K

Kefa Cheruiyot Kiprop

About

Detail

Nairobi, Nairobi County, Kenya
Contact Kefa regarding: 
work
Full-time jobs
Starting at USD1.6k/month
Flexible work
Starting at USD5.55/hour

Timeline

work
Job
school
Education
folder
Project

Résumé

Jobs verified_user 0% verified
  • K
    System Audit Officer
    Kenya Women Microfinance Bank (KWFT).
    May 2024 - Current (2 years 1 month)
    • System Security Audits: I do regular audits of the organization's IT systems to identify vulnerabilities and assess security measures. • Risk Assessment: I Manage to evaluate the risks associated with the organization's IT systems and recommending measures to mitigate these risks. • Incident Response: I develop and implement procedures for responding to security incidents. • Compliance Monitoring: I ensure that the organization's IT systems comply with relevant laws, regulations, and industry standards, like ISO/IEC 27001. • Documentation and Reporting: I Maintain detailed records of audit findings, risk assessments and security incidents. • Provided guidance to internal teams on security matters, promoting a culture of security awa
  • K
    Cyber Security Analyst
    Kenya Revenue Authority,
    Nov 2022 - Dec 2023 (1 year 2 months)
    • Security Monitoring and Incident Response: I led in real-time monitoring and rapid response to security incidents through defense against cybersecurity threats; detected, reported, and responded to security incidents. These are the tools I used: Splunk, IBM QRadar and ELK. • I Provided input into Cyber Security risk and control self-assessments by leveraging knowledge in technical security and mitigating information and cyber risks identified by various assurance teams such as Information Risk and Audit. • Security Operations Management: Assisted in Overseeing day-to-day security operations, maintaining intrusion detection and prevention systems. Analyzed network activity and anomalous traffic trends to uncover potential threats, ensur
  • K
    Information Technology officer
    Kenya Revenue Authority ICDN (ICT)
    Jan 2022 - Mar 2022 (3 months)
    • Supported the IT team in the maintenance of hardware, software and other systems. • Capturing resolution details into the knowledge base system. • Establishing a good working relationship with customers by keeping them updated on the progress made concerning their requests and in case of any escalations • Logging queries of end users in the incident management and data tools. • Helping the authority on data protection to ensure compliance to the DataProtection Act, 2019. • Installation, troubleshooting, repairing, and maintaining end user equipmentand accessories. • Maintaining and monitoring of computer networks and systems.
  • Codingal
    Senior Coding Instructor
    Codingal
    Mar 2021 - Current (5 years 3 months)
    • Programming and Cybersecurity Instruction: Deliver comprehensive lessons in Python, JavaScript, HTML, CSS, PHP, and Java, emphasizing secure coding practices to prepare students for developing secure applications. • Cybersecurity Threat Awareness: Teach students to identify and mitigate threats such as malware, phishing, and DoS attacks through real-world scenarios and hands-on labs, reinforcing defensive strategies. • Database Security Training: Train students in relational database management systems (RDBMS) such as Oracle, MS SQL, MySQL, and Pervasive SQL, focusing on encryption techniques and SQL injection prevention. • Mentorship for Cybersecurity Careers: Mentor students in building skills and portfolios to support career growth
  • K
    Information Technology officer
    Kerio Valley Development Authority, ICT department,
    May 2019 - Aug 2019 (4 months)
    • Supported the IT team in the maintenance of hardware, software, and networking • Provided technical support • Performed hands-on fixes on computer workstations, laptops, printers, IP phones, • Installed and maintained CCTV cameras at Kerio Valley Development Authority
Education verified_user 0% verified
  • S
    Certified Cyber Security analyst
    Scratch and Script• Networking
    Jun 2024 - Dec 2024 (7 months)
    Cybersecurity, threat hunting, OSINT, and bug bounty
  • CompTIA
    CompTIA Security+ (SY0-701)
    CompTIA
    May 2024 - Mar 2025 (11 months)
    Covers essential cybersecurity principles including securing networks, systems, and data, as well as compliance and threat mitigation techniques
  • Cisco
    Network Security Associate
    Cisco
    Aug 2023 - Dec 2023 (5 months)
    Acquired foundational networking skills including secure device configuration, network segmentation, and basic threat mitigation techniques.
  • Cisco
    Cisco Certified CyberOps Associate
    Cisco
    Jun 2023 - Sep 2023 (4 months)
    Developed expertise in monitoring and analyzing security events using SIEM tools, identifying threats, and executing incident response procedures.
  • Cisco
    Cisco DevNet Associate
    Cisco
    Feb 2023 - Jul 2023 (6 months)
    Focused on developing and securing APIs, integrating automation in network environments, and applying DevSecOps principles.
  • Cisco
    CCNA 1• CCNA 2• CCNA 3
    Cisco
    Jan 2023 - Dec 2023 (1 year)
    Acquired foundational networking skills including secure device configuration, network segmentation, and basic threat mitigation techniques.
  • Cisco
    Certified Cisco Ethical Hacker
    Cisco
    Dec 2022 - Aug 2023 (9 months)
    Learned ethical hacking techniques including reconnaissance, scanning, and exploitation in controlled environments aligned with industry standards.
  • M
    Bachelor of Science in Information
    MOUNTKENYA UNIVERSITY
    Sep 2019 - Jul 2022 (2 years 11 months)
