Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

STEVE SIMIYU

Information Systems Security Leader
Dallas,TX

Summary

KEY ATTRIBUTES

Diligent and results-oriented IT & Cybersecurity professional with over 25 years’ work experience and progressive responsibility. Experienced in leading an IT Services business, project teams and information systems departments in architecting, implementing and supporting advanced cybersecurity solutions and driving the piloting, acquisition, deployment and value realization around cloud-based Cybersecurity solutions .

Strong technical acuity with capacity to learn and adapt quickly. Possesses various certifications including CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager) , CDPSE (Certified Data Privacy Solutions Engineer), MCSE (Microsoft Certified Systems Engineer) , CompTIA Security +

Overview

14
14
years of professional experience
8
8
years of post-secondary education
4
4
Certifications

Work History

Information Security Manager

Remington Hospitality
2021.12 - Current
  • Implemented a company-wide security awareness training program resulting in a 50% decrease in security policy violations and employee-reported phishing attempts.
  • Identified and mitigated security risks, resulting in a 20% reduction in cybersecurity-related costs over a two-year period.
  • Managed Information Security for Ashford/Remington enterprise by building a capable team , streamlining our processes and using technology to defend against the latest cyber-attacks, data leakage, insider threats and unauthorized access.
  • Led strategic development and execution of comprehensive cybersecurity programs, ensuring alignment with industry standards and best practices.
  • Conducted advanced risk assessments, identified vulnerabilities, and implemented effective risk mitigation measures.
  • Successfully mitigated zero-day vulnerabilities within 24 hours of discovery, preventing potential data breaches and ensuring continuous business operations.
  • Provided strategic direction and recommendations to senior management on information security investments and initiatives
  • Orchestrated incident response efforts during security breaches, ensuring minimal impact and rapid recovery.
  • Responded to security incidents, conduct root cause analysis, and implement corrective and preventive actions to enhance security posture.
  • Managed security audits and regulatory compliance efforts, ensuring adherence to industry standards and regulations including PCI.
  • Provided senior management with strategic guidance and recommendations for information security investments.
  • Improved overall system stability by identifying weak points in infrastructure and recommending necessary upgrades or replacements.
  • Developed incident response plans, enabling quick containment and recovery from cyberattacks.
  • "Consistently achieved 'Excellent' ratings in external security audits and assessments, demonstrating strong governance and compliance practices.
  • Enhanced information security by developing and implementing comprehensive policies, procedures, and training programs.
  • Actively participated in cross-functional meetings to provide expert guidance on information security matters during project development phases.
  • Fostered a strong cybersecurity culture throughout the organization by promoting best practices and open communication channels between departments regarding information security concerns.
  • Coordinated with external vendors to procure cutting-edge cybersecurity tools that enhanced organizational defenses.
  • Maintained up-to-date knowledge of industry advancements in technology, regulations, and best practices pertaining to information security management.

Information Technology Manager

Hotel ZaZa / Z Resorts. Inc.
2019.08 - 2021.12
  • Ensured the confidentiality, integrity and availability of existing operational platform, including servers (both physical and virtual), application delivery, networking, and telecommunications
  • Managed the deployment, monitoring, maintenance, development, upgrading, and support of all IT systems.
  • Managed complex vendor relationships, evaluating and ensuring third-party security compliance.
  • This included servers (application, mail, file and print), routers, firewalls, switches and desktops
  • Aggressively managed all IT related issues or incidents, leading the identification of root causes and then taking appropriate remedial actions
  • Monitored network security including vulnerability scans and penetration tests and working with third-party security partners on remediation tasks
  • Conducted regular security awareness training programs and campaigns through KnowB4.
  • Maintained availability, integrity, and reliability of core customer-facing web services, including server maintenance at the datacenter
  • Provided project-management oversight for new builds and transitions including all aspects of the RFP process for systems, equipment acquisition and installation; user on boarding/off boarding
  • Authored service level agreements for help desk operations.
  • Demonstrated familiarity with latest hardware, software and networking technology..

