Highlights:Successfully led the ISO 27001 and ISO 22301 certification processes across 37 countries for a leading pan-African financial group. Integrated AI-based threat detection and cloud-based risk platforms, resulting in enhanced incident response and no financial losses during major disruptions. Recognized for strategic leadership in aligning security initiatives with business transformation goals.

Skills:cybersecurity, Information Assurance, Business Continuity, Incident Response, IoT, Risk Management, Governance, Risk, and Compliance (GRC), ISO 27001, ISO 22301, Cloud Security, Data Privacy, Disaster Recovery, Regulatory Compliance, Cyber Risk Assessment, AI in Cybersecurity, Business Impact Analysis (BIA), Data Governance Framework, Research, Security Awareness Training, Coaching

Goal:To secure a leadership role in cybersecurity governance or enterprise risk management within a global organization, where I can leverage my academic research and 15+ years of industry experience to drive digital resilience, regulatory compliance, and secure innovation across complex environments.

Membership:(ISC)² – International Information System Security Certification Consortium Member, Global Business Continuity Institute (BCI)

Certification:ISO 27001:2022 Lead Implementer & Auditor (BSI) ISO 22301:2019 Lead Implementer & Auditor (BSI) Certified Ethical Hacker (Learning Tree UK) Global Industrial Cyber Security Professional – GICSP (Firebrand UK) ITIL Foundation, COBIT 4.1 AI 100/200 Certification – Capella University Risk Management in Banks (SBI) Data Analysis Essentials (Imperial College London)

Honor:5-Time President’s List Honoree – Capella University 2-Time AI Innovation Award Recipient – Capella University Best Doctoral Student of the Year – 2025 Employee Excellence Award – Ecobank Transnational Incorporated

