BRYAN OWINO PROFILE
BRYAN OWINO
+254 - / +254 --Cyber Security Professional with Over 10yrs in Information/Cyber-Security, Corporate IT
Compliance, Controls and Governance, Cyber-Security Audit/Awareness/Behavior and Culture
change
Bryan is a highly motivated, energetic and diligent Information Security Professional with a
broad range of experience, excellent communication and organizational skills and is adept at
working on his own initiative and as part of a team and displaying first class administrative and
problem solving skills.
Bryan has vast experience in the following domains of information systems security mentioned below.
System, Network and Web Penetration Tester. Ethical Hacking, Vulnerability
Assessment, PCI-DSS, ISO27001, OWASP, OSINT, Security Audit and Digital Forensics.
ICT security consultant, security product implementation.
Improving performance, security and robustness of I.T. networks, systems and
applications.
Information security course instructor.
ACHIEVEMENTS AS AN INFORMATION SYSTEMS SECURITY
PROFESSIONAL/CONSULTANT
GOVERNMENT OF KENYA – OFFICE OF THE PRESIDENT
Offensive information systems security project (NDA).
MINISTRY OF DEFENSE
I.T. Security Consulting (offensive, defensive and digital forensics)
OSINT (Open Source Intelligence)
INTERNATIONAL INSTITUTE OF CERTIFIED FORENSIC INVESTIGATION PROFESSIONALS INC
(www.iicfip.org)
As the world's unique organization that not only brings together forensic accounting investigators but
also provides forensic investigation skills training to all that are interested in forensic investigations.
Bryan designed the training for digital forensics to be used by the institution and also does the training
as well. And also Bryan is the lead digital forensics investigator for the consulting department.
1|Page
BRYAN OWINO PROFILE
Projects done in collaboration with IICFIP (International Institute of Certified Forensics
Investigation Professionals) - http://www.iicfip.org/
Malawi Revenue Authority
Ant-corruption Bureau - Malawi
Federal Inland Revenue Services - Nigeria
Civil Aviation Authority – Uganda
Kenya Meat Commission – fraud case
Local Government of Namibia
Swaziland Revenue Authority
The e-Enhancement Centre (http://e-enhancement.com/)
The e-Enhancement Center, is an internationally recognized Information Communication
Technology (ICT) consultancy firm, providing services to organizations in the government, public
networks, corporate sectors and International NGOs.
Our main agenda is promotion of ICT and Telecom standards through facilitation of various
forums (Conferences, Seminars and Capacity Building Programmes) meant to equip the industry
players with relevant and up-to-date information vital to the sound management of
organizations through application of the modern ICT in various business sectors.
COMPUTER PRIDE (www.computer-pride.com)
Established in the 1990, Computer Pride Ltd is one of the leading computer firms that have a Centre that
is specialized in providing training services on Information technology. Bryan is the official trainer for EcCouncil courses that include the famous C|EH.
THE NAIROBI LAW INSTITUTE (www.nbilawinstitute.com)
The Nairobi Law Institute’s mission is to provide quality paralegal education and training to students
seeking careers in the field of law as well as to provide a basis for Continues Professional Development
(CPD) for members in the legal fraternity. Bryan is often called time by time to speak in seminars
concerning the topics on digital forensics.
KENYA INSTITUTE OF DATA AND FORENSIC SYSTEM
Kenya Institute of Data and Forensic System (www.kidfs.co.ke) – Safaricom and NBK
(National Bank of Kenya) – Provided Defensive Solutions.
FINANCIAL INSTITUTIONS
Bryan helps financial institutions to identify vulnerabilities and mitigate for safety of information assets
and compliance issues like PCI/DSS and ISO27001.
2|Page
BRYAN OWINO PROFILE
He works closely with the I.T. and Information System Security department to help them realize there
objectives.
