Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework for cloud-based software. Versed in robust network defense strategies. Ambitious [Job Title] committed to formulating innovative solutions to challenges while optimizing processes. Polished in developing and implementing security plans and procedures and developing strategies to respond and recover from security breaches. Logical and analytical leader familiar with security tools and technologies such as firewalls and proxy servers. Watchful professional offering comprehensive, hands-on experience identifying, investigating, and responding to information security alerts. Expertise in searching through data-sets to detect threats and anomalies and administering metrics to maintain security processes and controls. Focused on helping businesses safeguard sensitive data from hackers and cyber-criminals. Detail-oriented team player with strong organizational skills. Ability to handle multiple projects simultaneously with a high degree of accuracy. Organized and dependable candidate successful at managing multiple priorities with a positive attitude. Willingness to take on added responsibilities to meet team goals. To seek and maintain full-time position that offers professional challenges utilizing interpersonal skills, excellent time management and problem-solving skills. Hardworking and passionate job seeker with strong organizational skills eager to secure entry-level [Job Title] position. Ready to help team achieve company goals.
Hi, I’m
DORIS TANUI
Krum,TX
Summary
Overview
18
years of professional experience
1
Certification
Work History
DevTechPath
Senior Cyber Security Specialist
06.2023 - Current
Job overview
- Developed and maintained incident response protocols to mitigate damage and liability during security breaches.
- Conducted security audits to identify vulnerabilities.
- Performed risk analyses to identify appropriate security countermeasures.
- Recommend improvements in security systems and procedures.
- Designed company-wide policies to bring operations in line with Center for Internet Security (CIS) standards.
- Authored security incident reports, highlighting breaches, vulnerabilities, and remedial measures.
- Spearheaded bring your own device program, defining necessary security parameters and designing complementary security deployments.
- Created cybersecurity best practice communications to educate staff against known threats and potential vectors of attack.
- Directed in-house cyber security auditing program to detect flaws and weaknesses in [Software].
- Managed relationships with third-party intrusion detection system providers.
- Collaborated with third-party payment card industry (PCI) compliance partners.
- Verified strength of network security measures such as [Type] and [Type] through external intrusion testing services.
- Participated in creation of device hardening techniques and protocols.
- Maintained company-wide compliance with industry standards and [Area of certification].
- Performed network troubleshooting to isolate and diagnose common problems.
- Developed security metrics and technical analysis to give insight into performance and trends.
- Liaised with third parties to respond to security events and understand threat landscape.
- Designed, installed and configured email encryption gateways with data loss prevention.
- Translated strategy into solutions and operating models by leading or managing others,
- Created policies and procedures for emerging security technologies and proposals.
- Engaged business and technology stakeholders to gather goals and requirements.
- Traveled to client sites to perform onsite testing.
- Worked with business partners to balance requirements, security and risk reduction.
- Created frameworks by designing and developing technical solutions.
Efficaxx Support Consultants
Information Security Specialist
01.2020 - 07.2023
Job overview
- Consulted with team members to assess flawed root causes and plan for remediation.
- Managed information system regulatory compliance to meet updated guidelines.
- Recommend improvements in security systems and procedures.
- Performed risk analyses to identify appropriate security countermeasures.
- Conducted security audits to identify vulnerabilities.
- Designed company-wide policies to bring operations in line with Center for Internet Security (CIS) standards.
- Managed relationships with third-party intrusion detection system providers.
- Participated in creation of device hardening techniques and protocols.
- Created cybersecurity best practice communications to educate staff against known threats and potential vectors of attack.
- Partnered with IT department members to minimize exploits on system coverage.
- Contributed system roadmapping, design and launch services to address information vulnerability.
- Developed and maintained incident response protocols to mitigate damage and liability during security breaches.
- Spearheaded bring your own device program, defining necessary security parameters and designing complementary security deployments.
- Authored security incident reports, highlighting breaches, vulnerabilities, and remedial measures.
- Collaborated with third-party payment card industry (PCI) compliance partners.
- Verified strength of network security measures such as Network security, information security, Mobile security and Cloud security through external intrusion testing services.
- Directed in-house cyber security auditing program to detect flaws and weaknesses in Penetration Testing, FireWall, Packet Sniffers and Nmap.
- Researched and developed new computer forensic tools.
- Engineered, maintained and repaired security systems and programmable logic controls.
- Reviewed violations of computer security procedures and developed mitigation plans.
- Encrypted data and erected firewalls to protect confidential information.
- Monitored use of data files and regulated access to protect secure information.
- Monitored computer virus reports to determine when to update virus protection systems.
- Developed plans to safeguard computer files against modification, destruction, or disclosure.
GAD Security Company Limited
Lead Investigator
01.2018 - 01.2020
Job overview
- Managed both minor and major investigations, executing root cause analyses and overseeing general security measures
- Reported investigative details, project progress, and matrices to client management on a weekly basis
- Directed and participated in criminal investigations, including evidence handling and participation in raids
- Prepared and analyzed comprehensive investigation reports, ensuring accuracy and compliance with laws and regulations.
