Professional Cloud Security Engineer

May 2023 - September 2023

Google Cloud

Design and implement secure workloads and infrastructure.

Develop, and manage a secure infrastructure.

Identity and access management.

Data protection, configuring network security defenses, collecting and analyzing Google Cloud logs.

BSc Electrical & Telecommunications Engineering

September 2015 - December 2020

Multimedia University of Kenya, Nairobi, KE

Successfully graduated with a Second Class Upper Hons in Electrical & Telecommunications Engineering

Continuing Cyber Security Education in Offensive and Defensive CyberSecurity

Jan 2022 - Present

TryHackMe

Dedication to continuous learning has seen me rise to the top 2% of try hack me members.

Udacity Cloud DevOps Nanodegree

May 2022 - September 2022

Africa Leadership University & Udacity

Gained hands-on AWS and Kubernetes experience from the Cloud Devops Engineer Nanodegree covering:

• Cloud fundamentals: Security, Containerization, and AWS Management
• Deploying Infrastructure as Code (IAC): AWS CloudFormation, Infrastructure Diagrams, Networking Infrastructure, Servers and Security Groups, Storage and Databases.
• CI/CD pipelines, Logging and Monitoring : Building Continuous Integration Pipelines with Jenkins and CircleCI, Enabling Continuous Delivery with Deployment Pipelines using Ansible, Monitoring and Logging AWS services using Prometheus, AWS CloudWatch, AWS CloudTrail.
• Microservices at scale using Kubernetes: deploying event-driven microservices using AWS Lambda and Cloud9, deploying applications on Docker, Containerization of existing applications, Container Orchestration with Kubernetes, Operationalizing Microservices while implementing fault-tolerance and load testing to enhance robustness of applications.

• WAF built on AWS WAF for SMEs.
• Deploying high-availability web apps using CloudFormation on AWS infrastructure.
• Auto deploying apps using infrastructure as code with inbuilt rollover functionality to ensure zero downtime.
• Operationalizing a Machine Learning Microservice API using docker and kubernetes.
• Deploying apps on kubernetes running on GKE.
• Deploying apps using terraform on Google Infrastructure.
• Incident response Playbooks for environments running on Microsoft Azure.
• Vulnerability Analysis on AWS, Azure and GCP for corporates focusing on misconfigurations.
• Static Application Security Testing using Snyk.

• Professional Cloud Security Engineer

  - Google Cloud Sep 2023

• Practical Windows Forensics

  - TCM Security Nov 2022

• Microsoft Certified: Security, Compliance, and Identity Fundamentals

  - Microsoft Apr 2022

• Web Fundamentals Learning Path Certificate of Completion

  - TryHackMe Apr 2022

• Fortinet Network Security Expert Level 3: Certified Associate

  - Fortinet Jan 2021

• ICSI | CNSS Certified Network Security Specialist

  - International Cybersecurity Institute May 2020

• Huawei Certified ICT Associate (HCIA) Routing and Switching

  - Huawei Apr 2020

• CompTIA_Security+

  - Cybrary Jul 2019

• Fundamental Vulnerability Management

  - Cybrary Jul 2019

• Security Assessment and Testing

  - Cybrary Jul 2019

Lead Security Engineer

Nov 2022 - Present

Financial Services Organization

• Responsible for all cybersecurity operations including monitoring technical infrastructure and assets for cyberthreat indicators, tracking emerging and realized threats, and managing the Information Security Risk posture of the bank reporting to the Chief Risk Officer.
• Directed the design and implementation of VAPT activities on technology layers covering containers, 5 web apps, 4 mobile apps, and 5 databases evaluating the criticality of vulnerabilities and prioritizing on the most suitable remediation.
• Provided technical support to the system administrators and owners of 15 systems in analyzing, understanding, and remediating the reported vulnerability findings
• Coordinated hardening of Windows, and Linux operating systems for 20 missioncritical servers according to CIS standards.
• Developed, maintained, and improved cyber security policies, secure coding practices, procedures, and guidelines in line with ISO 27001, NIST CSF, SWIFT CSP, PCI-DSS, CIS Top 20 CSC, OWASP, and MITRE ATT&CK as part of industry best practice.
• Collaborated with Dev and DevOps teams to implement application and system security improvements for 5 major systems in the bank.
• Collaborated with project and product management teams to provide technical security support to all technology projects in the bank including the go-live of 5 banking applications, migration from Gsuite to Office 365, and implementation of a Data Center Firewall
• Led Security operations involving anticipating, preventing, detecting, and responding to cyber security incidents for over 700+ systems leveraging on my purple team experience. Reduced the rate of false positives by 32% through fine-tuning detection rules.
• Conducted Security Awareness training for 300 members of staff to improve the bank's cybersecurity posture. Conducted Specialized training for 30 IT staff on secure coding practices and DevSecOps principles in order to encourage a shift left of Security in the organization.

