John Maina Kimaru
Download
Recommend
Messages
Share
J

John Maina Kimaru

About

Detail

Nairobi, Nairobi County, Kenya
Contact John regarding: 
work
Full-time jobs
Flexible work

Timeline

work
Job
school
Education
folder
Project (professional or personal)

Résumé

Jobs verified_user 0% verified
  • The Interaction Design Foundation
    Technology Risk & Cybersecurity Compliance
    The Interaction Design Foundation
    Jun 2022 - Aug 2024 (2 years 3 months)
    • Author and maintain System Security Plans (SSPs), Incident Response Plans (IRPs), and policy exceptions, ensuring alignment with NIST Cybersecurity Framework and organizational standards. • Create detailed incident response reports and security posture communications for stakeholders, supporting audit readiness and organizational preparedness. • Manage an evidence library for Cyber Risk Insights (CRI) within a Cybersecurity Risk Assessment Management System (CRAMS), enabling efficient self-assessments. • Collaborate with executives to document risk mitigation strategies and compliance artifacts, improving cross departmental GRC alignment. • Conduct risk and threat analyses by gathering information from business units and users to eva
  • Sun King
    Cybersecurity Risk & Threat Analyst
    Sun King
    Jun 2021 - Jan 2023 (1 year 8 months)
    • Drafted and updated access control policies, data classification guidelines, and incident response plans compliant with GDPR, HIPAA, and PCI DSS. • Documented implementation of Zero Trust, Endpoint Security, and Cloud Security controls across hybrid environments. • Ensure a secure digital environment as a Cybersecurity Professional assigned to the solar panel manufacturing division, resulting in enhanced organizational security • Write detailed incident response reports/documentation for cybersecurity incidents, enabling swift resolution and learning from past incidents • Maintain compliance with legal and regulatory requirements such as GDPR, HIPAA, CCPA, SOX, GLBA, HITECH and PCI DSS, including timely reporting of security incident
  • A
    Internship (IT Engineer | Network | Security |Administrator)
    Amicus Sacco and Savings
    Jan 2018 - Jan 2021 (3 years 1 month)
    • Contributed to IT compliance documentation, including network configuration logs, system hardening procedures, and security update records. • Monitored/maintained networks and servers, ensuring optimal functionality by upgrading, installing, and configuring new hardware and software • Installed high-level software and addressed networking issues promptly, while also ensuring the security software was consistently updated to mitigate potential threats • Ensured seamless day-to-day operations by verifying the proper functionality of network(s) and addressing any issues • Documented important information to the corporation and supervisors for proactive cybersecurity measures • Observed approximately 14 medical offices, maintaining dire
Education verified_user 0% verified
  • University of Nairobi
    Cyber Security Immersive Boot Camp
    University of Nairobi
    Jan 2022 - Jun 2022 (6 months)
  • M
    Bachelor’s Degree in Mathematics and Computer Science
    Meru University Of Science And Technology
    Sep 2012 - Jan 2016 (3 years 5 months)
Projects (professional or personal) verified_user 0% verified
  • P
    Project: Developed a Lead Generation Business Model for a Solo Service Provider
    Sep 2023 - Dec 2024 (1 year 4 months)
    I freelanced for a client launching a consulting practice who needed a clear path to attract and convert clients. They had expertise but no system for generating leads or positioning their offer. I designed a lean business model focused on low-cost, high-impact outreach. I started by clarifying their core service and ideal customer, then built a simple messaging framework that turned their skills into clear client benefits. I created a step-by-step outreach plan using email and follow-up sequences that were easy to execute and track.