Group Manager, Business Continuity Management 01/2017 - current
Ecobank Transnational Incorporated, Accra, Greater Accra Ghana
Industry: Bank
Lead and supervise a team of specialists to ensure optimal business continuity and disaster recovery operations. Review and update BCM policies and strategies in response to emerging threats, trends, and technologies. Maintain strong communication with cross-functional leaders to ensure regulatory compliance and alignment with best practices. Apply expert knowledge to recommend infrastructure improvements that enhance organizational resilience.
• Led implementation and certification activities in over 37 countries across Africa, the Middle East, and Europe, to support the optimal functionality of effective management systems. • Act promptly to analyze and respond to security alerts and incidents, coordinating with other departments as necessary. • Manage vendor relationships, including selecting, contracting, and overseeing third-party security services and products. • Oversee the security budget to ensure the efficient allocation of resources and cost-effective security solutions. • Ensure that the various BCM strategies and activities are consistent and connected in terms of objectives as well as compatibility, and conform to the enterprise BCM strategy and relevant ISO standards • Align and exchange with corporate BCM to ensure the coherence between corporate, business, and technology BCM strategies • Support and facilitate communication amongst all stakeholders to drive strategic alignment and consistency of distinct BCMS parts • Minimised impactful issues through rigorous risk assessments and astute integration of corrective action and mitigation strategies. • Enabled operational readiness by regularly monitoring mandatory testing practices and exercises. • Increased organizational awareness for business continuity management through proactive communication and delivery of highly engaging training sessions.--
Group Information Security Manager 05/2013 - 01/2017
Ecobank Transnational Incorporated, Accra, Greater Accra Ghana
Industry: Bank
Supported technology end-users in adopting practices to enhance the organization’s efforts in championing network security across services, applications, and database platforms. Monitored the existing security infrastructure to identify opportunities for improvement, enhancement, and optimization—reviewed skills among specialists to identify knowledge gaps and developed comprehensive plans to enhance team skills and capacity.
• Create, maintain, and enforce security policies and procedures in line with organizational and industry standards. • Utilize advanced monitoring tools to oversee security systems, detect unauthorized access, and prevent security breaches. • Manage, train, and supervise security staff, including deployment, scheduling, and performance • Assumed additional responsibilities upon appointment to coordinate cross-border risk assessment initiatives. • Identify potential security risks and develop prevention, mitigation, and response strategies. • Develop and lead training programs to increase organizational awareness and understanding of security policies and best practices. • Prepare regular reports on security status, incidents, and response activities, providing senior management with insights and recommendations. • Assess and implement cutting-edge security technologies to enhance the organization’s security posture. • Prevented deficiencies across internal controls to combat excess spending, fraud, or non-compliance with laws, regulations, and corporate policies. • Pioneered a collection of troubleshooting guides that supported technicians and specialists in acceptance and upgrading procedures.--
IT & Security Governance Manager 01/2008 - 05/2013
IBM, EMEA, Kenya
Industry: Tech
Executing the company’s information security plan, protecting computers, networks, and data against viruses, security breaches, and malicious hacker attacks.
• Demonstrated exceptional understanding of governance processes and network security controls. • Built productive trust-based relationships with internal and external stakeholders to advance department goals, priorities, and objectives. • Building an Information Security organizational structure aligned with the business strategy and an appropriately skilled team of 80+ permanent resources to ensure adequate support for the business. • Built and operated a Security investigation and Forensic department utilizing state-of-the-art technologies, staffing, and processes to deliver forensic services to organizations with defined Service Level Agreements (SLAs) and Operational Level Agreements (OLAs), ensuring the effective delivery of these services. • Built Security Operation Center (SOC) provides security services, including 24/7 security event monitoring, vulnerability management, anti-fishing, threat management, and social media-related threat remediation. • Developed and implemented an effective Business Continuity Management, Crisis Management, and Disaster Recovery Program, ensuring ongoing service resiliency across the organization. • Developed Security Policies, standards, processes, and procedures to ensure information security services are embedded as business-as-usual activities. • Ensure industry and Regulatory compliance are achieved and maintained throughout; this includes ensuring cyber-related compliance as well as data protection laws--
Postpaid Administrator 11/2007 - 01/2008
Airtel International Limited, Dar es Salaam, Kenya
Industry: Telecom
Managed and supported the operations of postpaid mobile services, ensuring accurate billing, customer account management, and service provisioning. Acted as a liaison between technical teams and customer service to resolve account issues, optimize system processes, and enhance service delivery efficiency.
Monitored and maintained postpaid billing systems to ensure accuracy and timely invoicing. Managed customer account activations, upgrades, suspensions, and terminations in accordance with service policies. Resolved billing disputes and coordinated with technical support to troubleshoot system-related issues. Generated usage and revenue reports to support business decision-making. Ensured data integrity across CRM and billing platforms by conducting routine audits and reconciliations. Supported customer service teams by providing account insights and resolving escalations. Collaborated with IT and finance departments to streamline billing workflows and reduce revenue leakage.--
Senior System Administrator 01/2006 - 12/2007
Zanzibar Telecom Limited, Dar es Salaam, Tanzania
Oversaw the administration, configuration, and maintenance of enterprise IT infrastructure, ensuring high availability, performance, and security across systems. Provided expert support for servers, networks, and business-critical applications while leading infrastructure upgrades and managing incident resolution.
Administered Windows and Linux servers, ensuring system reliability, backups, and disaster recovery readiness. Implemented system patches, updates, and security configurations in compliance with IT policies. Led troubleshooting of complex hardware, software, and network issues, minimizing downtime. Monitored system performance and usage metrics to proactively identify and resolve bottlenecks. Managed user accounts, permissions, and access control across enterprise platforms. Oversaw infrastructure upgrades and system migrations with minimal business disruption. Collaborated with cybersecurity teams to harden systems and respond to emerging threats. Provided Tier 3 technical support and mentored junior administrators.--

Bachelor of Science in Computer Science 04/2005 - 10/2008
Dar es Salaam, Ilala, Tanzania
Degree: Bachelor's Degree
Major:Information Technology
Minor:Computing and Information Systems
Completed a Bachelor of Science in Information Technology with a minor in Computing and Information Systems. Gained foundational knowledge in programming, database design, computer networks, and systems analysis. Developed practical skills in IT infrastructure, support services, and technical troubleshooting across academic and internship projects.

Zaituni Mmari_CV Cybersecurity, business continuity, information security