About
Cybersecurity professional with 5+ years of experience securing enterprise and cloud environments. Skilled in SOC operations, threat hunting, incident response, vulnerability management, and compliance frameworks including ISO 27001, NIST CSF, and SOC 2.
Experience
-
Security ConsultantSilensec / CYBER RANGESNov 2024 – Present
- Lead malware analysis activities, including de-obfuscation and unpacking techniques, to investigate suspicious files, identify malicious behavior, and support incident response efforts. - Provide SOC monitoring and incident analysis for diverse client environments, leveraging various security tools including Microsoft Defender, CyberArk, Cynet, Wazuh, and Darktrace to detect, analyze, and investigate potential threats. - Lead proactive threat hunting operations, leveraging curated threat intelligence to identify vulnerabilities, uncover hidden threats, and detect early indicators of compromise.. - Conduct memory forensics to analyze volatile memory artifacts, detect stealthy threats, and support incident investigations. - Produce detailed incident documentation and client reports, contributing to SOC runbook improvements and supporting security simulation drills. - Identify and assess vulnerabilities impacting client assets, documented findings, and monitored remediation progress to ensure prompt resolution. - Develop and optimize SOAR workflows to automate incident response actions and improve SOC efficiency. - Supported clients with compliance-driven risk assessments, policy development, and security architecture recommendations aligned with PCI DSS, ISO/IEC 27001, NIST CSF, and SOC 2 frameworks. - Fine-tune security tools and detection rules to reduce false positives and improve alert fidelity across monitored environments. - Monitored infrastructure resources to maintain performance and reliability.
-
Cyber Security ConsultantCySecurity ServicesMar 2021 – Nov 2024
- Conducted penetration testing and vulnerability assessments across applications, networks, and cloud workloads, reducing risks by 35%. - Designed and implemented secure cloud and network architectures with IAM, encryption, and segmentation. - Developed cybersecurity policies, strategies, and awareness programs aligned with regulatory requirements. - Managed SIEM, IDS/IPS, and EDR monitoring for real-time threat detection and response. - Lead threat hunting, incident response, and CTI-driven investigations across multiple client environments, coordinating detection and mitigation of advanced threats. - Lead compliance-driven risk assessments, developing policies and recommending secure architecture to enhance client security posture. - Ensure compliance with data protection and privacy standards, embedding privacy-by-design principles into incident handling, reporting, and overall security processes.
-
Telecommunications EngineerMultimeda UniversityFeb 2020 – Jan 2021
- Designed and configured secure LAN/WAN infrastructures with monitoring and traffic analysis - Ensure all network equipment is adequately monitored with appropriate alert escalation. - Conducted vulnerability management, remediation validation, and incident response. - Conduct inspections for quality control and assurance programs, reporting findings and recommendations. - Prepare purchase requisitions for computer hardware and software, networking and telecommunications equipment, test equipment, cabling, or tools. - Implemented secure configurations, access controls, and encryption protocols - Developing and designing solutions around network automation and programmability. - Participating in creating and updating network design documentation.
-
Network Support EngineerKenya Network Information Centre (KeNIC TLD)Oct 2019 – Jan 2020
- Secured and configured routers, switches, and core infrastructure supporting .ke TLD services - Conducted vulnerability assessments and incident response support - Monitored network traffic and logs to detect threats - Customer support, understanding customer requirements, and business objectives - Troubleshooting and configuring L2 /L3 protocols not limited to BGP, ISIS, OSPF, EIGRP, and static routing protocols. - Escalating issues to the engineering team in cases of bugs or need for network device/link upgrade. - Engage remote hand partners and facility providers to assist with installation and checking the status of devices and other auxiliary devices - Design IT systems and networks ensuring the right architecture and functionality - Analyzing and reporting unusual observations in the data center and engaging contractors for a repair or basic checks. - Revise existing systems and suggest improvements - Manage the .ke TLD, its second-level and local domains effectively.
Education
-
Bachelor of Science in Electrical and Electronic EngineeringDedan Kimathi University of Technology (DeKUT)Electrical and Electronic Engineering · Apr 2011 – Apr 2016
Skills
- Risk Management
- Python
- Kali Linux
- AWS
- Wireshark
- Docker
- Cloud security
- Bash
- Burp Suite
- Metasploit
- Security Operations
- Incident Response
- Azure
- Vulnerability management
- SIEM
- Threat Hunting
- Palo Alto
- ISO 27001
- Infoblox
- NIST CSF
- Microsoft Sentinel
- Splunk
- SOC 2
- Cisco ISE
- Nessus
- SOAR
- CyberArk
- Wazuh
- Security Onion
- Imperva Dam
- Avdf
- Zerofox
- Adaudit
Courses & certifications
- AWS Certified Security – Specialty ↗ · AWS · 2025
- CISSP – Certified Information Systems Security Professional ↗ · IS2 · 2025
- LPIC-1: Linux Professional Institute Certification ↗ · LPI · 2024
- Certified in Cybersecurity (CC) – ISC² ↗ · ISC2 · 2024
- AWS Certified Solutions Architect – Associate ↗ · AWS · 2024
- Microsoft Certified: Azure Fundamentals ↗ · Microsoft · 2024
- CompTIA Security+ ce ↗ · CompTIA · 2024