Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic

BENARD OBUA

Kampala

Summary

Dedicated Technology Solutions Engineer and Cyber Security Expert with a strong focus on Information Security Management Systems, Cloud technologies, Software Defined-WAN technologies, IoT and service delivery in the ICT and Telecoms sector. Proven track record in designing and implementing secure, high-performance network solutions. Committed to delivering innovative technology solutions to meet evolving business needs. Responsible for the continual enhancement and sustenance of new and existing security compliance and risk management programs and supporting the security interests of the organization across all security domains and technology environments. Leading and driving the compliance posture of organizations to include PCI DSS, SOC 1 and 2, ISO 27001, NISTand other industry related frameworks and standards. Expert in creating and updating compliance testing procedures for each assigned compliance test including scope of the test, key business contacts, documentation to review, risk control self-assessments and transaction testing sampling. Also perform follow up and reporting on findings throughout the implementation phase of the remediation process and validating that the remediation plan fully mitigated the findings. Experience includes working collaboratively with internal teams, SMEs, external customers, vendors, auditors, and other stakeholders. Over 13 years of experience in Technology, IT Security, Compliance, Audit and Assessment. Tasked with various IT Security and Compliance responsibilities within Commercial and Federal organizations, leading and managing audits, both internal and external, developing organizational documentations such as policy and procedures.

Overview

13
13
years of professional experience
1
1
Certification

Work History

Technology Solutions Engineer

MTN Uganda
09.2018 - Current
  • Led strategic business product development, lifecycle management, and implementation of secure, high-performance Technology Solutions with a scope covering; Broadband and Managed Data Network Services & IT Platforms capabilities and capacities, including Internet Services, ISP Solutions, L2/L3 VPNs, 2G/3G,4G APN Solutions, Corporate Voice and Conferencing Solutions, Dedicated Bandwidth & P2P Capacities, Mobile Data, Premium Voice & Bulk SMS services, Integrated Payments systems and Data Center Collocated, Hosted, Cloud, Security & Managed ICT Services.
  • Conducted vulnerabilities and risk analysis, ensuring network and software security.
  • Implemented and maintained security controls to ensure Voice over IP solutions (SIP trunks, Hosted PBX as well as legacy PRIs) are securely configured on the MTN core as well as at the customer’s LAN infrastructure.
  • Collaborated with cross-functional teams to deliver comprehensive ICT solutions.
  • Technical lead in SD-WAN technology adoption, providing secure and efficient network solutions.
  • Contributed to business case analysis, assessing cost-effectiveness of access technologies.
  • Provided pre-sales and post-sales technical support, ensuring customer satisfaction.
  • Presented technical capabilities to prospective customers, aligning product offerings with customer needs.
  • Analyzed data to coordinate installation of new systems or modification of existing systems.
  • Conducted regression testing and submitted observations to development team.
  • Enhanced system efficiency by identifying bottlenecks and implementing optimizations.
  • Streamlined processes for improved customer support, leading to increased client satisfaction.

Information Security Lead Consultant

Wasp Network Limited
04.2017 - Current
  • Own and maintain audit frameworks customized based on client's compliance requirements
  • Review evidence for assessment controls, evaluate operational effectiveness and provide feedback to assessor/reviewer
  • Report status of control assessments to key stakeholders
  • Perform and support external audit activities and evidence gathering
  • Knowledge and understanding of cloud infrastructure and application security best practices
  • Identify and recommend operational improvements to client, drawing on deep experience and industry specific knowledge of risks
  • Analyze complex issues to determine client impact and to suggest alternative solutions based on client needs and objectives
  • Manage communications with vendors, 3rd party service providers, company leadership, and client personnel
  • Responsible for compliance with all organizational engagement management requirements
  • Recommend improvements in security systems and procedures.
  • Conducted security audits to identify vulnerabilities.
  • Ensured business continuity during critical incidents by leading disaster recovery planning initiatives that accounted for various scenarios and risks.
  • Prepared comprehensive reports on the status of the organization''s information security efforts, ensuring transparency and accountability among team members.
  • Leads Compliance audit projects such as PCI DSS, ISO 27001 Cyber Essentials and customer audits.
  • Examines and evaluate internal controls based on various security and privacy standards (PCI, SOC 2, NIST, IS027001)
  • Manages PCI Compliance initiatives and annual recertification.
  • Supports ongoing GDPR compliance initiative by responding to privacy inquiries from EU subjects and organizations.
  • Manages content and deployment of annual security awareness training.
  • Develops and presents training and reference materials to users.
  • Develop organizational policies and procedures.
  • Aligns policies, standards, and procedures with compliance objectives.
  • Performs audit on compliance to policies and standards..
  • Conduct presentations and demonstrations to leadership, users, and partners.
  • Reviews Patching and Vulnerability Management, Change Management, Penetration testing reports.
  • Audits internal systems and controls against compliance and regulatory requirements.
  • Prepares metrics and reports for management on status of Compliance objectives.
  • Leads IT-related audits and examinations conducted by external auditors.
  • Presenting audit findings to management and stakeholders and ensuring timely remediation.
  • Review and responds to customer security questionnaire and contract reviews.
  • Manages repository for security related questions.
  • Create documentation, metrics, and diagrams for management reporting.
  • Maintains and develops Vendor Management procedures such as reviewing agreements and performing due diligence on vendor compliance initially and annually.
  • Remain up to date with current security and privacy related laws, regulations, and standards.
  • Represents Information Security Team by participating directly with projects and providing guidance for technology processes and procedures to be documented and assist in collecting necessary documentation to facilitate process.
  • Conducted rigorous testing of financial models, ensuring their reliability and relevance in real-world applications.
  • Enhanced customer satisfaction rates through detailed analysis of customer feedback data and subsequent improvements in service offerings.
  • Collaborated with cross-functional teams to identify opportunities for process improvement and increased efficiency.
  • Championed a culture of ongoing learning by developing training programs on relevant topics such as regulatory compliance, threat intelligence, and secure coding techniques.

