| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Street Address
PHONE NUMBER AVAILABLE
EMAIL AVAILABLE
https://Candidate's Name .com
------------------------------------------------------------------------------------------------------------------
Professional summary:
My expert leverages the latest technologies and industry best practices to create a secure and
resilient IT environment. Performing thorough risk assessments, identify vulnerabilities, and
implement comprehensive security measures to protect your critical data and systems.
Simultaneously, develop and maintain detailed business continuity plans that guarantee
operations can continue with minimal disruption, safeguarding your bottom line and reputation.
Employment history:
ICT Security & BCP (Remotely) | Tanzania Commercial Bank
Aug 2022 - Present
Utilized Security Information and Event Management (SIEM) systems, such as Splunk and 360Log
Analyzer, Symantec Endpoint to detect and respond to security incidents and anomalies.
Implemented and maintained security monitoring tools to ensure continuous surveillance of
network activities.
Investigated and analyzed security incidents to determine root causes, assisted in vulnerability
assessments, and managed comprehensive remediation eGorts.
Conducted forensic analysis to identify attack vectors and methods, ensuring thorough
understanding and resolution of security breaches.
Created and implemented automation scripts and work ows using Python and PowerShell to
enhance SOC eGiciency.
Performed in-depth analysis of logs using tools like ELK Stack and Splunk to identify indicators of
compromise (IOCs) and potential security breaches.
Integrated incident response plans with Business Continuity Plans (BCP) to ensure seamless
recovery and continuity.
Conducted regular testing, drills, and simulations of business continuity plans to validate their
eGectiveness.
Coordinated with analysts and other stakeholders to promptly escalate and respond to security
incidents, ensuring a uni ed approach.
Ensured alignment of business continuity plans with cybersecurity measures for a comprehensive
approach to organizational resilience.
Worked closely with stakeholders to promote awareness and understanding of business
continuity planning principles.
Conducted training sessions to enhance the skills and knowledge of the SOC team.
Ensured compliance with CIS Benchmark in con guration for enhanced security.
Web & API s Penetration Tester (Remotely) | Lockwood Tech Company
Feb 2024 - Present
Review API documentation to understand the endpoints, parameters, and expected responses.
Test API parameters for input validation issues, such as injection attacks.
Test the strength of authentication mechanisms.
Test for improper error handling that could disclose sensitive information.
Document all ndings, including detailed descriptions, proof of concept, and potential impact.
Collaborated with API s developer to close vulnerabilities for remediation process.
Ensure proper con guration of security headers like Content Security Policy (CSP) and HTTP Strict
Transport Security (HSTS).
Analyze API responses for sensitive data exposure, such as PII or internal system information.
Penetration Tester (Contractor) | Azania Bank
Jan 2021 - Jul 2022
Planned, executed, and reported on penetration tests for Azania Bank's applications, networks,
and systems.
Identi ed and exploited vulnerabilities in a controlled environment to assess and improve overall
security.
Reduced external threat for 26% in 2021 compared to previous year 2020.
Document all phases of penetration testing, detailing methodologies, ndings, and
recommended corrective actions.
Prepare comprehensive reports for technical and non-technical stakeholders, including
actionable insights and risk assessments.
Work closely with internal cybersecurity teams, IT personnel, and application developers to
address identi ed vulnerabilities.
Provide guidance and support to enhance the overall security posture of Azania Bank.
Stay abreast of the latest cybersecurity trends, emerging threats, and industry best practices.
Continuously improve penetration testing methodologies through research and development
initiatives.
Providing regular feedback on the security posture of the organization to help improve overall
security measures.
Acted as an information security subject matter expert for the Incident Response team, assisting
in escalations and providing insights to enhance security strategies.
Cyber Security Analyst | Digitalbrain Company
May 2019 - Dec 2020
Monitored and analyzed log data to detect and mitigate security threats proactively.
Conducted forensic analysis to identify attack vectors and methods, ensuring thorough
understanding and resolution of security breaches.
Performed over 10 Vulnerabilities Assessment Penetration Test to our clients.
Upgraded and optimized security infrastructure, such as rewalls, IDS/IPS, and endpoint
protection systems, improving overall security posture.
Implemented ICT Infrastructures hardening strategies and benchmarks.
Collaborated eGectively with cross-functional teams to integrate security measures into the
software development life cycle (SDLC).
Conducted training sessions for IT and non-IT staG, fostering a security-aware culture across the
organization.
Developed and executed successful security awareness and training programs for employees,
leading to a noticeable improvement in security hygiene across the organization.
Develop and implement security policies and procedures to ensure the protection of company
data and systems.
Developed and executed incident response plans to eGectively mitigate and respond to cyber
security incidents, minimizing the impact on the organization.
Software Developer OKicer | Tanzania National Roads Agency
Jul 2017 - Apr 2019
Designed, developed, tested, and maintained software applications and systems in alignment
with TANROADS' business objectives.
Provided ongoing support and maintenance for deployed software applications.
Enabled the implementation of Project Management System and Physical Mail Delivery System.
Debugged external/outsource systems and customized codes.
Create and maintain comprehensive documentation for software design, coding, and testing
processes.
Education:
Bachelor s degree in information technology | Institute of Finance Management
2015 - 2017
Diploma in Information Technology | University of Dar es Salaam
2012 - 2014
Skills:
Cloud Security | Vulnerability Assessment | Network Security Monitoring | XDR | SOAR |
Threat Hunting | Endpoint Detection and Response (EDR) | Intrusion Detection and
Prevention Systems (IDPS) | Firewall and Perimeter Security | Scripting & Automation |
Incident Response | Patch Management | Security Audits & Compliance | Access
Control Management | Cryptography | Disaster Recovery and Business Continuity
Planning | Security Awareness Training |
Tools:
Splunk | Symantec Endpoint | Veeam Solution | Snort | Pacu | Cortex XDR | Qualys |
Carbon Black | CrowdStrike Falcon | Tenable Nessus | Acunetx | Secret Server (PAM) |
CIS Benchmarks | Mobile Security Framework (MobSF) | Kali Linux | OpenVAS | OWAP
Zap | Postman | Python (Script) | Nmap | Jupyter (Data Analytical) | Rapid7 InsightVM |
Wireshark |
Courses:
Certi cate of Ethical Hacking v10 | EC-COUNCIL
2019
ISO 27001: Lead Implementer | PCEB
2022
Certi cate of Ethical Hacking v12 | EC-COUNCIL
2024 - ongoing
|
