Hire the Best Information Security Analysts
in Kenya

i am a self driven, accurate, with fast keying skills and sound knowledge of computer applications. Proven ability to collect and manage information efficiently and accurately. Excellent written and verbal communication skills and a strong desire to work hard and perform well. Skilled in planning and organizing with the ability to complete tasks on deadline. An independent worker who successfully meets the challenges of a fast-paced environment providing data entry and administrative support to a large department. Sound knowledge of database management tools and data entry technologies. Over three years experience successfully performing a number of data entry and clerical tasks. A proven track record of efficiency and accuracy in managing multiple functions, solving problems, maintaining confidentiality and producing quality work.

I help security vendors, MSSPs, SaaS teams, NGOs, and enterprise security teams strengthen their cybersecurity operations through practical security engineering, SIEM/logging expertise, incident response support, and clear technical documentation. I am a Cybersecurity Engineer and Technical Writer with 9+ years of hands-on experience across security operations, threat detection, incident response, vulnerability assessment, system hardening, compliance documentation, and cybersecurity product documentation. My background is not generic content writing. I have worked directly with SIEM, XDR, DLP, WAF, endpoint security, Linux systems, cloud platforms, vulnerability scanners, and security monitoring tools. I also have professional experience writing technical cybersecurity documentation for enterprise users, product teams, and security operations teams. I can help you with: * SIEM, logging, and security operations documentation * Incident response plans, SOC playbooks, and security runbooks * Vulnerability assessment reports and remediation guidance * Cybersecurity policies, procedures, compliance reports, and audit documentation * Security product documentation, integration guides, and troubleshooting guides * Cybersecurity blog articles, white papers, and technical explainers * Security awareness content and training materials * Device security, endpoint hardening, and operational security guidance * Risk assessments, security audits, and control gap analysis Tools and technologies I have worked with include Splunk, IBM QRadar, ELK Stack, Wazuh, Microsoft Sentinel, Chronicle, NXLog, Datadog, Prometheus, Zeek, Snort, Suricata, OSSEC, OpenVAS, Tenable Security Center, ModSecurity, WPScan, GitLab, MkDocs, Linux, Windows Server, AWS, Azure, and GCP. Security frameworks and standards I work with include ISO 27001, PCI-DSS, GDPR, NIST, SOC 2, CIS Controls, OWASP Top 10, and MITRE ATT&CK. Selected experience: * Conducted 50+ cybersecurity assessments on devices used by at-risk civil society groups. * Developed and delivered device security training to 100+ staff. * Authored 60+ cybersecurity product and integration documents for enterprise users. * Configured log collection and SIEM integrations with Splunk, ELK Stack, and IBM QRadar. * Deployed and configured SIEM, XDR, DLP, and WAF tools for telecom, finance, and public sector clients. * Led incident response for 30+ critical cyber threats. * Optimized 100+ SIEM detection rules to improve alert quality and reduce false positives. * Conducted 35+ vulnerability assessments and penetration tests. * Produced ISO 27001 and PCI-DSS compliance reports. * Led a managed security services project for a major telecom environment. Why clients work with me: * I understand cybersecurity from the engineering side, not just the writing side. * I can communicate clearly with executives, engineers, compliance teams, and end users. * I can turn messy technical information into structured, useful documentation. * I can help security teams reduce confusion, improve response workflows, and document security operations properly. * I am comfortable working remotely with international teams and long-term clients. If you need someone who can understand the technical details, ask the right security questions, and produce clear, practical deliverables, I can help.

Cyber Defense Solutions: Vulnerability Analysis and Penetration Testing to identify and address security gaps. Threat Modeling to anticipate and prevent cyber threats. Incident Response Planning to minimize the impact of security breaches. Firewall Configuration and Rule Creation for secure network management. Security Policy & Compliance: Development of Security Policies tailored to business needs. Compliance reviews for Data Protection (GDPR, HIPAA, etc.). Code Review for Secure Development Practices. Cybersecurity Training & Awareness: Cybersecurity training sessions for board members, experts, and employees. Custom training content development focused on security best practices. Ongoing support for security awareness programs. Information System & Data Protection Audits: Comprehensive audits to identify and mitigate security risks. Data protection assessments to ensure compliance with privacy standards.