    The Bachelor’s program provided a comprehensive understanding of IT with a strong focus on cybersecurity and software engineering. Key achievements include building secure web applications, participating in ethical hacking labs, and designing resilient IT infrastructure with layered security. Courses emphasized critical thinking, hands-on lab work, and the application of industry standards (NIST, ISO/IEC 27001).
  • M
    Diploma in Information Technology
    MOUNTKENYA UNIVERSITY
    Sep 2017 - Aug 2019 (2 years)
    Built a solid foundation in IT with a focus on security, coding, and system support. Emphasized practical learning through system setup, code writing, and basic threat detection in lab environments.
Projects (professional or personal) verified_user 0% verified
  • Kenya Revenue Authority
    Cloud Security Monitoring Integration
    Kenya Revenue Authority
    Nov 2023 - Dec 2023 (2 months)
    Integrated cloud security logs with on-premise SIEM for centralized monitoring. Configured alerts for misconfigurations and suspicious activities. Enabled the organization to detect unauthorized cloud access and respond within SLA timelines.
  • Kenya Revenue Authority
    Vulnerability Assessment and Risk Mitigation
    Kenya Revenue Authority
    Jul 2023 - Nov 2023 (5 months)
    Performed routine vulnerability scans across server and client infrastructure using Nessus. Analyzed results, prioritized risks based on CVSS scores, and collaborated with IT teams to patch critical vulnerabilities, decreasing exploitable risk surface by 60%.
  • Kenya Revenue Authority
    Security Orchestration, Automation, and Response (SOAR) Program
    Kenya Revenue Authority
    Jun 2023 - Sep 2023 (4 months)
    Playbook creation, alert enrichment, automated incident response, integration with SIEM. Description: Developed and implemented automated playbooks in SOAR platforms like Cortex XSOAR to handle phishing, malware alerts, and user access anomalies. Integrated with ticketing tools and SIEM for end-to-end incident lifecycle management.
  • Kenya Revenue Authority
    Endpoint Security Hardening and Monitoring
    Kenya Revenue Authority
    Jun 2023 - Dec 2023 (7 months)
    Developed endpoint baseline configuration standards across multiple departments, deployed EDR solutions, and created scripts to monitor abnormal behavior. This project improved endpoint visibility and helped in early detection of malware and insider threats.
  • Kenya Revenue Authority
    ELK Stack for Security Analytics Program
    Kenya Revenue Authority
    May 2023 - Nov 2023 (7 months)
    Log parsing, dashboard visualization, Elasticsearch queries, Kibana alerts. Description: Built a centralized log analysis platform using Elasticsearch, Logstash, and Kibana. Parsed firewall, system, and application logs for threat indicators and visualized key security metrics to aid in SOC operations.
  • Kenya Revenue Authority
    Endpoint Detection and Response (EDR) Deployment Program
    Kenya Revenue Authority
    Apr 2023 - Oct 2023 (7 months)
    Threat hunting, IOC analysis, behavior-based detection, policy enforcement. Description: Implemented EDR solutions like CrowdStrike and Microsoft Defender for Endpoint across enterprise systems. Analyzed alerts, conducted root cause investigations, and enforced response policies to contain malware and insider threats.
  • Kenya Revenue Authority
    Firewall Configuration and Rule Optimization Program
    Kenya Revenue Authority
    Mar 2023 - Sep 2023 (7 months)
    ACL configuration, NAT, VPN setup, traffic filtering, port management. Description: Configured and managed Cisco ASA and FortiGate firewalls to restrict unauthorized access and enforce network segmentation. Regularly reviewed and optimized firewall rules to reduce risk exposure and improve performance.
  • Kenya Revenue Authority
    Wazuh Threat Detection and Compliance Project
    Kenya Revenue Authority
    Mar 2023 - Jul 2023 (5 months)
    Host-based intrusion detection (HIDS), file integrity monitoring, compliance reporting, rule tuning. Description: Deployed and customized Wazuh agents across Linux and Windows hosts. Configured security rules and compliance modules (PCI-DSS, GDPR), integrated with ELK stack to monitor suspicious activity and generate automated alerts.
  • Kenya Revenue Authority
    Security Awareness and Phishing Simulation Campaign
    Kenya Revenue Authority
    Jan 2023 - Nov 2023 (11 months)
    Designed and ran monthly phishing simulation campaigns for employees. Analyzed click rates and delivered targeted security awareness training. Achieved a 50% reduction in phishing susceptibility within 6 months.
  • Kenya Revenue Authority
    SOC Playbook Development for Incident Response
    Kenya Revenue Authority
    Jan 2023 - Nov 2023 (11 months)
    Created structured incident response playbooks covering phishing, malware, unauthorized access, and insider threats. Integrated playbooks with SOAR platforms to enable semi-automated response, boosting SOC efficiency and response consistency.
  • Kenya Revenue Authority
    Advanced Threat Detection and Response Implementation
    Kenya Revenue Authority
    Jan 2023 - May 2025 (2 years 5 months)
    Led the implementation and fine-tuning of threat detection rules in SIEM platforms to identify and respond to APTs using MITRE ATT&CK techniques. Conducted proactive threat hunting across enterprise systems and responded to incidents in coordination with SOC L2/L3 teams, reducing response time by 35%.
  • Kenya Revenue Authority
    Security Information and Event Management (SIEM) Integration Program
    Kenya Revenue Authority
    Dec 2022 - May 2023 (6 months)
    Log correlation, threat detection, rule tuning, alert triage, incident response. Description: Deployed and fine-tuned SIEM platforms like Splunk and IBM QRadar to collect logs from endpoints, firewalls, and servers. Created custom correlation rules and dashboards to monitor malicious activity and trigger alerts for real-time threat detection