Robson Utete

• Developed and execute a robust information security strategy that aligns with the organisation's overall goals and objectives. Identify potential risks, vulnerabilities, and threats, and implement proactive measures to mitigate them effectively.
• Reviewed and led efforts to ensure compliance with relevant regulatory requirements, industry standards, and best practices, with a strong focus on NIST/ISO27001/GDPR.
• Established and maintain a comprehensive risk management framework to identify, assess, and mitigate potential security risks.
• Developed and enforce information security policies, procedures, and guidelines that align with industry best practices and compliance requirements. Regularly review and update these policies to reflect changes in technology, regulations, and emerging threats.
• Collaborate with cross-functional teams to design, implement, and maintain a secure and resilient information technology infrastructure. Ensure the confidentiality, integrity, and availability of systems, networks, and data through effective security controls.
• Developed and implement an incident response plan to promptly address and mitigate security incidents, breaches, and other cyber threats. Coordinate with internal stakeholders and external vendors to resolve issues and restore normal operations in a timely manner.
• Promote a strong security culture throughout the organisation by conducting security awareness programs, training sessions, and workshops. Educate employees on information security best practices, policies, and their role in maintaining a secure environment.
• Evaluate, select, and manage third-party vendors and service providers to ensure their compliance with security standards and protect the organisation's interests.
• Performed regular assessments of vendor security controls and address any identified vulnerabilities or weaknesses.
• Established robust security monitoring capabilities to detect and respond to potential threats. Generate regular reports and metrics on security incidents, risks, and trends to keep stakeholders informed about the organisation's security posture.
• Led evaluation, selection and implementation of the following tools: security information and event management (SIEM), automated vulnerability management, automated penetration testing, application whitelisting, data loss prevention (DLP), intrusion detection system/intrusion prevention system (IDS/IPS), web filtering, malware defense systems for endpoints and network perimeter, and mobile device management.
• Collaborate and oversee Third-Party Penetration engagement and defining remediation plan based on results of 3rd party penetration testing, working with key stakeholders to remediate found vulnerabilities and weaknesses.

Implemented a 3 -year security strategy (People, Process, and Technology) for maturing the firms cyber security operations posture encompassing:

• Threat and vulnerability management
• Continuous Security Monitoring
• Standardization of security operating procedures
• Operational Security MI (Metric framework)
• Cyber Security Incident Response and Management.
• Identity and Access Management
• Implement both offensive and defensive operations controls.
• Cyber Threat Intelligence and Threat hunting

BAU Security Operations Management:

• Managing cyber security team and its tasks, ensuring the team is fully equipped to fulfill requirements of cyber defense function which includes, SIEM alerts monitoring, vulnerability assessments, Data Loss Prevention, threat intelligence gathering and threat hunting, security designs and application security.
• Acting as escalation point to resolve incidents escalated from 2nd and 3rd line analyst.
• Leading the discovery phase of indicators of compromise (IOC), aligning the process to MITRE Att&ck, Cyber kill chain and diamond model of intrusion investigation.
• Assisting SIEM monitoring team to scope new content for monitoring technical controls to mitigate identified risk
• Operationalising identified IOC and prepared course of action for investigating incident.
• Developing containment and remediation strategy for short and long-term resolution.
• Hunting for anomaly and Indicators of Attack (IoA) in transaction logs, security logs and telemetry data collected from endpoints and servers estate.
• Conducting cross device correlation of related and unrelated event to identify from end points to detect suspicious patterns.
• Building processes and playbooks for security monitoring, and lead training for junior analysts.
• Reverse engineering malicious samples and conduct memory analysis to extract IoC’s from compromised endpoint and servers that will be used to search across endpoint and server estate.
• Leading and support development of cyber threat hunting capability
• Championing vulnerability management across the firm, configuring scheduled scans, asset discovery, remediation and re-testing.
• Coordinating Pen Test with external testers, manage remediation of identified weaknesses.

• Performed consultation services on risk management, information security and incident response, advising business leadership on implementation of cybersecurity frameworks,
• Managed clients' cybersecurity transformation journey to put in place entities in-scope, organization based on key disciplines: Information Security, Cyber Incident Response, Operational Resilience, Data Protection. This includes collaborating on key security tasks, such as incident management, access control, threat modelling, vulnerability management, third party assessments.
• Performed awareness training of key business and industry trends, understanding how they impact responses to cyber risk and oversee implementation of various security initiatives for clients.
• Collaborate across the team, support peers and act as a role model throughout the wider business to promote personal growth, seek continuous product & service improvements.
• Developed and implementing Cybersecurity Strategic Plan at firm's entities in-scope, aligned with Global Cybersecurity Strategic Plan, business objectives, local and regional regulatory and compliance requirements.
• Developed methods to implement, enforce and advise on cybersecurity related issues. This includes educating business and functional leaders on security awareness, operationalisation of policies, standards and baselines.
• Performed risk analyses to identify appropriate security countermeasures and applying security risk assessment, recommend and implement common control frameworks.
• Conducted security audits to identify vulnerabilities, investigate major breaches and recommend appropriate control improvements for clients.
• Created and implemented security network framework across 3500 devices, led creation of value propositions on security projects (prepare, deliver, and lead security workshops to qualify, assess and scope client requirements).
• Researched and developed new policies, standards, procedures and playbooks in line with clients' business objectives and goals.
• Reviewed violations of computer security procedures and developed mitigation plans, helping them navigate complex, risk-driven cyber issues.

• Lead investigations using security technologies such as Security Incident and Event Managers (SIEM)-Logrhythm, McAfee ESM, and Splunk, Intrusion Detection and Prevention Systems (IPS), Endpoint Security, Data Loss Prevention (DLP), Vulnerability Management (VM), Threat Intelligence, Threat Detection, Web Application Firewalls (WAF), Email Gateways, Breach Mitigation, Certificate Management, SSL encryption, Identity Management, Cloud Security, Database Security, Web Gateways, VPNs, and Firewalls.
• Defining and implementing security across a number of information security technologies, including Firewalls, IDS/IPS, DLP, End Point Security, Web/Email filtering, Anti-virus, supporting Penetration Testing and Forensic Investigation
• Participate in emergency response team activities and responding to various security incidents. Provide in-depth support for information security incidents including internal violations, cyber attacks, malware infection analyses and system outages.
• Prepare and update information procedures, standards, and other technical requirement documents.
• Reviewed and evaluated security tools to identify more efficient and effective security measures.
• Created and maintain process, Reports and procedures documentation.
• Educate junior analysts and wider user community on IT security
• Built long-term relationships due to prompt and courteous service
• Streamlined manual operations/tasks using automation
• Supported senior company leaders by delivering reports outlining performance to drive process improvements

• Deliberately omitted....