EDUCATION
BSc: I.C.T. & Management (Maseno University)
Various Courses
Certified Ethical Hacker (Ec-Council): ECC957443
Certified Hacking Forensics Investigator (Ec-Council): ECC-
VMware (vsphere 5): VCP135987
Cisco Certified Network Administrator (CCNA) and CCNA Security #
CSCO-
Microsoft Certified Technology Specialist (MCTS) #-
o
o
o
Windows server 2008 Active Directory, Configuring
Windows server 2008 Network Infrastructure, Configuring
Windows server 2008 Application Infrastructure, Configuring
TECHNICAL SKILLS AND KNOWLEDGE AREAS
RDMS:
Development Tools:
Web technology:
Languages:
Operating systems:
Software:
Others:
Access, SQL database suite.
Visual Basic
HTML, JavaScript, CSS
Visual Basic, C, C++, Python, Perl, Java(basics)
Windows 2k, Windows Server-, Linux/Unix
MS Office 2003/2007, Open office
Virtualization (VMware and Xen), Vyatta (Routing, firewall and
VPN), Cisco (Routing, switching and firewall). And still learning
Since having been certified with various ICT certifications Bryan has been able to ground up his
expertize which includes the following:
Operating systems; Distributed systems; Operational Security; Reverse Engineering; Virus
Proficiency; Penetration Testing, Computer Vulnerabilities, Attack scripts and exploits,
Computer Programming, Proficiency in Web Application Security, Social Engineering, and still
learning new skills to improve my expertise.
3|Page
BRYAN OWINO PROFILE
ACHIEVEMENTS
1. Safaricom information security contract for 3 years that ended in 2015. In collaboration
with sensepost of South-Africa.
2. Curriculum and course design:
Introduction in Computer Forensics for Kenya Institute of Data and Forensic
System (www.kidfs.co.ke).
Introduction in Computer Forensics for Mount Kenya University.
Information Security Seminar Held at the New Stanley Hotel
(http://www.nbilawinstitute.com/events.php), The Nairobi Law Institute
(www.nbilawinstitute.com)
Practical Digital Forensics Course for IICFIP (International Institute of Certified
Forensics Investigation Professionals)
IT Security Courses for The e-Enhancement Centre.
3. Vulnerability Assessment and Penetration Testing for Meridian Medical Center.
4. Vulnerability Assessment and Penetration Testing for Kisii County Government.
5. Vulnerability Assessment and Penetration Testing for www.hortinews.co.ke.
6. Exploratory Forensics for SBC Holdings (Pepsi East-Africa Franchise holders).
7. Information System (External) Network Perimeter analysis for Kengen.
8. Contributor to Kenya Information Technology Professionals group on Linkedin.
9. Information Security; research and training.
10. Linux/Unix OS independent course work (Advanced concepts and systems
management).
11. Open Source Technologies also self-taught (Firewalls, Routing, Virtualization, MIS-CRM
etc).
