Jeff Karanja

Experience

• 

  Verizon Wireless, Inc

  Sept 2007 - Jul 2008

  IT Service Center Analyst

  • Support over 80,000 employees, 26 call centers and 2600 Verizon Wireless communication stores and nationwide business locations by providing technical support, remote troubleshooting and infrastructure issues resolution. Support various business entities including Verizon Wireless Inc, Verizon Business Inc and multiple contractors, vendors and outsourced call centers.• Took part in the design and implementation of new documentation and case-transfer procedures department-wide to reduce call-backs and streamline transfer of case ownership. Show less

• 

  PepsiCo, Inc

  Aug 2009 - Aug 2010

  Help Desk SME (Subject Matter Expert) - VPN, Network Voice Operations

  • Act as SME (Subject Matter Expert) for network operation issues relating to VoIP telephony, switch, router, link issues, outages and availability. Become the first point of contact for entire PepsiCo Support Center (PSC) regarding these issues and act as liaison between Network Voice Operations / Network Operations team and helpdesk.• Evaluate and prioritize network issues per ITIL (Information Technology Infrastructure Library) guidelines, urgency and impact. Attempt to resolve issues by providing additional troubleshooting and communicating non-resolved issues to back-line team(s). Update customers on status of tickets per Service Level Agreement (SLA) guidelines and verify customers are satisfied with resolutions (where necessary).• Participated in corporate-wide project deployments such as the conversion of over 50,000 employees from Legacy aplhanumeric ID's to Identity Management's Global Personnel ID's (GPID) in order to synchronize legacy systems with current and future databases. Show less

• 

  AT&T

  Sept 2010 - Dec 2010

  Network Support Analyst

  • Part of 30-member team troubleshooting and ensuring correct provisioning for AT&T subscribers for the following optical transport types: FTTN/FTTN-BP (Bonded pair), FTTC, FTTP/FTTP-GPON and IPDSLAM.• Use network monitoring tools to actively troubleshoot line issues, actively correct provisioning and proactively check for any possible future issues by conducting standardized test to ensure minimum thresholds are met.

• 

  Serianu Limited

  Sept 2016 - Jun 2022

  Principal Cybersecurity Consultant

  • Act as project lead for all remediation efforts for clients including, but not limited to, POC demonstrations, testing, security controls implementation, e.g. Web Application Firewall (WAF) deployment, internal PKI infrastructure deployment, File Integrity Monitoring (FIM) solution deployment, SIEM deployment, etc.• Deploy, configure, test and perform health checks on network inventory software/hardware on bare metal, virtualized environments (Hyper-V, VMWare ESXi) and cloud environments (MS Azure, AWS)• Conduct Vulnerability Assessment and Penetration Testing (VAPT) for various clientele, primarily in the financial, insurance and manufacturing sectors • Perform incident and event management including real-time monitoring, correlation of events/notifications, analysis, and incident response using SIEM, Security Onion and ad hoc analysis tools• Identify, categorize, prioritize, and investigate security events on an ongoing basis • Ensure security events are detected and/or responded to within established timelines and/or SLAs as required • Perform periodic network inventory management/scanning, web application vulnerability testing, and server/network node security policy adherence • Interface and collaborate with internal teams, senior management as well as external vendors to support the client’s IT infrastructure Show less

• 

  KCB Bank Group

  Nov 2022 - now

  Cybersecurity Analyst, DevSecOps

  · Represent Group Cyber Security in assigned implementation projects and scrum teams to ensure all applications and changes meet set information security requirements before introduction to production environments· Contribute to the definition, documentation, and implementation of software security policies, secure coding practices and guidelines for the bank in line with industry best practices and technologies commensurate with risk and regulatory requirements· Consistently provide security requirements to developers and third parties to adhere to and comprehensively implement the Bank’s software security assurance framework by carrying out security and risk assessments of application and software changes· Collaborate with Enterprise Architecture and Business Application Development teams to identify application/software security improvements and plug-in identified security controls in DevSecOps tools· Contribute to formulation and conducting of regular trainings on secure coding, software security and application security practices for KCB technology teams at regular intervals· Contribute to the identification, integration, and maintenance of application security tools, such as SAST and DAST tools, standards, and processes into the software development or product life cycle (SDLC / PLC), and CI/CD pipelines· Perform security and risk assessments for business solutions to identify inherent security risks and provide recommendations for addressing such risks· Create, and deliver software/application security compliance and testing reports and relevant metrics to the Bank’s Senior Management· Collaborate in the continuous monitoring and defence of the Bank’s critical applications, such as core banking, and digital channels, for cybersecurity threat indicators; report on violations and security measures taken to address threats· Protect the bank’s applications and systems by defining and reviewing access privileges and other security control structures Show less