  • Executed static, dynamic, and post-mortem malware analysis.

  • Conducted penetration tests for both external and internal corporate environments.

  • Managed the organization’s AWS EC2 cloud instances used to host web apps and websites.

  • Controlled Microsoft Azure cloud machines hosting web apps, websites, databases, and developer tools across development, test, and production environments.

  • Performed security assessments on AWS and Microsoft Azure environments.

  • Led cyber incident response efforts for both physical and remote desktop environments.

  • Reviewed IT security policies and procedures for the banking and telephony industries.

  • Directed mobile application security testing for the banking and telephony industries.

  • Tested web application security for clients in the banking and telephony industries.

  • Conducted forensic analysis of servers, desktops, and mobile devices.

• Cyber Security and Cyber Forensics Analyst, Constellis (Formerly Olive Group)

  Mar, 2013 - Dec, 20163 years 10 months

  Contributed to cybersecurity and forensics, overseeing penetration testing, vulnerability assessments, cloud security (AWS), server forensics, and mobile incident response for banking and telephony industries.

  • Contributed as a team member in the cybersecurity and cyber forensics team.

  • Led penetration testing efforts for the banking and telephony industries.

  • Performed vulnerability assessments for the banking industry.

  • Managed the organization’s AWS EC2 cloud instances hosting web apps, websites, databases, and developer tools.

  • Conducted security assessments on AWS instances.

  • Performed forensic analysis on Windows and Linux servers for the banking and telephony industries.

  • Handled mobile device cyber incident response and forensics for the telephony and banking industries.

• Full Stack Software Developer and Trainer, Brand ID East Africa

  Dec, 2010 - Mar, 20132 years 4 months

  Served as a programmer and systems integrator for SMS routing systems and conducted end-user training on Brand ID's product authentication platform.

  • Programmed and integrated computing systems, SMS aggregation, and routing between Brand ID servers and East African telephony providers.

  • Delivered end-user training for clients and consumers of Brand ID's product authentication system.

• Full Stack Software Developer and Trainer, Future Link Technologies

  May, 2007 - Dec, 20081 year 8 months

  Developed Savings Plus banking applications and bulk messaging systems, integrated with telecom providers, and conducted end-user training across Uganda, Rwanda, and Zambia.

  • Developed the Savings Plus SACCO and microfinance banking application.

  • Created bulk messaging systems with scheduling and routing, integrating with telephone providers MTN, Airtel (formerly Zain), Uganda Telecom, and Orange Uganda.

  • Conducted end-user training for Savings Plus clients in Uganda, Rwanda, and Zambia.

Skills

Education

Certificates

Interests

References