12. Various conferences relating to IT and Information Security.
13. Participant in HackBattle (Kenyan Edition).
4|Page
BRYAN OWINO PROFILE
14. Information Security trainer.
15. Government Web Application Audit (Details are NDA)
16. Breaking and rebuilding of anything I have interest in so as to know how it works.
SOFTWARE
1. Network Penetration Test: Core Impact, Immunity Canvas, Metasploit
2. Network VA: Nessus/OpenVas, Nmap, Amap, GFI Languard, IBM ISS
3. Web App/Services VA: HP/SPI Weblnspect, IBM/Watchfire Appscan, Acunetix WVS,
Parasoft SOAtest
4. URL Manipulation: Burp Proxy, OWASP ZAP, Paros, w3af
5. DataBase Security: SQLninja, SQLmap, Havij
6. WiFi test: Aircrack, airtools, Kismet, NetStumbler, WirelessTools, BackTrack, Core
Impact
7. Password guessing: THC Hydra, Brutus, HP/SPI WebBrute, Wfuzz
8. Network Analysis: Ethereal/Whireshark, Tcpdump, Ettercap, Dsniff, Cain & Abel,
Nagios, Snort IDS
9. Computer Forensic: TCT/S!euthKit/Autopsy, dd/dcfldd/dc3dd, air-imager, Encase, FTK
10. Password cracking: John the Ripper, LophCrack (LC5), Crack, Cain,
11. RevEng/Debug/Code Review: OllyDBG, HexEditor, IDA, Parasoft .TEST, HP/Fortify
RATS/SCA, Flawfinder
12. Custom Virus: Keylogging, screenshot, autoupdate, DNS redirect, Skype,
antivirus/firewall, encryption
13. System administration: MS Windows, Linux,
14. Encryption: FreeOTFE/Truecrypt/BitLocker/LUKS-dm-crypt/ecryptfs, CryptCat,
OpenVPN/PPTP/L2TP, GPG/PGP
5|Page
BRYAN OWINO PROFILE
PROJECTS DONE:
ORGANIZATION
NATURE OF WORK
CONTACT PERSON
CONTACT(S)
Feed the Children
Information
Systems Security
Analysis
Wilfred Atisa (I.T.
Manager)
-
Associated Battery
Manufacturers (East
Africa) Limited
Vulnerability
Assessment and
Penetration Testing
(Internal and
External).
Dennis Gachamba
(Group I.T. Manager
ABM Group)
-
Onsite training also
done to the IT
team.
UNICEF (Ethiopia)
Information
Systems Security
Analysis plus
training on the
same
Yogendra Rai (ICT
Manager)
-
MOD/DOD Kenya
NDA
Edward Githinji
(Captain)
-
KENEX (Kenya
Commerce Exchange
Services Bureau LTD)
Vulnerability
Assessment and
Penetration Testing
(Internal and
External)
Jyoti Ranpara
(Director ICT)
-
IICFIP (International
Institute of Certified
Forensic
Investigation
Professionals
)
All Digital Forensics
Projects
Schmechael Peter
(Business
Developer, Risk
Manager)
-
Kisii County
Web Application
Penetration Testing
Ben Onyatta (ICT
--
6|Page
BRYAN OWINO PROFILE
and Training on
Web Application
Security
Officer)
NBK (National Bank
of Kenya)
-I.T. Security Analysis Iptisam Hassan
and Ethical Hacking (Head of
Information Security
Training
at National Bank of
Kenya)
KENHA (Kenya
National Highways
Authority)
I.T. Security Analysis Handerson Njumwa
and Ethical Hacking Mwasogona (ICT-A
Northeastern
Training
region)
I.T. Security Analysis Nicholas Musee (ICT
and Ethical Hacking Officer Somalia
Program)
Training
-
Digital Forensics
and I.T. Security NDA
-
World Vision
NAIROBI AREA CID
HEADQUARTERS
MARTIN LUTHER
BWANGAH
ONG’ANYO (POLICE
INSPECTOR) In
charge Cyber Crime
unit. 2007 – 2010
-
7|Page
BRYAN OWINO PROFILE
REFEREES
Sosthenes Nyabuto Bichanga
Founder/CEO
IICFIP Incorporation (www.iicfip.org)
--Wambari Kagungo
Head of Training
Computer Pride (www.computer-pride.com)-M: +254 -
Tel: -,-
Carol Gichanga,
Training Manager – Kenya Institute Data & Forensics System-,-M: +254 -.
Mr Wairagu,
Chairman: School of Information and Communication Technology – Kenya Polytechnic
University.
m: +254 -
Victor Muriuki,
Operations Manager - Enterprise ICT Africa,
t: -/851
m: -
e:-(www.enterpriseict.co.ke)
P.O. Box-, Nairobi – Kenya.
DETECTIVE: MARTIN-LUTHER BWANGAH,-.
HEAD: CYBERCRIME UNIT C.I.D (KENYA POLICE) COMPUTER FORENSIC SPECIALIST (CFS)--KENYA POLICE
8|Page