Virtual IT / Information Security Manager

GXA Network Solutions. Inc.
2017.09 - 2019.08
  • Managed the organization's IT infrastructure, including servers, networks, and end-user computing devices
  • Decreased network downtime by 40% by implementing proactive monitoring solutions and optimizing system redundancies.
  • Implemented IT policies and procedures to optimize system performance, security, and availability
  • Achieved a 15% reduction in IT operational costs through consolidation of hardware, renegotiation of vendor contracts, and implementation of virtualization technologies.
  • Prepared and implemented the Information Security Policy for GXA and its clients based on NIST CSF and CIS Critical Security Top 20 Controls.
  • Improved cybersecurity posture by implementing multi-factor authentication (MFA), data encryption protocols, and regular security audits, resulting in a 30% reduction in security incidents."
  • Fostered a strong cybersecurity culture throughout the organization by promoting best practices and open communication channels between departments regarding information security concerns.
  • Increased employee awareness of cyber threats with regular security trainings and informative presentations.
  • Achieved 100% compliance with industry regulations (e.g., GDPR, HIPAA) through successful implementation of security controls and regular audits.
  • Played a pivotal role in guiding and implementing the necessary protocols and processes, enabling the company to successfully achieve ISO 27001 certification for its information security management system.
  • Coordinated secure system access of users to various department systems and platforms.

Systems Administrator

WW Rowland Trucking Inc.
2012.04 - 2017.08
  • Responsible for all voice and data services for Headquarters and seven remote locations countrywide
  • Enhanced server uptime by 25% through proactive monitoring, timely maintenance, and implementation of high-availability solutions, ensuring uninterrupted business operations.
  • Achieved a 95% compliance rate with patch management policies, reducing system vulnerabilities and enhancing overall security posture
  • Realized a 15% cost savings in hardware and software expenditures by conducting regular capacity planning assessments and implementing resource optimization strategies, resulting in more efficient use of IT resources
  • Deployed and maintained firewalls and VPNs creating highly available secure network with redundant failovers.
  • The implementation, administration, support and troubleshooting of security appliances/applications including, but not limited to: web filters, spam filters, antivirus, IDS/IPS and firewalls
  • Ensured software is patched and able to protect from threats to improve company's security posture.
  • Improved system performance by implementing server upgrades and hardware replacements.
  • Maintained detailed documentation of network configurations, protocols, and procedures for efficient troubleshooting and information sharing among colleagues.
  • Streamlined network administration tasks for increased efficiency through automation scripts.
  • Proactively identified areas for improvement in the IT infrastructure, recommending appropriate technology solutions to boost productivity and performance levels.
  • Delivered Tier 2 and Tier 3 support for problem identification, diagnosis and issue resolution.

Security Research Analyst/Graduate Assistant

Texas Southern University
2010.03 - 2012.04
  • Contributed to the development of a threat intelligence platform by curating and analyzing large datasets of security-related information, providing actionable insights to enhance proactive threat detection capabilities.
  • Identified potential risk, consulted on correcting or reducing risk, and reported if uncorrected
  • Conducted penetration testing, vulnerability assessments, and security audits to identify and mitigate security vulnerabilities
  • Collaborated with IT teams to design and implement secure network architectures and configurations
  • Documented LAN network related policies and procedures
  • Performed risk assessments to help create optimal prevention and management plans.
  • Attained relevant certifications such as CompTIA Security+ and Certified Ethical Hacker (CEH), demonstrating proficiency in key cybersecurity concepts and techniques.

Education

Master of Science - Management Information Systems

Texas Southern University
Houston, TX
2010.05 - 2011.12

Bachelor of Science - Electrical Engineering

Moi University
Eldoret, Kenya
1993.01 - 1998.12

Skills

Information Security and IT Leadership

undefined

Certification

Certified Information Systems Security Professional (CISSP)

Timeline

Information Security Manager

Remington Hospitality
2021.12 - Current

Information Technology Manager

Hotel ZaZa / Z Resorts. Inc.
2019.08 - 2021.12

Virtual IT / Information Security Manager

GXA Network Solutions. Inc.
2017.09 - 2019.08

Systems Administrator

WW Rowland Trucking Inc.
2012.04 - 2017.08

Master of Science - Management Information Systems

Texas Southern University
2010.05 - 2011.12

Security Research Analyst/Graduate Assistant

Texas Southern University
2010.03 - 2012.04

Bachelor of Science - Electrical Engineering

Moi University
1993.01 - 1998.12
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Data Privacy Solutions Engineer (CDPSE)
Microsoft Certified Systems Engineer (MCSE)

Similar Profiles

  • Shaquala Alexander

    Shaquala AlexanderShaquala Alexander

    Group Sales Manager at Remington HospitalityGroup Sales Manager at Remington Hospitality

    View Profile
  • Solange Pincay

    Solange PincaySolange Pincay

    Executive Assistant to the Chief Financial Officer at Remington HospitalityExecutive Assistant to the Chief Financial Officer at Remington Hospitality

    View Profile
  • Nicole Davis

    Nicole DavisNicole Davis

    Catering and Sales Manager at Remington HospitalityCatering and Sales Manager at Remington Hospitality

    View Profile
STEVE SIMIYUInformation Systems Security Leader