Leading cross-functional security initiatives across cloud detection, control engineering, and emerging compliance programs.

• Leading cloud detection and response design using AWS CloudTrail telemetry and MITRE ATT&CK mapping for stronger cloud-native threat visibility.
• Driving privacy and security control implementation for NDPR, Kenya Data Protection Act, and upcoming regional obligations with structured control mapping.
• Embedding RBI, IRDAI, and SEBI-aligned requirements into architecture controls, IAM workflows, and audit-ready documentation.
• Preparing an internal risk management framework to enable continuous validation of technical and administrative controls.

Focused on foundational data protection work, security testing, and internal control improvements.

• Conducted security testing to identify vulnerabilities, assess exposure, and support remediation.
• Worked with infrastructure teams to implement DLP-oriented safeguards for sensitive information.