Nov 2024 – Present · 1 yr 4 mos · Kenya

• Collaborating to align IT strategy with the University's mission, vision, and goals.
• Overseeing IT governance, identifying risks, and ensuring regulatory compliance.
• Assessing current IT systems, recommending improvements, and advising on technology selection.
• Supporting informed IT investment decisions and optimal resource allocation.
• Monitoring and advising on emerging technologies and fostering opportunities for innovation.
• Providing guidance on cybersecurity best practices to protect IT infrastructure and data.

Aug 2024 – Present · 1 yr 7 mos · Kenya · Remote

• Contributing to the growth of Ushahidi products with special focus on Cyber security and overall technology.

Mar 2024 – Dec 2024 · 9 mos · Remote

Jan 2024 – Present · 2 yrs 2 mos · Remote

• Commonwealth Africa Cyber Fellowship is a selective program dedicated to advancing cybersecurity expertise across the continent.
• Through out the program I get involved in:
• 1. Collaborating with experts and policymakers to address emerging cyber threats, shape policy, and promote best practices in cybersecurity.
• 2. I share and also gain hands-on experience through practical projects, workshops, and mentorship, aimed at fortifying digital infrastructure and governance.
• 3. Work towards driving innovation and advocacy by leveraging new insights on threat intelligence, policy development, and responsible technology use.
• 4. Committed to championing a secure digital future for Africa, contributing to sustainable cyber governance and industry-wide improvements

Mar 2023 – Jan 2026 · 2 yrs 10 mos · Kenya · Remote

• Serving on the board to enhance the tech talent of Moringa school
• Advise on skills trends in Kenya, Africa and Globally in Tech
• Review of our curriculum options
• Strategic guidance to Moringa school in the ecosystem
• Mentoring Moringa Senior Management

Nov 2022 – Jan 2024 · 1 yr 2 mos · Remote

• Application/Infrastructure/Blockchain Security Engineering
• Engaging and leading Web3 communities to build on blockchain and adopt Web3

Jul 2022 – Present · 3 yrs 8 mos

Apr 2022 – Present · 3 yrs 11 mos

• In line with my experience as Cybersecurity Engineer, I founded the AfricaHackon. Through the organization, I share my expertise through multiple presentations and engagements across the globe.
• Africa fintech Summit 2023
• CIS Kenya Data Protection & Privacy workshop
• KPMG Private Enterprise Tax Training for Startups Panel Session
• Mozilla Africa Mradi Innovation Week
• Protecting your business against Cyber threats- Nation Media group Digital Summit
• Commonwealth secretariat – A practical walkthrough of a Cybercriminal and Electronic Evidence with the rule of law – ASIA Pacific
• dx5 CIO (The Year Ahead) - Discussion on The Future of Blockchain, Cyber Security and Cloud Security
• C-Vision CXO Council - C-Suite Conversation of Cyber Security and Strategy
• MARA - Evolution of Web 3 and Blockchain Security
• Central Bank of Kenya - Technical Cyber Security Awareness
• EC-Council - Accelerating Your Cybersecurity Career in Today’s IT Ecosystem
• EC-Council THREAT INTELLIGENCE: MOVING TOWARDS CYBER RESILIENCE IN 2022
• Africa Cyber Defense Forum - Ensuring Security in the Modern-Day Workforce
• Stanbic Bank Kenya - General Cyber Security awareness
• KENIC DNS Forum - DNS Security
• KENIC - Webinar on Educating Youth For A Cybersecurity Future
• Civic Tech Innovation Forum 2022 - Cyber Security Acceleration
• CPF - Future of Fintench innovation
• IPSL - Tricks and Trends in Cyber Fraud: Lessons from Mobile and Digital Banking Platforms

