EXPERIENCE
05/2024 – PresentRemote, Nairobi
Senior Security Engineer & DevOps Engineer, Confidios

Security Infrastructure & Governance

  • Architected a unified SSO (Single Sign-On) ecosystem using Authentik/​Keycloak and LDAP, consolidating user access and SSH authentication into a single source of truth.
  • Replaced legacy VPNs with HashiCorp Boundary, providing identity-based, zero-trust access to internal assets and minimizing the corporate attack surface.
  • Engineered a centralized HashiCorp Vault environment, implementing automated secret rotation, SSH certificate management, and granular policy enforcement across production environments.
  • Spearheaded quarterly security audits and risk assessments; automated vulnerability identification and patch management using Wazuh, Graylog, and TheHive.
  • Integrated security into GitLab CI/​CD pipelines and standardized global infrastructure using Terraform and Ansible to ensure 100% configuration consistency.
  • Deployed a Prometheus and Grafana monitoring stack with integrated Slack alerting, significantly reducing Mean Time to Detection (MTTD) for security incidents.

    • Product R&D (ChainTrust Blockchain)

  • Directed the R&D and market-entry strategy for the ChainTrust platform, managing a technical roadmap for 3 core blockchain modules focused on the agricultural sector.
  • Designed a Kubernetes-based infrastructure to orchestrate distributed blockchain services, increasing deployment velocity by 110% while ensuring 99.9% system resilience.
  • Bridged the gap between complex cryptographic logic and market requirements, delivering user-facing features capable of handling high-concurrency transactions.
    • 02/2021 – 09/2021Remote, Nairobi
    AI Specialist, Remotask via Africa AI

    Successfully managed remote tasks with 100% completion, improved project efficiency by 30%, and increased team productivity by 15%. Fostered strong team collaboration and received positive feedback.

    EDUCATION
    10/2020 – PresentNairobi, Kenya
    Bachelor's Degree, KCA UNIVERSITY

    While still in school, I came up with a rating application project that scored 10/​12 upon presentation.

    SKILLS
    Experienced in Vulnerability Analysis
    Experienced in Microsoft Office 365 SharePoint
    Jira Service Management with support teams
    DNS Server Setup and configuration via ansible
    AWS Security Fundamentals
    Experience in Laravel PHP for Backend
    Managing Users, Groups, and Permissions in AWS with IAM
    Configuring and running Kubernetes (k3s and k8s)
    Securing Network Access for Amazon EC2 instances with Security Groups
    White hat Hacking
    Experienced in Network Monitoring and Analysis
    Experienced in Microsoft Office 365 Power Automate
    Advanced experience in Microsoft Office 365 Power BI
    Experienced in Microsoft Office
    Laravel, Vue.js (Vue3), and Bootstrap Integration
    Nomad and Hashicorp Deployment and integration
    Experience in Vue.js (Vue3) JavaScript Front-End Development
    Team leadership
    Experience with SOAR tools (Splunk, IRIS-DFIR)
    Experienced in Bug Bounty
    Setting up AI Agents with n8n
    AI Applications
    PROJECTS
    09/2025 – Present
    Secagent, Kenya

    This project, once done, will help organizations have their own personal offensive security application focused on getting the firm compliant with the latest laws and guidelines of industry-standard regulations such as GDPR and DPA for Kenyan organizations.

    08/2023 – Present
    Bug Researcher at intigriti and Hacker-One

    Participated in Bugcrowd and Integriti bug bounty programs, specializing in enumeration and testing to identify and report vulnerabilities in various websites and endpoints.

    08/2023 – 2023
    My Maoni-App Feedback Management system, Nairobi
  • Full-stack Development: Designed and built the Maoni App feedback management system.
  • Real-time Data Visualization: Integrated data visualization for user feedback analysis.
  • User Feedback Management: Achieved a 90% processing rate for actionable user insights.
    • Security Operations Home setup, Nairobi

    Built and maintain a robust home security system using virtualization and security best practices. Implemented Opnsense firewall, Wazuh security monitoring, Splunk SIEM, and IRIS-DFIR for forensic analysis.

    Malware Analysis & Reverse Engineering Lab

  • Architected a multi-OS isolated sandbox environment using virtualization for the safe execution and decomposition of malicious binaries.
  • Integrated specialized toolsets including REMnux (for Linux-based behavioral analysis) and hardened Windows 10 analysis VMs equipped with debuggers and disassemblers.
  • Executed end-to-end Malware Analysis:
  • Static Analysis: Performed code analysis, string extraction, and PE header inspection to identify indicators of compromise (IOCs).
  • Dynamic Analysis: Monitored runtime behavior, registry changes, and network callbacks in a network-isolated environment to map malware capabilities.
  • Environment Hardening: Configured host-only networking and snapshot-revert workflows to ensure zero leakage to the production host during detonation.
    • SUMMARY
    Cybersecurity Engineer with 3+ years' experience in ethical hacking, vulnerability analysis, and incident response. Skilled in penetration testing, AWS security, DevOps, and full-stack development using tools like HashiCorp Vault, Grafana, Wazuh, ELK Stack, and Graylog. Currently pursuing a Bachelor's Degree at KCA University.
    COURSES
    01/2025
    Certification in Cybersecurity, ISC2
    04/2024
    AWS Shared Responsibility Model, AWS training and Certification
    12/2023
    Certificate in Windows File system, Cybrary
    08/2023
    Ethical Hacker, Alison Learning
    2023
    Ethical Hacking, GreatLearn
    Certificate in Linux File System
    Computer and Network Security
    AWS Security Fundamentals, AWS training and Certification
    AWS Security Groups, AWS training and Certification
    AWS Identity and Access Management, AWS training and Certification
    INTERNSHIP
    05/2024 – 03/2025Perma Labs
    Security Engineer

    As a Security Intern, I gained valuable experience in cybersecurity by assisting the Security Engineering team. I contributed to projects such as introducing a Security Operations Centre and integrating it into the Network with tools like The Hive and Grafana, also conducting vulnerability assessments on company systems. I learned to utilize tools like Wazuh and Graylog for log analysis. This internship provided me with a strong foundation in cybersecurity principles and practical experience in a professional setting.