Omega Risk Management Company Limited
Anti-counterfeit Investigation Officer
01.2014 - 01.2016
Job overview
- Provided comprehensive risk management and loss prevention solutions, including asset protection and targeted shrinkage reduction
- Implemented disaster management protocols to ensure organizational resilience and continuity of operations
- Collaborated with regulatory and law enforcement authorities to identify and remove counterfeit products from the market, taking decisive action against perpetrators.
Lowland Insurance Agency
Investigator
01.2012 - 01.2014
Job overview
- Led investigations into suspected fraudulent activities, employing advanced interviewing techniques and surveillance methods
- Analyzed financial transactions and conducted forensic audits to detect irregularities and fraudulent behavior
- Developed and implemented fraud prevention strategies, including employee training programs and policy enhancements
- Collaborated with law enforcement agencies and legal counsel to gather evidence and prosecute offenders
- Produced detailed investigative reports outlining findings, conclusions, and recommendations for risk mitigation
- Provided expert testimony in legal proceedings, demonstrating a deep understanding of investigative processes and methodologies.
SENECA East Africa
Security Intelligence External Consultant
01.2010 - 01.2012
Job overview
- Conducted comprehensive security assessments to identify vulnerabilities and develop mitigation strategies
- Managed access control systems and surveillance equipment, ensuring optimal functionality and coverage
- Led investigations into security breaches and theft incidents, coordinating with law enforcement agencies to apprehend suspects
- Implemented security training programs for employees, enhancing awareness and response capabilities
- Developed emergency response protocols and conducted drills to test preparedness and effectiveness
- Collaborated with external security consultants to implement best practices and stay abreast of industry trends and threats.
Kenya Rifles (Maroon Commandos Battalion)
Military Intelligence Officer
01.2007 - 01.2009
Job overview
- Oversaw intelligence operations to gather actionable intelligence and support mission planning and execution
- Conducted threat assessments and risk analyses to inform operational decision-making and resource allocation
- Provided leadership and mentorship to junior personnel, fostering a culture of excellence and professionalism
- Coordinated with external intelligence agencies and allied forces to exchange information and enhance situational awareness
- Conducted counterintelligence operations to identify and neutralize insider threats and hostile intelligence activities
- Participated in joint training exercises and multinational operations, showcasing interoperability and coalition-building capabilities.
Education
Comptia CertificationUSA
Comptia Security Plus, APlus And Network Plus 2004 from Comptia Security Plus, APlus And Network Plus 2004
07.2024
University Overview
Kenyatta UniversityNairobi Kenya
Master of Arts from Public Policy Analysis And Administration
08.2022
University Overview
Egerton University, Njoro CampusNakuru Kenya
Bachelor of Arts from Criminology And Security Studies
12.2015
University Overview
Nairobi Institute of Business StudiesNairobi Kenya
College Diploma from Diploma in Business Administration
12.2006
University Overview
Kenya Airforce Supplies Training SchoolNairobi Kenya
Diploma from Diploma In Supplies Management
04.2006
University Overview
Armed Forces Recruits Training SchoolEldoret Kenya
Basic Military Training from Military Operations
08.2003
University Overview
Kenya Armed Forces Technical CollegeNairobi Kenya
Certificate from Computer Operations Course
08.2003
University Overview
Skills
- Incident Response Management
- Vulnerability Assessment
- Data Encryption
- Patch management
- Application security
- Access Control
- Network Security
- DDoS prevention
- Intrusion Detection
- Software Deployment
- IDS Integration
- Incident Response
- Intrusion Test Oversight
- Business Continuity
Certification
- Comptia A-plus (Core1 and Core 2)
- Comptia Security - Plus
- Comptia Network-Plus
Referees: On request due to information sensitivity
Timeline
Senior Cyber Security Specialist
DevTechPath
06.2023 - Current
Information Security Specialist
Efficaxx Support Consultants
01.2020 - 07.2023
Lead Investigator
GAD Security Company Limited
01.2018 - 01.2020
Anti-counterfeit Investigation Officer
Omega Risk Management Company Limited
01.2014 - 01.2016
Investigator
Lowland Insurance Agency
01.2012 - 01.2014
Security Intelligence External Consultant
SENECA East Africa
01.2010 - 01.2012
Military Intelligence Officer
Kenya Rifles (Maroon Commandos Battalion)
01.2007 - 01.2009
Comptia Certification
Comptia Security Plus, APlus And Network Plus 2004 from Comptia Security Plus, APlus And Network Plus 2004
Kenyatta University
Master of Arts from Public Policy Analysis And Administration
Egerton University, Njoro Campus
Bachelor of Arts from Criminology And Security Studies
Nairobi Institute of Business Studies
College Diploma from Diploma in Business Administration
Kenya Airforce Supplies Training School
Diploma from Diploma In Supplies Management
Armed Forces Recruits Training School
Basic Military Training from Military Operations
Kenya Armed Forces Technical College
Certificate from Computer Operations Course