Jan 2020 – Mar 2022 · 2 yrs 2 mos

• In line with my experience as Cybersecurity Engineer, I founded the AfricaHackon. Through the organization, I share my expertise through multiple presentations and engagements across the globe.
• Presentations:
• AI Keynote speech- Ai for Africa (AiFA) 2022 Boot Camp Demonstration Day
• APTAK - Cyber Security for Pension Funds
• NetGuardian - Keynote speech - Cyber Security and AI
• Commonwealth Secretariat Conference on Addressing Cybercrime in Sub-Saharan Africa - Practical walkthrough of a Cyber Criminal
• AGA Africa - Cybercrime investigation and Digital Forensics
• StartUp Weekend - Judge with Startinev
• YSK Exhibition - Keynote speech
• Pangea Trust Connect - Host of Webinar Series
• ISACA Pre-Conference workshop - Cloud & Corporate Security Operation Building
• Lawyers Hub (Africa Law Tech Festival) - A Fireside Chat on Privacy vs Content Creation
• TheRoom MasterClass - Cyber Security for growing Businesses
• ABSA - Ready2Work- Future Skills: What every futuristic employer is looking for
• Centonomy Career Hub - Professional Branding: Building a strong Personal Brand in your Industry
• Co-operative Sacco workshop - Cloud Security and Threat Intelligence building
• Sophos - Live Hacking Session with Sophos
• Makini School - Child online protection
• JWSeagon Achieving Corporate Cyber Resilience (Covid-19)
• JWSeagon Personal Cyber Security (Covid-19)
• CIO East Africa Webinar - Combating the next level of Cyber Threats with Intelligence & EDR
• East Africa SACCOTECH Forum - Automation and Orchestration of Cyber Intelligence
• KENIC - Reducing Cyber Fatigue in organizations
• ISC2 Ghana - Responding to Threat Actors Exploitation
• AGA-AFRICA (Court of Appeal Judges) - Cyber-Crime & Electronic Evidence Workshop
• AGA-AFRICA (ODPP) - Financial Crimes Virtual Workshop
• The Africa Cyber Defense Forum - The Evolving Role of the Board in Cyber Security Oversight
• Business Ireland Workshop - Cyber Security and SupplyChain
• Zetech College Cyber Security workshop

Jan 2019 – Dec 2019 · 11 mos

• Presentations:
• ESET ESD Security Session
• Mybroadband SA Cyber Security
• Africahackon Cyber Security Conference 2019
• Strathmore Business School Guest Lecture
• National Bank of Rwanda
• USIU global MICE tourism
• NACOSTI Data Science Workshop - Cyber Security
• Afro Asia Fintech Summit (Central Bank of Kenya) - Cyber Security for Mobile Applications
• CIO AI & IOT Summit
• CIO Fintech Summit
• 3rd Annual ICT conference BRICS consulting
• Sage Sessions - Cyber Security
• Nairobi Garage After Office hours
• ISACA Ghana Cyber Security conference
• Metta Cyber Security for SME
• Metta Payments and Security Panel Discussion
• Internet Safety and Child Online Protection - High Schools
• Unilever Cyber Awareness day
• Passport Experience conference
• HackerVillage Campus Run
• Pwani innovation week - Cyber Security session
• Kenya Bankers Association CIO/Head of Risk Seminar
• Oracle Kenya Cyber Security Webinar (2019)

Aug 2017 – Dec 2018 · 1 yr 4 mos

• Presentations:
• Raisina Dialogue 2019(India) --- Session on Data Protection and Data Protection Africa Summit 2018 Mauritius.
• Oracle Cyber Security Session - Real Live hacking demonstration
• Cyber Power Information Technology for Defense and National Security (South Africa). - A live hacking demonstration of compromising a corporate network
• Building Cyber Resilience for a country
• Afrisecure Summit 2018 - Power combinations in a cybersecurity ecosystem
• Code4Africa Cyber Security Session - How to use online tools to Track People & Story Leads
• ALX StoryFest - Cyber Security Discussion
• CPAK Conference - Cyber Resilience for Financial Services Sector
• High-Level Breakfast Session on Data Management and Data Governance
• 2nd ISACA Hands on Workshop - CSX Training
• 2nd ICT Infrastructure and Technology Conference (BRISCA Consulting) - Addressing Corporate Cyber Resilience
• Young Scientist Kenya 2018 - Judge
• 3rd SheHacks Cyber Security BootCamp 2018 - Lead Organizer
• Momentum Conference 2018 - Cyber Security as a Career
• Kenya Revenue Authority Business continuity week - Keynote Speech
• Daystar University class of 2018 Guess Speaker (Keynote Speech)
• 1st ISACA Hands on Cyber Security Trainer (CSX)
• Board level training - Mabati Rolling Mills Kenya
• TedX Parklands Nairobi – Insecurities of the Internet
• ICPAK Cyber Security Cyber Security Awareness Training
• CIO Cloud and Security Summit (Rwanda) 2018 - Breaking Down a Cyber Threat
• ISACA Kenya Chapter Annual Conference 2018 - Are you ready for Cyber WarFare
• ISACA Evening Talk May 2018 - Doing More with Less
• East Africa Big Data & Cloud Computing Summit 2018 - Big Data and Cloud Computing

