Robert Gonda

Embedded into Nationwide's IT Change function, providing cybersecurity assurance across major transformation programs. Reduced risk exposure by 40% through threat modeling and secure configuration baselines. Delivered strategic risk assessments and remediation guidance aligned to NIST CSF, ISO 27001, and internal bank standards.

Mentored 20+ aspiring professionals across threat detection, red/blue teaming, and security operations. Facilitated training sessions around digital ethics, career resilience, and inclusive security cultures.

Spearheaded SOC 2 Type 2 implementation, reducing audit findings by 80% in the first year. Developed Sentinel and Splunk use cases, improving alert efficacy by 40% and response times by 50%. Authored policy packs, risk registers, and RACI models aligned to ISO 27001 and NIST.

Redesigned enterprise detection models in Sentinel to align with evolving threat landscape and business risk. Drove a 25% improvement in detection response and authored high-quality playbooks adopted team-wide. Co-led strategic planning sessions with senior stakeholders, using KPIs to influence detection priorities.

Defined and executed a long-term cybersecurity strategy across business units, driving alignment with executive leadership. Established high-performing cyber teams through a leadership approach that combined autonomy, accountability, and coaching. Regularly presented to the Board and risk committee, securing buy-in on investments and cyber roadmap milestones.

Worked closely with the CISO to shape and communicate the company's cyber risk strategy. Influenced senior business owners to embed risk ownership into departmental KPIs and OKRs. Delivered a 6-month SOC 2 pass program from gap analysis to full audit readiness.

Defined security goals across IT and non-technical faculties, aligning with national regulatory expectations. Collaborated across business units to roll out phishing campaigns and user education, improving reporting metrics by 70%. Engaged with stakeholders beyond IT to ensure adoption of controls, especially during SIEM rollout.

Provided tailored incident reports for C-level clients and maintained high-touch communication during crises. Mentored and coached junior analysts, focusing on empowerment and knowledge sharing. Integrated HR and SOC processes to build a culture of cyber accountability and improve incident lifecycle transparency.

Completed the National Extended Diploma in IT at Level 3, focusing on foundational IT concepts and skills. This program provided a comprehensive understanding of information technology principles.

Completed the SANS 511 course, focusing on continuous monitoring and security operations. This advanced training enhanced skills in maintaining robust security postures and responding to threats.