Daniel Kaguongo
ISMS Risk Tracker & Compliance Portal (Streamlit + PostgreSQL)
Experience
Jan 2025 - Dec 2025
1 yearPort Moresby, Papua New Guinea
ISMS Risk Tracker & Compliance Portal (Streamlit + PostgreSQL)
- Built Streamlit + PostgreSQL portal for ISO 27001 audit tracking; automated control evidence and reminders, cutting audit response time by 40%.
- Reduced audit response time by 40% and improved coordination across teams by centralizing control tracking, evidence management, and compliance operations.
Jan 2025 - Dec 2025
1 yearPort Moresby, Papua New Guinea
National Information Security Compliance & Governance Program
- Led multi-institution ISO 27001 audit and cybersecurity-governance initiatives, improving national-level security maturity and data-protection readiness.
- Directed ISO/IEC 27001:2022 audits, digital-maturity assessments, and security-assurance programs across public-sector and academic institutions.
- Produced risk-remediation roadmaps, governance advisory reports, and secure ICT-architecture guidelines aligned with international standards.
- Supported strategic digital-transformation initiatives, ensuring alignment with global data-governance, cloud-security, and regulatory reporting frameworks.
Nov 2023 - Mar 2024
5 monthsEnterprise Microsoft 365 Tenant Migration & Cloud Backup Modernization
- Directed full Microsoft 365 tenant migration (Exchange Online, SharePoint, Teams, OneDrive), ensuring zero data loss, minimal downtime, and seamless user adoption.
- Re-architected identity governance (SSO, MFA, Conditional Access, secure access policies), improving authentication security and compliance alignment.
- Implemented enterprise-grade SaaS backup solutions using Acronis Backup and Veeam M365, enabling secure long-term retention and reliable restoration capabilities.
- Optimized Microsoft 365 licensing and configuration, improving cost efficiency and meeting governance requirements.
- Established secure data-protection baselines and retention policies supporting ISO 27001/ISMS compliance.
- Coordinated adoption, user readiness, and department-wide training, strengthening operational efficiency and cloud collaboration maturity.
Jun 2021 - Present
4 years 8 monthsPort Moresby, Papua New Guinea
Technology Manager | Cloud Solutions Architect | ISMS Lead
PNG DataCo - Yes You'll Be Covered
- Lead cloud-security architecture and governance across Azure, Entra ID, and Microsoft 365 environments, ensuring secure, compliant, and resilient service delivery.
- Design and maintain Zero Trust–based identity and access governance, implementing MFA, Conditional Access, PIM, SSO, and least-privilege access controls for enterprise users.
- Develop and enforce Azure Policy-as-Code, Defender for Cloud baselines, and configuration-drift prevention frameworks, maintaining near-perfect compliance across cloud workloads.
- Build and optimize Microsoft Sentinel SIEM, developing KQL analytics rules, incident-response playbooks, and automated SOAR workflows for proactive threat detection.
- Administer Intune endpoint security, including MDM/MAM baselines, device compliance, Autopilot provisioning, and application protection policies for hybrid and mobile fleets.
- Strengthen cloud resilience through improved backup governance, leveraging Veeam M365, Acronis, and Azure Backup for validated retention and recovery across critical systems.
- Lead ISO 27001–aligned security governance, performing internal ITGC audits, managing controls, collecting evidence, and supporting external certification assessments.
- Produce cloud-security dashboards and KRIs—including patch compliance, backup status, incident metrics, and policy drift—to support leadership decision-making.
- Guide modernization initiatives, secure cloud migrations, and architectural improvements that enhance operational resilience, reduce access incidents, and strengthen compliance.
- Direct cloud and infrastructure security operations for cross-functional teams, coordinating with internal staff and managed-service providers to maintain SLA performance.
- Develop and maintain security documentation including policies, SOPs, baselines, and technical standards to support continuous audit readiness and regulatory alignment.
- Promote organizational cybersecurity awareness through targeted training, phishing simulations, and secure digital-workplace practices.
Oct 2017 - May 2021
3 years 8 monthsKundiawa, Papua New Guinea
ICT Governance & Infrastructure Consultant
Simbu Provincial Government
- Delivered ICT governance, operational risk management, and technology advisory services across multiple regional offices, ensuring continuity of critical financial and administrative operations.
- Led end-to-end ICT modernization initiatives that accelerated project delivery timelines, improved infrastructure resilience, and increased system availability across distributed platforms.
- Developed and implemented ICT planning, procurement, and governance frameworks aligned with national standards and international best practices, including cybersecurity and regulatory compliance requirements.
- Conducted comprehensive risk-based ICT assessments to guide strategic investment decisions, strengthen security controls, and align ICT environments with global governance benchmarks.
- Designed and facilitated ICT governance and cybersecurity awareness programs for staff, improving secure-system usage, compliance maturity, and organizational cyber readiness.
- Oversaw ICT procurement and vendor management processes, embedding SLA monitoring, performance oversight, and risk controls — reducing costs while increasing service delivery quality.
- Mentored and upskilled ICT officers, strengthening local capacity, improving operational ownership, and enhancing the long-term sustainability of ICT systems and governance practices.
Mar 2016 - Feb 2017
1 yearLae, Papua New Guinea
Regional Information Technology Advisor
Volunteer Service Overseas (VSO) International, Provincial Capacity Building Programme (PCABe) | AusAID | UNDP
- Delivered ICT governance and risk-management support across multiple regional offices, ensuring continuity of financial and operational services and resolving over 95% of reported ICT incidents.
