Nancy Muriithi, CISSP,

Experience

• 

  SheHacks KE

  Jan 2020 - now

  Coordinator-Programs and Operations

  In my current role as the Lead Coordinator for Shehacks KE Programs, I actively spearhead and coordinate various initiatives aimed at promoting cybersecurity and empowering individuals across different age groups. Within Shehacks KE, I oversee and manage the implementation of three key programs: the Campus Outreach Program, the High School Program, and the Kids Security Program.As part of the Campus Outreach Program, I am responsible for designing and delivering comprehensive cybersecurity training to students. This program equips them with the necessary technical and non-technical skills required to excel in the field. Additionally, I lead and support the various campus communities throughout the country, fostering collaboration and knowledge-sharing among aspiring cybersecurity professionals.Within the High School Program, I play a pivotal role in guiding and mentoring students who are embarking on their journey towards a technical career. By providing guidance, resources, and hands-on experiences, I help them develop a solid foundation and ignite their passion for cybersecurity.The Kids Security Program is another vital component of Shehacks KE's mission. Through this program, I educate both children and parents on the importance of creating a cyber-safe world for themselves and their families. By raising awareness and providing practical guidance, I aim to instill good cybersecurity habits from an early age, ensuring a safer digital environment for all.By leading and coordinating these programs, I actively contribute to the vision of Shehacks KE in empowering individuals and creating a safe cyber world. I am deeply committed to nurturing talent, raising awareness, and fostering a strong sense of security consciousness among different communities.If you are interested in connecting or learning more about Shehacks KE's initiatives, please feel to connect. Show less

• 

  Women in STEM Leaders | Network

  Feb 2020 - Nov 2021

  Chief Technology Officer & Head of Outreach

  I worked with a team of amazing and committed engineers who are passionate about the women empowerment in STEM careers. I play an active role of overseeing the technical infrastructure for Women in STEM network.i also lead trainings which are both technical and non-technical skills.It's my passion to support and empower mentees in my country and Africa as a whole to take up more tech related roles as tech is the future.Highly passionate on advancing SDGs 5 & 9

• 

  Mossé Cyber Security Institute

  May 2020 - Jun 2021

  Cyber Security intern

  Melbourne, AustraliaI am currently interning with Mossé Cyber Security Institute in their Remote Internship Programme in order to develop and acquire the industry desired practical skills. The experience I gain through successfully completing their practical skills Internship Programme will provide me with professional confidence, acumen and experience to apply for any industry technology or security team position. This also positions me to provide the rigour to research and deliver appropriate technology solutions, thus becoming a valued member of the IT community.Some of the skills this remote internship programme imparts:• Perform network vulnerability scans• Exploit vulnerabilities with Metasploit• Identify and exploit web application vulnerabilities without tools• Write custom offensive security tools to aid Red Teaming operators• Assess the security settings of Windows machines and harden them• Hunt for malware using YARA• Hunt for threat actors on Windows networks using Python• Defend web applications against common vulnerabilities Show less

• 

  HackerOne

  Sept 2020 - May 2022

  Web App Security researcher

  I study malicious programs such as malware and the processes they use to exploit systems, and then use that insight to address and eliminate vulnerabilities. They compile threat intelligence and analytics, and create data-driven solutions or propose recommended actions that can protect against these malicious programs.I hunt for bugs on platforms like bug crowd and HackerOne.

• 

  Fr334aks

  Jul 2021 - Sept 2022

  CTF player
• 

  MPESA Foundation Academy

  Nov 2021 - Oct 2023

  Professional Mentor

  I am honored to be a part of the esteemed mentorship team at Mpesa Foundation Academy, where I have the privilege of inspiring and guiding students to become the next generation of IT professionals.In my role as a mentor, I actively engage with the students, sharing my expertise and experiences in the field of information technology. By providing guidance, support, and practical insights, I aim to cultivate their passion for IT and help them navigate their educational and career paths.I am committed to fostering a positive learning environment where students can explore various IT disciplines, discover their strengths, and develop the necessary skills to thrive in the industry. Through mentorship sessions, workshops, and one-on-one interactions, I encourage critical thinking, problem-solving, and creativity, empowering students to unlock their full potential.I understand the importance of staying updated with the latest industry trends and technologies. As a mentor, I continuously enhance my knowledge and skills, ensuring that I provide relevant and cutting-edge guidance to the students. By sharing real-world experiences and industry insights, I aim to bridge the gap between academia and the IT industry, preparing students for the challenges and opportunities that lie ahead.Being a part of the Mpesa Foundation Academy mentorship team allows me to contribute to the personal and professional development of young minds, inspiring them to pursue successful careers in IT. I am grateful for the opportunity to make a positive impact and shape the future of these talented individuals. Show less

• 

  GitGuardian

  Nov 2021 - Aug 2022

  Contract Technical Writer

  I am responsible for writing, editing, and rephrasing various technical concepts pertinent to the industry technology and software into easy-to-understand technical documents.I write about all matters cloud security and DevSecOps.

