Guy Ngbwa
Education:
Master of Science (M.S.)
Information Security
Lewis University
2014 : 2015
Bachelor of Applied Science (B.A.Sc.)
computer science & Information security
Lewis University
2011 : 2014
Georgia State University
Experience:
2022 : Present
eMoney Advisor
Senior cybersecurity engineer
2022 : 2022
DefenseStorm
Cyber Security Engineer Team Lead
2021 : 2022
DefenseStorm
Cyber Security Engineer
-Provides security-centric subject matter expertise in operating systems, databases, network devices and application development platforms.
-Review and interpret security alerts and logs to identify indicators of compromise and determine the scope of threats by leveraging industry leading EDR tool, SIEM platform, IDS/IPS solution, email security solutions.
- Perform static and dynamic malware analysis leveraging combination of OSINT tools and commercial solutions
-Oversee the company Risk Management program and proceed to propose appropriate risks mitigation responses to the Chief Information Officer (CIO) and the Information Security & Risk Management Council.
-Lead Enterprise Web Application development security program through implementation of grey box testing, vulnerability management and developers training on secure coding.
-Perform internal penetration testing exercises following PTES standard to identify technical controls gaps within the internal network based on The MITRE framework.
-Verifies security systems by developing and implementing test scripts
-Conduct internal information systems audit exercises to identify gap between our existing policies and our current environment.
-Oversee and maintain employees security awareness training program based on industry recommendations and current threats.
-Oversee enterprise email security program.
-Lead annual Menards PCI-DSS assessment.
-Advise in the planning and design of the IS enterprise Disaster Recovery Plan and BCP.
-Assist in risk mitigation, and fulfill security governance and best practices within the environment.
2016 : 2021
Menards
Information Security Analyst
-Developed, implemented, and documented formal security programs and policies
-Performed risk assessments and testing of data processing systems
-Provided implementation of new security controls in accordance with PCI DSS, ISO and other security frameworks.
-Performed weekly networking vulnerability scans and proposed mitigation plans to systems' owners
-Recommended security enhancements to management.
-Monitored overall organization’s networks for potential security incidents.
-Ensured authorized access by investigating improper access; revoking access; reporting violations; monitoring information requests by new programming; recommending improvements.
2014 : 2016
Arbonne International LLC
IT Security Consultant
Company: eMoney Advisor
Years of Experience: 11
Spoken Language: English, French