CyberSecurity Consultant

July 2021 - Nov 2022

PwC, Nairobi, KE

• Led incident response for a leading East African microfinance institution to address the loss of 300,000 USD. Resulted in attribution to suspected parties.
  • Conducted forensic analysis of their core and mobile banking systems.
  • Reviewed infrastructure logs.
  • Imaged RAM and performed malware analysis.
  • Created a timeline of events supported by analysis of forensic images of the suspects' devices.
• Led incident response for a Development Agency to address the loss of 70,000 Euros through social engineering. Resulted in unveiling the pseudo identity of the attacker.
  • Conducted Mail Header Analysis.
  • Created tutorials for Mail Header Analysis Training for use by the Forensics Team.
  • Reviewed Security artifacts to establish potential attack vectors.
• Led the technical cyber review of a leading African Bank to ensure compliance with global privacy and security regulations. Resulted in reduced financial exposure by 10% and avoidance of Regulator fines.
• Coordinated efforts with the security incident response team and infrastructure teams.
• Identified and helped mitigate security issues, misconfigurations, and vulnerabilities in the orchestration of their core banking and mobile banking systems.
• Conducted systems security review for a leading African microfinance bank covering their core banking and mobile banking systems. Resulted in improved cyber security resilience, visibility into their network and increased operational efficiency.
  • Served as a security counterpart for the infrastructure department.
  • Championed for pragmatic application of security tools to the business case to reap the highest ROI from existing security tools.
  • Championed for the adoption of Sound cloud security practices such as the use of Identity Providers with pass-through authentication capabilities.
  • Advised on tuning of detection rules for their Web Application Firewall.
• Collaborated on a Forensic Investigation for an organization in the East African Energy Sector. Resulted in replacement of culpable parties with more suitable candidates in the organization's management and contributed to uncovering a 7 Million USD irregularity.
  • Analyzed and correlated data from imaged devices using Intella and Encase.
  • Established timelines that were used to ascertain the involvement of suspects.
• Created and implemented work plans for 10 cyber security reviews, digital forensics and incident response engagements.
• Enlightened stakeholders on how to get a higher ROI on existing security tools by recommending updates to security measures, and the type of security training to invest in.

Penetration Tester and Security Operations Center (SOC) Analyst

Oct 2020 - June 2021

Visibility Technology Services, Nairobi, KE

• Contributed to Scanning infrastructure for vulnerabilities regularly as part of taking ownership for vulnerability management and patching policies.
• Identified and helped mitigate security issues, misconfigurations and vulnerabilities for a Managed Services provider in the Telecommunications sector through Vulnerability Assessments and Penetration Tests. Resulted in enhanced cyber security resilience.
• Conducted Social Engineering campaigns for a leading East African SACCO as part of a penetration test. Resulted in increased security awareness.
• Identified and ensured availability of log data sources. Analyzed logs using Splunk, ELK, and FortiSIEM for security analytics and identification of attacker tactics, techniques and procedures inline with the unified kill chain which combines Lockheed Martin's cyber kill chain and the MITRE ATT&CK framework.
• Managed Linux systems for Security Operations. Contributed to Deploying and managing Active Directory across the entire organization and hardening Operating Systems.
• Served as one of 4 SOC analysts in the Security Incident Response Team on-call rotation. Contributed to the creation of runbooks for SOC operations.

Cyber Security Trainer & Researcher

Sep 2019 - Apr 2020

Serianu Africa Cyber Immersion Center(ACIC), Nairobi, KE

• Researched on Data Privacy and Cybersecurity in Ethiopia and Botswana which resulted in publishing of the Serianu Africa 2020 Cybersecurity Report.
• Coordinated a team of 8 Multimedia University Computer Emergency Response Team (CERT) members for two months to conduct research covering Data Protection in five countries in Africa for Serianu.
• Trained 100+ High school students on ACIC's cybersecurity curriculum over a period of three months which resulted in increased interest in pursuing information security as a career path.

Director ICT Tracks

June 2022- June 2023

As part of the management committee I contributed to structuring the ICT tracks and ensuring the smooth running of ICT upskilling initiatives for cohort 7 mentees.

KamiLimu Fellow

June 2021 - June 2022

As part of the management committee I contributed to nurturing the skills and changing the lives of 34 mentees for a duration of 8 months.

Global Winner EC Council Cyber Mega Challenge

KamiLimu empowered me to Emerge as the winner of the Global Cybersecurity challenge by EC Council University which led to winning a USD 6,000 scholarship.

KamiLimu Fellow Cohort 6.0

I was chosen as the KamiLimu fellow for the sixth cohort of the Award winning mentorship program.
Being part of the Management Committee turned out to be absolutely life changing :)

KamiLimu 5.0 Highest Attendance Rating

2021

Achieved an average attendance rating of 176% through a 15 month period.
This shows my dedication to show up and see things through to the end.

KamiLimu 5.0 Winner of the Cybersecurity Track Mock Job Competition

Emerged as the cybersecurity track winner after a 3-stage mock Job competition

KamiLimu 5.0 Winner of the ICT Track Competition

My team emerged as the overall winner for the ICT track competition for our brilliance showcased through our cybersecurity project: "Peeling the onion, making the adversary cry!"
The project was on using network security monitoring to improve the cybersecurity posture of organizations.

KamiLimu 5.0 Winner of the Public Speaking Competition

Emerged as the winner after a 3-stage public speaking competition.

KamiLimu 5.0 Winner of the Scholarship Competition

Emerged as the winner after a 3-stage scholarship competition.