Guy Ngbwa
Details
Information Security
Lewis University
2014 : 2015
Bachelor of Applied Science (B.A.Sc.)
computer science & Information security
Lewis University
2011 : 2014
Georgia State University
eMoney Advisor
Senior cybersecurity engineer
2022 : 2022
DefenseStorm
Cyber Security Engineer Team Lead
2021 : 2022
DefenseStorm
Cyber Security Engineer
-Provides security-centric subject matter expertise in operating systems, databases, network devices and application development platforms.
-Review and interpret security alerts and logs to identify indicators of compromise and determine the scope of threats by leveraging industry leading EDR tool, SIEM platform, IDS/IPS solution, email security solutions.
- Perform static and dynamic malware analysis leveraging combination of OSINT tools and commercial solutions
-Oversee the company Risk Management program and proceed to propose appropriate risks mitigation responses to the Chief Information Officer (CIO) and the Information Security & Risk Management Council.
-Lead Enterprise Web Application development security program through implementation of grey box testing, vulnerability management and developers training on secure coding.
-Perform internal penetration testing exercises following PTES standard to identify technical controls gaps within the internal network based on The MITRE framework.
-Verifies security systems by developing and implementing test scripts
-Conduct internal information systems audit exercises to identify gap between our existing policies and our current environment.
-Oversee and maintain employees security awareness training program based on industry recommendations and current threats.
-Oversee enterprise email security program.
-Lead annual Menards PCI-DSS assessment.
-Advise in the planning and design of the IS enterprise Disaster Recovery Plan and BCP.
-Assist in risk mitigation, and fulfill security governance and best practices within the environment.
2016 : 2021
Menards
Information Security Analyst
-Developed, implemented, and documented formal security programs and policies
-Performed risk assessments and testing of data processing systems
-Provided implementation of new security controls in accordance with PCI DSS, ISO and other security frameworks.
-Performed weekly networking vulnerability scans and proposed mitigation plans to systems' owners
-Recommended security enhancements to management.
-Monitored overall organization’s networks for potential security incidents.
-Ensured authorized access by investigating improper access; revoking access; reporting violations; monitoring information requests by new programming; recommending improvements.
2014 : 2016
Arbonne International LLC
IT Security Consultant
Skills
Active Directory, Application Security, Cybersecurity, Disaster Recovery, Email Security, Ethical Hacking, Firewalls, IDS, Incident Response, Information Security, Information Security Management, IPS, IT Audit, Java, Leadership, Networking, Network Security, Operating Systems, Payment Card Industry Data Security Standard (PCI DSS), Penetration Testing, PHP, Public Speaking, Python, Qualys, Risk Management, Security, Security Architecture Design, Security Compliance, Security Incident Response, Security Information and Event Management (SIEM), Splunk, Splunk Enterprise, Vulnerability Management, Vulnerability Scanning, Wireshark
About
Missionary and not a mercenary: Effective, efficient and strategist information Security professional with experience in business communications, people, process and technology. Capable of handling multiple tasks in challenging and fast-paced environments. Excellent creative problem solver with strong abilities within networking, software development and cyber security. Ability to prioritize tasks, provide extreme attention to detail, and deliver exceptional services to the employer. Strong emphasis on building cooperative relationships with business leaders to increase value of security investment into the business.
Profile Photo
