Bonface Asunga

Project: Onadata Product - Implementing AWS WAF and ModSecurity to protect Onadata SaaS deployments from external threats. - Led remediation efforts on Onadata microservices and cloud resources by developing monthly plans and status reports for the product team, achieving an 80% reduction in vulnerabilities over the past year. - Implementing and enforcing MFA on IAM permissions across 6 AWS accounts using Terraform, adding an extra layer of protection against unauthorised access.

Conducted internal and external security assessments as part of a contractual agreement. Project: Red Team (Confidential) - London-based company operating in East Africa that deals in the retail distribution of automobiles and automobile spare parts. Worked on a Penetration testing project in 2 of their regional offices based in Ethiopia and Djibouti. The scope covered their entire IT infrastructure comprising of HRM, CRM, and CMS applications .

- Coordinated weekly vulnerability scans and sharing automated vulnerability reporting trends with the IT Security and Infrastructure team. - Implemented an agentless FIM solution with SIEM dashboards for fraud detection on inter-bank transfers, ensuring PCI DSS compliance across 40+ bank servers and saving the bank on potential agent licensing costs. - Collaborated with the bank’s IT infrastructure team in implementing and managing an NAC solution that restricted unknown devices.