Jan 2017 – Jan 2018 · 1 yr

• Presentations:
• AfriSecure - South Africa 2017 Presenter (Live hacking Demo)
• CIO East Africa Cyber Security Summit 2017: Breaking the Cyber KillChain
• East Africa Cyber Security Forum (Amadeus/CIO/BitDefender)
• Detecting and Preventing Active Cyber Attacks (Live Hacking Demonstration)
• Data Protection Conference Ghana: Data Security, Encryption and other Issues, BYOD
• Nairobi Tech Week 2017: Wave of Cyber Security & awareness
• NextGen Tech: Moderator for Demystifying IoT & Blockchain
• CODEGATE International Hacking Competition & IT Security Conference 2016 S.Korea:
• The Dynamic Changing Face of Social Engineering Aiding in APT Attacks
• Data Protection Conference, Ghana, 2016: Data Protection challenges faced by it professionals
• IDC IT Forum 2016: Evolution of Hacking in emerging Cyberspace
• Social Media Week 2016: Social Media Security and Mitigation
• Plenary discussions on Cyber Security and Social Media
• Rotaract Club 2016 & 2017: Cyber Security Awareness and Digital Media
• Country Revenue Automation ICT Conference: Cyber Security Management for ICT Growth In Kenya
• AITEC East Africa ICT Summit 2016: 2hr Cyber Security Workshop and Organizer of Young Innovators Anti-Corruption Pavilion Challenge
• Banking Systems Penetration KillChain (Hackers Perspective)
• Strathmore University Annual ICT conference, (Security Analysis of Ubiquitous Sensor Networks)
• Africahackon 1: Advanced Reconnaissance & Hacker FootPrinting
• AfricaHackon 2: Insider Threat for Evolving Cyber Threat Attacks in Corporate Networks
• BarCamp Nairobi 2014: Faces OF Advanced Persistent Threat (APT)
• ISACA Evening talk, Kenya Chapter 2014: Advanced Persistent Threat Attacks
• Guest Lecturer (2012): United States International University

Jan 2022 – Nov 2022 · 10 mos · Nairobi County, Kenya

• Leading a brilliant technology team of Software Engineers, Product Managers, Data Scientists,Analysts,Engineers and Cyber Security experts to change the outlook of Data utilization to solve everyday problems that organiations encounter in the African space

May 2019 – Present · 6 yrs 10 mos · Kenya

• I lecture the Msc Class in Cyber Security courses ranging from Penetration Testing, Incidence Response, Governance, and Compliance.
• Key Contributions:
• ⦁ Collaborating, planning, and implementing vocational curriculum with other lecturers.
• ⦁ Utilizing curriculum creative methods and differentiated instruction in multiple subjects in accordance with State Standards
• ⦁ Assessing the development of students and modifying teaching styles to accommodate different learning needs.
• ⦁ Implementing highly individualized instruction to accommodate the needs and abilities of the autistic population.
• ⦁ Creating profitable cybersecurity workshops for specialized vocational programs.

Oct 2017 – Dec 2021 · 4 yrs 2 mos · Nairobi County, Kenya

• Presently, I engage my services at Dimension Data where I direct a team to provide Cybersecurity services to clients of Internet Solutions which include Strategy &Resilience building, Awareness training, Vulnerability Assessment &Penetration Testing, and general robust Cybersecurity solutions
• building.
• Key Contributions:
• ⦁ Developing Go-to-Market Strategies for Cyber Resilience Solutions and plan with value propositions for external clients.
• ⦁ Authorizing the development of a strategic, comprehensive enterprise information security governance, cyber security, and IT risk management program.
• ⦁ Streamlining Internal IT audits, IT controls, change controls, penetration testing, identity/access management, and software defects review.
• ⦁ Establishing the right security and governance practices for Data Protection, Privacy and Risk Awareness.
• ⦁ Providing leadership to client enterprise information security awareness, execution, and training.
• ⦁ Reviewing and improving client risk management and information security management policies/frameworks.
• ⦁ Bolstering strategic partnerships with Vendors and Partners.
• ⦁ Spearheading business technology planning, providing a current knowledge and future vision of technology and systems.
• ⦁ Assisting clients in interpreting risk assessment results and validation of plans to address specific cyber risk issues.
• ⦁ Researching on industry trends on cyber-security while ensuring the business is updated with the latest technologies in the industry.
• ⦁ Directing the cyber team in the development, implementation, and ongoing improvement of products and services.