High Level Support Engineer

ZTE Limited
09.2015 - 08.2018
  • Ensuring that Security policies are implemented and updated on all the network and core nodes and
  • Supported Layer 2 and Layer 3 Transmission Networks, including Fiber, Microwave, and 2G/3G/4G and VOIP technologies.
  • Implementing and managing Firewall solutions.
  • Integrated secure transmission solutions and provided high-level support to MTN Network Operation Center.
  • Implemented redundancy solutions for network fault tolerance.
  • Served as a transmission and security consultant for ZTE Nigeria, ensuring smooth equipment replacement.
  • Conducted root cause analysis and resolution for switching and transmission issues.

Switch Engineer- Fixed Lines

MTN Uganda
10.2011 - 08.2015
  • Maintained and upgraded hardware and software for fixed line nodes and transmission equipment.
  • Provisioned and troubleshooting of GSM, WiMAX, and Fixed Lines services.
  • Provided high-level support for fixed lines escalations and data services from the MTN NOC.
  • Ensured service integrity and billing accuracy.
  • Conducted routine checks on NGN Soft Switch and GPON Access Nodes.

Education

Master of Science - Technology Innovation And Industrial Development

Makerere University
Kampala Uganda
02.2023

Bachelor Of Science - Electrical Engineering

Makerere University
Kampala Uganda
01.2012

Skills

  • Training & Development
  • Incident Response Management
  • ISO 27001 Compliance
  • PCI Compliance
  • Implementing security programs
  • Microsoft Cloud 365 , Azure and Security
  • Leadership
  • VOIP Technologies
  • Audit
  • Cyber Security Protocols
  • Agile Methodologies
  • Customer Support

Certification

  • PMP Certification- PMI January 2024
  • Certified in Cyber Security- The International Information System Security Certification Consortium (ISC2)- March 2023
  • ISC2- Certified In Cyber Security Exam Development Volunteer
  • ISO 27001 Information Security Management Systems-Lead Auditor Certification - 2021
  • Microsoft Certified: Azure Fundamentals- Feb 2023
  • Microsoft Certified: Microsoft 365 Fundamentals- July 2023
  • Microsoft Certified Microsoft Azure Security Technologies Engineer- November 2023
  • Firewall training (Fortinet, SafeDNS, Cisco)
  • Lean Six Sigma Certified-White Belt
  • Computer Emergency Response Team (CERT) Training - AFNOG Uganda Conference 2019
  • IP Backhaul Operation and Maintenance - Huawei University 2016
  • Optix RTN 980L IP Long-Haul 2nd Line Operation and Maintenance- Huawei University 2014

Languages

English
Advanced
C1
French
Elementary
A2

Timeline

Technology Solutions Engineer

MTN Uganda
09.2018 - Current

Information Security Lead Consultant

Wasp Network Limited
04.2017 - Current

High Level Support Engineer

ZTE Limited
09.2015 - 08.2018

Switch Engineer- Fixed Lines

MTN Uganda
10.2011 - 08.2015

Master of Science - Technology Innovation And Industrial Development

Makerere University

Bachelor Of Science - Electrical Engineering

Makerere University

Similar Profiles

  • Richards Kataate

    Richards KataateRichards Kataate

    Customer Service Supervisor at MTN UGANDACustomer Service Supervisor at MTN UGANDA

    View Profile
  • BUULE JONATHAN

    BUULE JONATHANBUULE JONATHAN

    Customer Service Sales Representative at MTN UGANDACustomer Service Sales Representative at MTN UGANDA

    View Profile
  • David Keedi

    David KeediDavid Keedi

    Kyc Verification Admin at MTN UgandaKyc Verification Admin at MTN Uganda

    View Profile
BENARD OBUA