Post Job Free
Sign in

Cybersecurity, Grc, And Privacy Leader With Regulatory Expertise

Location:
Maplewood, MN
Posted:
January 17, 2026

Contact this candidate

Resume:

CYRIL T. FODAY-KAILIE, PhD, CISSP, DPO

********@*****.*** linkedin.com/in/cyril-tommy-foday-kailie-ph-d-cissp-ccsk-dpo-gdpr-ecih-b79572ba https://www.credly.com/users/cyril-foday-kailie

PROFESSIONAL SUMMARY

Cybersecurity and GRC leader with 17+ years of experience developing security frameworks, managing enterprise risk, and ensuring regulatory compliance across complex multi-jurisdictional operations. Expertise in information security governance, data protection program development, incident response, and security operations. Proven track record of reducing security incidents by 65%, establishing 24/7 Security Operations Centers, and implementing comprehensive cybersecurity programs aligned with NIST, ISO 27001, and international data protection standards. CISSP and PECB Data Protection Officer certified with advanced degrees in Cybersecurity and Data Privacy Law. CORE COMPETENCIES

Governance, Risk & Compliance

• Security Framework Implementation

• Risk Assessment & Management

• Policy Development & Governance

• Compliance Auditing

• Third-Party Risk Management

• Security Awareness Programs

Data Privacy & Protection

• Data Protection Program Design

• Privacy Impact Assessments

• GDPR/International Privacy Law

• Data Subject Rights Management

• Privacy by Design Integration

• Contract Privacy Provisions

Security Operations

• SOC Establishment & Management

• Incident Response & Forensics

• Vulnerability Management

• Penetration Testing

• SIEM/IDS/IPS Implementation

• Business Continuity/DR

PROFESSIONAL EXPERIENCE

INFORMATION SECURITY & INFORMATION ASSURANCE MANAGER United Nations Assistance Mission in Iraq (UNAMI) 2017 – Present Baghdad, Iraq Governance, Risk & Compliance

Served as Ex Officio to ICT Steering Committee, advising senior leadership on technology strategy, risk posture, and security investments. Developed and managed annual IT security budgets totaling $8M+, consistently delivered within allocation with documented ROI on security investments. Authored comprehensive mission-wide ICT and cybersecurity policies aligned with UN security standards, NIST Cybersecurity Framework, and ISO 27001 principles. Conducted annual risk assessments using structured methodologies to identify, evaluate, and prioritize organizational risks. Established third-party risk management program, instituting data privacy and protection requirements in service contracts and RFPs totaling $3M+ annually, ensuring vendor compliance with organizational security and privacy standards.

Data Privacy & Protection

Developed and implemented data protection guardrails across organizational operations, ensuring compliance with international privacy standards and UN data protection principles. Integrated privacy requirements into procurement processes, technology deployments, and operational workflows. Administered Microsoft Purview for data governance, classification, and compliance monitoring. Implemented data loss prevention controls and access management policies protecting sensitive organizational and personnel data. Security Operations & Incident Response

Implemented comprehensive security frameworks including next-generation firewalls, IDS/IPS, endpoint detection and response (EDR), and SIEM solutions. Established 24/7 Security Operations Center for continuous threat monitoring, detection, and incident response.

Provide management oversight for scheduled penetration testing and vulnerability assessments, reducing security incidents by 50%. Successfully contained and remediated multiple security incidents including sophisticated phishing campaigns and malware outbreaks with documented lessons learned. Delivered cybersecurity awareness training to 2,000+ personnel annually using phishing simulations, role-based training, and measurable competency assessments, significantly improving organizational security posture. Cloud Security & Infrastructure

Managed mission web security including WordPress sites and custom applications meeting UN security standards. Administered Microsoft Azure cloud infrastructure with Windows Defender for Endpoint, implementing security hardening and compliance controls aligned with organizational policy. Championed cloud-based collaboration platforms and mobile device management solutions, improving operational efficiency by 30%. Deployed business intelligence dashboards providing real-time visibility into security metrics and operational KPIs.