• 

  Silensec

  Jun 2022 - Jun 2023

  Security Consultant
• 

  CYBER RANGES

  Jun 2022 - Jun 2023

  In my role as the Quality Assurance Lead for the Cyber Ranges product and service, I am entrusted with the responsibility of developing and maintaining high-quality standards throughout the production process. By conducting rigorous testing and diligently identifying potential issues, I ensured that our Cyber Ranges product and service meet the highest standards of excellence and reliability.My primary focus is on ensuring that our Cyber Ranges, which simulate realistic cybersecurity scenarios, perform optimally and provide an effective training and testing environment for our clients. By adhering to strict quality control procedures, I contribute to the delivery of a top-notch product that empowers organizations to enhance their cybersecurity preparedness.In collaboration with cross-functional teams, I design and implement comprehensive testing strategies and frameworks to evaluate the performance, functionality, and security of our Cyber Ranges. Through meticulous testing, I proactively identify and address any potential vulnerabilities or flaws, enabling us to deliver a robust and secure product to our clients.Additionally, I work closely with developers, project managers, and stakeholders to analyze and document requirements, ensuring that our Cyber Ranges align with the evolving needs of our customers. By continuously refining our quality standards and processes, I contribute to the overall improvement of our product's performance and reliability.In this role, I embrace a proactive approach to quality assurance, constantly seeking innovative solutions and staying up to date with industry best practices. By fostering a culture of continuous improvement and collaboration, I drive our team's commitment to delivering exceptional Cyber Ranges that exceed customer expectations. Show less

  • Quality Assurance Team Lead

    Jan 2023 - Jun 2023

  • Community Coordinator

    Jun 2022 - May 2023
• 

  Platcorp Group

  Jun 2023 - now

  - Developed and implemented comprehensive GRC frameworks to align with industry standards and regulations.- Led risk management and compliance initiatives to ensure robust security governance and regulatory adherence.- Designed and executed engaging cybersecurity training programs, tailored to address company-specific security challenges.- Managed the creation of interactive cybersecurity courses for the company’s learning platform, enhancing staff awareness.- Spearheaded security policy development, aligning them with business goals and driving continuous improvement.- Formulated strategies for business continuity and disaster recovery, ensuring organizational resilience.- Designed and implemented secure IT architectures integrated with enterprise risk management.- Led cross-functional teams in the deployment of innovative security technologies and process automation.- Conducted internal and external audits, collaborating with partners to ensure compliance and mitigate risks.- Led crisis management during security incidents, overseeing incident response and post-incident reviews.- Mentored and developed junior cybersecurity professionals, fostering a culture of continuous growth and excellence. Show less - Spearheaded IT Security Strategy: Led the daily operation and strategic implementation of IT security measures, ensuring robust protection across the organization.- Continuous Security Enhancement: Proactively assessed current IT security practices, identifying and implementing improvements to strengthen the company's cybersecurity posture.- Strategic Partnership Management: Collaborated with security partners to conduct timely security audits and comprehensive risk assessments, ensuring the organization remains compliant and secure.- Advanced Email Security Solutions: Provided Level 2 support for email security, resolving complex issues and safeguarding sensitive communications.-User Awareness & Training: Successfully orchestrated quarterly user awareness sessions for the group and its 15 subsidiaries, fostering a security-first culture.- Change Management & IT Capabilities Development: Led critical change projects and developed new IT capabilities to enhance operational efficiency and security resilience.- Business Continuity & Disaster Recovery: Implemented robust business continuity plans, ensuring seamless service continuity during change initiatives, security breaches, or disaster recovery scenarios.- Risk Mitigation Strategies: Devised and executed IT solutions to minimize cyber-attack risks, reducing potential vulnerabilities and enhancing overall security.- Server Security Optimization: Conducted server scans, identified vulnerabilities, and implemented proposed changes to maintain a secure and compliant IT infrastructure. Show less - Security Monitoring: Continuously monitor the organization’s networks and systems for security breaches or intrusions.- Incident Response: Respond promptly to security incidents and coordinate efforts to contain and mitigate damage.- Risk Assessment- Conduct regular assessments of potential security threats and vulnerabilities, implementing measures to mitigate them.- Policy Development: Develop and enforce cybersecurity policies and procedures to protect the organization’s digital assets.- Security Training :Educate employees on cybersecurity best practices and ensure compliance with security protocols.- Compliance: Ensure the organization meets all relevant regulatory requirements related to cybersecurity.- Collaboration: Work with other departments to integrate security measures across all business operations. Show less

  • Cybersecurity architect

    Aug 2024 - now

  • Lead Security Officer

    Dec 2023 - Aug 2024

  • Cyber Security Engineer

    Jun 2023 - Dec 2023
• 

  GERMAN X

  Nov 2023 - now

  Startup Mentor

  As a mentor affiliated with GermanX (UPSTART GmbH) based in Kenya, my role is integral to fortifying German tech startups and corporations through an innovative scale-up program. This pivotal position significantly contributes to the global scalability of technology-driven innovation, placing a primary emphasis on providing strategic planning support for engagement with both the Government and Private sectors. The focal point of my efforts lies in sustainability management and fostering a circular economy business approach, with the overarching goal of assisting esteemed organizations in their technological growth.My mission is to support German tech corporates and startups in understanding, discovering, and establishing a foothold in the Kenyan market. I achieve this by connecting them with local startups, tech investors, accelerators, universities, as well as passionate community builders in Kenya.Moreover, I actively facilitate the exchange between German and Kenyan tech innovation ecosystems. My focus is on accelerating knowledge sharing and network building to create a dynamic platform for collaboration and growth. Through mentoring, I aim to empower German tech entities to navigate and thrive in the Kenyan landscape, fostering a mutually beneficial relationship between the two innovation ecosystems. Show less