Jun 2015 – Jan 2017 · 1 yr 7 mos · Kenya

• As a Cybersecurity Engineer at Ushahidi, I worked on several projects focusing on Web and Mobile applications security written in various languages and environments. These had to follow the OWASP TOP 10 guidelines as a baseline.
• Key Contributions:
• ⦁ Conducted Vulnerability Assessment and Penetration Testing which entailed Mobile/Web Application & API Security.
• ⦁ Authorized Project Gap analysis and Risk Profiling.
• ⦁ Provided strategic advice and first-level recommendations on Cybersecurity systems.
• ⦁ Oversaw effective Governance, Risk Management, and Compliance with company policies and procedures.

Jun 2011 – Aug 2012 · 1 yr 2 mos

• In this capacity, I presided over the design and implementation of an overall information risk management process across the company. As the chief cybersecurity evangelist, I inculcated a “security-first” mentality within the organization.
• Key Contributions:
• ⦁ Established efficient workflow processes to protect the availability, confidentiality and integrity of customer, employee, and commercially sensitive information in compliance with policies and standards.
• ⦁ Ensured global standards compliance within Cellulant through strict adherence to policies and procedures.
• ⦁ Acted as Cellulant’s Lead Representative for inquiries from customers, partners, and the general public regarding the organization’s approach to Information Security and Risk.
• ⦁ Maintained an updated t risk register in accordance to changes in the organization.
• ⦁ Presided over security implementation program with sufficient width and depth to comprehensively mitigate information security risk across the company and applicable third-party systems.
• ⦁ Developed and retained the adequate internal capacity to handle day-to-day operations and information governance requirements.
• Examined, updated, and maintained a system of incident monitoring and response to ensure timely intervention in security incidents.
• ⦁ Monitored, evaluated, and validated the company’s capacity to manage imminent risks. (E.g., fraud, hackers, IP theft, etc.) through recurrent security assessments.

Jan 2011 – Sep 2017 · 6 yrs 8 mos

• As a Cybersecurity Engineer, I provided strategic advice and chaired the implementation of best Security practices for systems, processes, and technology.
• Key Contributions:
• ⦁ Enhanced organizational efficiency through frontline Vulnerability Assessment and Penetration Testing.
• ⦁ Streamlined Access control M of over 40 Linux servers across Africa and UK Conducting Vulnerability Assessment on applications developed by Cellulant (both in test environment and client sites)
• ⦁ Aligned security policies, reviewed them in line upcoming trends, created awareness among the Cellulant team, and gave necessary advice or recommendations where needed to make Cellulant a more secure environment.
• ⦁ Proactively assessed potential items of risk and opportunities of vulnerability in the network.
• ⦁ Remediated security alerts and respond to information security-related incidents.
• ⦁ Chaired the installation and managed Intrusion Detection/Prevention Systems and Firewall rules.
• ⦁ Chaired training all staff about information security awareness periodically.
• ⦁ Authorizing new staff induction on information security practices and policies.

May 2010 – Jun 2011 · 1 yr 1 mo

• As an IT Consultant, I managed the following contributions:
• Key Contributions:
• ⦁ Prepared recommendations for the implementation of new systems, procedures, and organizational changes.
• ⦁ Presided end-user training on all applications being used within the application including third parties.
• ⦁ Troubleshot and resolved network hardware and software-related issues.
• ⦁ Maintained 100% accurate inventory of hardware and software.
• ⦁ Authorized Information Security training on awareness focusing on emerging hacking methodologies.
• ⦁ Revolutionalized vulnerability assessment and penetration testing of internal network.
• ⦁ Completed in-depth analyses for business optimization projects boosting revenue.

Jan 2008 – Jan 2009 · 1 yr

• Liaison between Nokia and the entire Daystar University community