FIELD INFORMATION TECHNOLOGY MANAGER

United Nations Organization Stabilization Mission in DR Congo (MONUSCO) 2007 – 2017 Kinshasa, Kisangani, Bunia, Lubumbashi

IT Operations & Risk Management

Directed comprehensive IT operations across 4 major duty stations supporting 5,000+ military, police, and civilian personnel in challenging post-conflict environment. Managed distributed infrastructure including VMware vSphere environments (150+ VMs), data centers, and LAN/WAN networks, achieving 99.5%+ service availability. Administered 3,000+ endpoints, 200+ physical/virtual servers, and IT assets valued at $15M+ with comprehensive lifecycle management and asset risk tracking. Reduced physical server footprint by 35% through virtualization optimization while improving performance, redundancy, and security posture. Business Continuity & Disaster Recovery

Developed and maintained comprehensive Business Continuity Plans with regular testing and validation exercises. Designed and implemented geographically distributed DR site in Entebbe, Uganda achieving 4-hour Recovery Time Objective (RTO) over Vsat Links.

Successfully activated DR capabilities during 3 emergencies with zero data loss. Reduced data recovery time objective from 48 hours to 2 hours through automated backup operations. Conducted annual risk assessments and implemented mitigation measures reducing operational risk by 45%. ERP Governance & Compliance

Served as technical focal point for UN Umoja ERP deployment, managing complex implementation with integrated controls and access management. Developed comprehensive ERP governance framework including SOPs, role-based access controls, segregation of duties, and compliance training materials. Trained 500+ end users and collaborated with Finance, HR, Logistics, and Procurement to optimize workflows while maintaining control integrity. Liaised with developers for system customization, reducing manual processing time by 50%.

Team Leadership & Capacity Development

Supervised multinational ICT team of 25+ international and national staff across multiple duty stations. Designed and delivered technical training programs achieving 40% improvement in first-call resolution rates. Successfully nationalized 60% of IT support positions, developing local capacity and ensuring operational sustainability. TECHNICAL PROFICIENCIES

Frameworks NIST CSF, NIST 800-53, ISO 27001/27002, COBIT, CIS Controls, GDPR, UN Data Protection Standards Security Tools Cisco ASA, Checkpoint, IDS/IPS, SIEM (Splunk), EDR, Vulnerability Scanners, PKI, MFA, Microsoft Defender

Cloud & Data Microsoft Azure, Microsoft Purview, Microsoft 365, SharePoint, Azure Blob Storage, Azure AD Infrastructure VMware vSphere, Windows Server, Linux (Ubuntu, CentOS), Active Directory, VPN, VSAT, LAN/WAN GRC & ITSM ServiceNow, Atlassian Suite, Risk Registers, Policy Management, Vendor Risk Assessments Automation PowerShell, Bash, Python, Ansible, Git, CI/CD (Jenkins, GitLab) EDUCATION

Doctor of Philosophy (PhD), Technology Management – Cybersecurity Concentration Capella University

Master of Science, Cybersecurity and Data Privacy Law 2023–2024 Albany Law School

Master of Science, Information Technology Management – Cybersecurity Specialization 2013–2014 Capella University

Bachelor of Science, Information Technology Management – Cybersecurity Specialization 2009–2013 Capella University

Professional Certificate, Data Science and Machine Learning 2022 MIT Schwarzman College of Computing

CERTIFICATIONS

• CISSP – Certified Information Systems Security Professional

(2018)

• PECB Certified Data Protection Officer (2021)

• CCSK – Certificate of Cloud Security Knowledge (2019)

• EC-Council Certified Incident Handler (2019)

• EC-Council Certified Ethical Hacker (2012)

• CompTIA Security+ (2012)

• CompTIA Project+ (2012)

KEY ACHIEVEMENTS

• Reduced security incidents by 65% through comprehensive cybersecurity program

• Established 24/7 SOC with continuous monitoring capabilities

• Achieved 99.5%+ infrastructure availability supporting critical operations

• Managed $8M+ annual security and IT budgets

• Implemented 4-hour RTO disaster recovery with zero data loss

• Trained 2,000+ personnel annually on security awareness

• Deployed ERP system training 500+ users with zero disruption

• Reduced IT operational costs by 20-30% through optimization



Contact this candidate