Hilda Machando
Cloud Security • GRC • Risk

Hi, I’m Hilda: I secure clouds and simplify risk.

Explore my CV and projects below.

📄 View CV 🧩 View Projects

Curriculum Vitae

Hilda Machando

Cloud Security • Governance, Risk and Compliance • Operational Risk

Email: hildamachando4@gmail.com LinkedIn: Hilda Machando Medium: hildamachando4

Certifications

CISA
AWS Security Specialty
AWS Solutions Architect – Associate
AWS Cloud Practitioner

Professional Experience

ICT Operational Risk & Compliance Specialist

CABS – Central Africa Building Society

  • Led risk reviews across information security, technology operations, and emerging tech, aligning controls to NIST and ISO 27001.
  • Drove improvements in change management and vendor governance; reduced audit findings through targeted remediation.
  • Partnered with engineering to strengthen cloud security posture and reduce non‑production AWS costs.
Jan 2024 – Present
Harare

Cloud Security Engineer

Old Mutual · Remote

  • Led AWS security governance initiatives, improving the AWS Security Hub security score by 30% in six months.
  • Managed security policy development and compliance reviews, ensuring adherence to ISO 27001, PCI-DSS, and NIST security frameworks.
  • Conducted security risk assessments and developed a dynamic risk register, improving threat mitigation efficiency.
  • Developed and automated threat intelligence scripts to detect malicious open-directory domains in newly registered domains.
  • Collaborated with security auditors and compliance teams to remediate security gaps and strengthen cloud security controls.
  • Designed and maintained security dashboards using Power BI, providing executive teams with real-time insights into security operations.
February 2022 – December 2023
Harare

Cyber Security Engineer

CABS – Central Africa Building Society

  • Implemented security awareness training programs, reducing risk-prone behaviour among employees by 20%.
  • Led the deployment of advanced threat protection solutions, increasing threat detection capabilities by 40%.
  • Conducted penetration testing and vulnerability management, ensuring compliance with RBZ security standards and industry frameworks.
  • Developed incident response plans and forensic analysis workflows, reducing incident response times by 80%.
  • Optimized security operations through cost optimization strategies using Terraform, reducing daily operational costs by 3.5%.
February 2020 – January 2022
Remote

IT Support

Proplastics

  • Provided technical support for IT systems and network security, ensuring minimal disruptions to business operations.
  • Drove improvements in change management and vendor governance; reduced audit findings through targeted remediation.
  • Developed clear documentation for IT governance and compliance, enhancing policy implementation across teams.
July 2019 – January 2020
Harare

Education

MSc, Big Data Analytics

Chinhoyi University of Technology

2021 – 2023

Honors in Computer Science

University of Zimbabwe

2015 – 2019

SKILLS

AWS Security

IAM
GuardDuty
Security Hub
CloudTrailConfig
VPC security
KMS encryption
Automated compliance

Compliance

PCI DSS
GDPR
ISO 27001
SOC 2

Programming

Python
PowerShell
JSON/YAML
Javascript
HTML/CSS

Security Tools

Splunk
Qualys
Prisma Cloud
MDE
Sentinel
References available upon request

Projects

Cloud Cost Guard

Dashboard + alerts for non‑prod AWS cost spikes and mis‑tagged resources.

Repo →

Risk KPI Board

Business‑impact weighted IT risk KPIs with auto status from data sources.

Case Study →

Compliance Helper

Evidence capture & mapping to ISO/PCI controls for faster audits.

Demo →