I am a cybersecurity leader and consultant with 12+ years of experience helping organizations strengthen their security posture, reduce cyber risk, achieve compliance, and build resilient security programs across banking, telecommunications, managed security services, and enterprise environments. As a virtual Chief Information Security Officer (vCISO), I support organizations that need executive-level cybersecurity leadership without the cost of a full-time CISO. I help businesses define security strategies, establish governance frameworks, manage cyber risks, improve compliance readiness, and align security investments with business objectives. My experience includes leading enterprise cybersecurity programs, managing Security Operations Centers (SOC), overseeing incident response, conducting vulnerability management, coordinating penetration testing activities, implementing security controls, and advising senior leadership and boards on cyber risk. Services I Offer: Virtual CISO (vCISO) Services * Cybersecurity strategy development and execution * Security roadmap creation and maturity assessments * Cyber risk management and executive reporting * Security governance, policies, standards, and procedures * Board and leadership cybersecurity advisory * Third-party risk management Security Assessment & Compliance * Cybersecurity gap assessments * ISO 27001 readiness and implementation support * PCI DSS implementation * SWIFT CSP security advisory * Regulatory compliance alignment * Security policy development Security Engineering & Operations * Security architecture reviews * Vulnerability assessments and remediation programs * Penetration testing coordination and remediation tracking * SIEM monitoring and SOC improvement * Incident response planning and execution * Endpoint, network, email, and cloud security deployments Cloud & Infrastructure Security * AWS and Azure security reviews * Secure cloud configuration assessments * Identity and access management (IAM) * Network security architecture * Secure infrastructure design Why Clients Work With Me I combine hands-on technical expertise with executive-level cybersecurity leadership. I have worked with complex environments where security, compliance, operational resilience, and business objectives must work together. My background includes: * Chief Information Security Officer experience within financial services * Leading enterprise information security programs * Managing security operations and incident response teams * Designing and deploying security solutions across network, endpoint, email, and cloud environments * Working with auditors, regulators, technology partners, and executive stakeholders I hold industry-recognized certifications including CISM, EC-Council Certified CISO, ISO 27001 Lead Auditor, GIAC Certified Incident Handler (GCIH), AWS Security Specialty, AWS Solutions Architect, and other security certifications. Whether you are a startup needing your first security program, a growing company preparing for compliance, or an enterprise looking to mature your cybersecurity capabilities, I can help you build practical, effective, and business-aligned security solutions.

I'm a certified cybersecurity professional specializing in blue team operations including threat detection, incident response, log analysis, and security monitoring. With hands-on experience in SOC workflows and a strong foundation in defensive security, I help organizations detect threats early, respond effectively, and strengthen their security posture. What I can do for you: - Security event monitoring and alert triage using SIEM platforms - Log analysis and correlation to identify indicators of compromise (IOCs) - Incident response support — containment, eradication, and recovery - Threat intelligence integration and IOC enrichment - Phishing email analysis and malware triage - Vulnerability assessment and security gap reporting - Security documentation — SOPs, incident reports, playbooks Certifications & Training: - CompTIA Security+ (SY0-701) - Microsoft SC-900 (Security, Compliance & Identity Fundamentals) - LetsDefend SOC Analyst Learning Path - Cyber Shujaa Security Analyst Mentorship Program I'm methodical, detail-oriented, and communication-focused. I don't just find threats, I document findings clearly, so your team understands the risk and the fix. Whether you need ongoing SOC support, a one-time security review, or help building detection playbooks, I'm ready to deliver. Let's secure your environment. Message me to get started.

As an experienced cybersecurity analyst with a proven track record of six years, I am dedicated to safeguarding your organization's sensitive data and infrastructure. With a deep understanding of modern cyber threats and expertise in implementing robust security measures, I provide comprehensive protection against potential risks and vulnerabilities. My goal is to ensure the confidentiality, integrity, and availability of your digital assets while minimizing the impact of potential security incidents. Skills and Expertise: Threat Detection and Prevention: • Advanced knowledge of intrusion detection systems (IDS) and intrusion prevention systems (IPS) to identify and neutralize potential threats. • Proven experience in analyzing security logs, network traffic, and system events to identify suspicious activities and respond effectively. Vulnerability Management: • Conducting regular vulnerability assessments and penetration testing to identify weaknesses and recommend mitigation strategies. • Proficient in using industry-standard tools such as Nessus, OpenVAS, and Burp Suite for comprehensive vulnerability scanning and analysis. Incident Response and Forensics: • Quick and decisive action in responding to security incidents, minimizing impact, and restoring systems to normal operations. • Strong knowledge of digital forensics tools and techniques to investigate and analyze security breaches, collecting evidence for legal proceedings if necessary. Security Architecture and Design: • Designing and implementing secure network architectures, including firewalls, VPNs, and access controls. • Deep understanding of security frameworks such as ISO 27001, NIST, and CIS benchmarks to ensure compliance and best practices. Security Awareness and Training: • Developing and delivering engaging cybersecurity training programs to educate employees about potential risks and best security practices. • Promoting a culture of security awareness to empower individuals at all levels of the organization to become proactive defenders against cyber threats. Certifications: Cybersecurity Analyst Professional – IBM Secure Access with Azure Active Directory - Microsoft Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker – Cisco Cybersecurity Attack and Defence - EC- Council Cyber Threat Management – Cisco Penetration Testing, Incident Response and Forensics - IBM Security, Compliance, and Identity Fundamentals - IBM Information Systems Auditing, Controls and Assurance - IBM Penetration Testing with Kali Linux (PEN-200) – OSCP+ (Ongoing) Cyber Threat Intelligence – IBM. Azure Security Engineer Associate - Microsoft Bachelor's Degree in Computer Information Systems. I look forward to working with you