- Designed and implemented ICT modernization programs that accelerated project delivery timelines, strengthened infrastructure resilience, improved system availability, and expanded capacity for critical platforms.
- Developed and executed ICT planning, procurement, and governance frameworks aligned with national standards and international cybersecurity and regulatory requirements.
- Conducted comprehensive risk-based ICT assessments to guide strategic investment prioritization, strengthen security posture, and ensure ICT controls aligned with global governance benchmarks.
- Delivered ICT governance, cybersecurity awareness, and digital-literacy programs to over 70% of staff, significantly improving secure system usage competencies and compliance maturity.
- Oversaw ICT procurement and vendor contracts, embedding compliance, SLA monitoring, and operational risk controls — achieving a 60% reduction in procurement costs while improving service quality and accountability.
- Mentored and supported ICT officers, improving governance maturity, enhancing operational ownership, and ensuring long-term sustainability of ICT systems and risk-management practices.
Summary
Experienced Cloud Security Architect and IT Infrastructure Specialist with over 15 years of hands-on and governance experience across enterprise cloud environments. Skilled in Azure Cloud Architecture, Identity & Access Management, Zero Trust, Microsoft 365 security, and ISO 27001/NIST-aligned security governance. Proven ability to design secure cloud solutions, implement modern identity boundaries, strengthen compliance programs, and enhance operational resilience. Adept at balancing technical engineering with risk management, audit readiness, and cross-functional stakeholder engagement.
Skills
Azure Cloud
Aws Cloud
Microsoft M365
Windows Server
Sql
Traefik
Docker
Veeam
Iso 27001
Nist
Zero Trust
Iam
Pam
Sentinel
Siem
Rcsa
Bcp/dr
Audit Management
Control Testing
Vendor Management
Policy Development
Pim
Cis
Intune
Encryption
Acronis
Powershell
Python
Terraform
Information Security & Risk Governance
Audit & Compliance In Regulated Environments
Bcp / Dr Planning And Resilience
Ict Policy & Regulatory Alignment
Cloud Security & Risk Oversight
Languages
English
AdvancedEducation
Jan 2023 - Present
Georgia Institute of Technology
Master of Science in Cybersecurity, Information Security · Cybersecurity · Atlanta, United States
Jul 2013 - Jul 2013
Kenya Methodist University
Bachelor of Science in Computer Science · Computer Science · Nairobi, Kenya
Jan 2002 - Aug 2004
Jomo Kenyatta University of Agriculture & Technology
Diploma in Computer Science · Computer Science · Nairobi, Kenya
Certifications & licenses
AWS Certified: Solutions Security Specialty
Certified Ethical Hacker (CEH) Practical
ISO 27001:2013 Lead Auditor
ISaCa Certified: Certified Information Systems Auditor
ISaCa Certified: Information Systems Manager (CISM) (CISA)
ITIL v4 Foundation
Microsoft 365 Certified: Enterprise Administrator Expert
Microsoft: Certified Azure Solutions Architect Expert
Microsoft: Certified DevOps Engineer Expert
Need a freelancer? Find your match in seconds.
Try FRATCH GPT More actions
Similar Freelancers
Discover other experts with similar qualifications and experience
Stefan Radushev
ISO27001 Certification
View Profile
Alagi Mansaray
Senior Project Manager S4HANA in the energy sector
View Profile
Pierre Gronau
Ansible Automation, Windows Third Level Support
View Profile
Udayan Sarkar
Head – IT Infrastructure & Cyber Security
View Profile
Niels Aerts
Azure Architect
View Profile
Markus Willems
KRITIS Consultant
View Profile
Valeri Milke
Associate Partner - Information Security Consulting
View Profile
Daniel Jüntgen
Information Security Consultant
View Profile
Kazim Rizvi
Principal Security Architect - Contract Hands on
View Profile
Sascha Leitner
CEO
View Profile
Syed ghazanfar Abbas
Information Security Consultant
View Profile
Miguel Skirl
Senior System and Cloud Engineer
View Profile
Frank Joraschkewitz
Lead Project Manager
View Profile
Federico Leefhelm
ISO – Senior Consultant Quality & Information Security
View Profile
Peter Fleischer
Subproject Manager and Solution Architect - Microsoft 365 Transformation
View Profile
Benedek Galácz
CTO/CISO
View Profile
Nikolaus Betzler
ICT Risk Management and Information Security
View Profile
Christian Decker
Managing Director and Senior Consultant
View Profile
Bernhard Bowitz
Senior Security Architect
View Profile
Oliver Frömel
Senior IT Enterprise Security Architect | Project Bank Migration
View Profile
Philipp Schmidt
MS365 Consultant/Solution Architect
View Profile
Björn Bausch
Project Manager NIS-2
View Profile
Stefan Laager
Senior Manager, Project Manager, Auditor and Consultant
View Profile
Alexander Sänn
Owner and Managing Director
View Profile
Michael Lenz
Identity & PAM Architect
View Profile
Zakaria Aoune
Vice President Technology
View Profile
Joyce Mwangi
Consulting Cloud, Network & Security Engineer
View Profile
Victor Bassey-asuquo
Technical Consultant, AWS Infrastructure
View Profile
Henryk Orantek
Security Consultant
View Profile
Tezcan Dilshener
Solution Architect / Project Manager
View Profile
