Description

I am a highly skilled Security Engineer with extensive experience in designing, securing, and operating hybrid IT environments across cloud and on-premises platforms. Proven

track record in infrastructure modernization, cybersecurity governance, incident management, compliance (ISO 27001, NIST), and business continuity planning.

Experienced at leading security initiatives, driving infrastructure resilience, and aligning technology strategy with business objectives in regulated and high-availability environments. I excel in collaborating with cross-functional teams to develop secure deployment strategies, implementing CI/CD pipelines with integrated security controls, and driving infrastructure scalability, reliability, and efficiency.

Industry field of expertise

Languages

English
Native or bilingual

Workplace preferences

Can work on-site

Germering (up to 50km)

Micro-Cap Holdings Ltd
Lead – IT Infrastructure & Security
BANKING AND INSURANCE
December 2025 - Today (7 months)
Nairobi, Kenya
• • Provide strategic leadership for the organization's hybrid IT infrastructure, covering on-premises, cloud (Azure, Huawei Cloud), and network environments.
• • Oversee the current state and evolution of IT infrastructure, ensuring scalability, availability, security, and cost efficiency.
• • Lead infrastructure upgrades and modernization initiatives, including cloud migrations, network redesigns, and security tooling enhancements.
• • Own the organization's security posture, including threat management, vulnerability remediation, and continuous improvement of defensive controls.
• • Lead and coordinate security incident response, post-incident reviews, and corrective action planning.
• • Manage and deliver security audits and risk assessments, ensuring alignment with ISO 27001, NIST, and internal governance frameworks.
• • Drive implementation and optimization of security initiatives such as firewalls, endpoint protection (EDR), SIEM, identity and access management, and network segmentation.
• • Oversee Business Continuity and Disaster Recovery (BC/DR) planning, including:
• • DR architecture design and maintenance
• • Periodic DR testing and simulation exercises
• • Identification and closure of recovery gaps
• • Own compliance and risk management, tracking vulnerabilities, remediation actions, and audit findings to closure.
• • Lead future infrastructure planning, including capacity forecasting, technology roadmaps, and investment prioritization.
• • Evaluate and introduce emerging technologies to enhance security, resilience, and operational efficiency.
• • Act as a key advisor to senior management on infrastructure risk, cybersecurity strategy, and technology investments.
• •
Microsoft Azure Firewall Configura Google cloud vulnerability assessment IT-Security
Micro-Capholdings LTD
Network & Information Security Administrator
October 2022 - November 2025 (3 years and 1 month)
• • Designed, secured, and administered cloud and on-premises infrastructure across Azure, AWS, and Huawei Cloud (Konza Cloud).
• • Implemented and enforced identity and access management policies, secure networking (VPCs, VPNs), and firewall configurations.
• • Conducted cloud security reviews and audits, assessing access controls,
encryption, logging, and network segmentation.
• • Supported ISO 27001 audit readiness, maintaining documentation, access reviews, and evidence collection.
• • Implemented monitoring solutions to improve system availability and reduce downtime.
• • Administered Microsoft 365, Zoho CRM, and Zoho Books with role-based access control and secure authentication.
• • Collaborated with development teams to securely host applications using Nginx, Apache, IIS, SSL/TLS, and CI/CD pipelines.
• • Developed and maintained security policies, procedures, and incident response documentation.
ICT Authority
Network Security Specialist
February 2022 - October 2022 (8 months)
• • Developed and enforced baseline security standards for distributed infrastructures.
• • Administered and secured Google Workspace Admin Console, including user lifecycle management, access controls, security settings, and compliance configurations.
• • Designed, administered, and secured Google Cloud Platform (GCP) while applying cloud security best practices and shared responsibility principles.
• • Managed remote access services and monitored system performance, ensuring secure and stable environments.
• • Supported the deployment of infrastructure enhancements, including firewall configurations and software patching.
• • Conducted system monitoring and troubleshooting to detect and resolve network issues efficiently.
• • Management of Google
• • Collaborated on cloud and infrastructure projects, ensuring scalable and secure system designs.