Peter Musembi Wambua

Peter Musembi Wambua

About

Detail

Nairobi, Nairobi County, Kenya

Timeline


work
Job
school
Education
folder
Project

Résumé


Jobs verified_user 0% verified
  • U
    Senior Security and InfrastructureAssociate
    Ultratude Tech,
    Apr 2024 - Jan 2025 (10 months)
    • Performed vulnerability assessments on the company's infrastructure built in .NET(C#) to eliminate the existing vulnerabilities, and wrote pentest reports leading to a 60% reduction in vulnerabilities and improving overall security posture. • Implemented SIEM tools in Azure, monitored over 1000 logs daily, and investigated the security events. • Collaborated with the development team to integrate security best practices throughout the software development lifecycle leading to 40% more secure software. • Additionally, set up IDS and Firewalls in cloud environments such as GCP and AWS, ensuring robust security measures were in place. Conducted vulnerability assessments in alignment with NIST, ISO, and GDPR regulations, enhancing c
  • HackerOne
    Upwork
    Bug Bounty Hunter and Freelancer
    HackerOne, Upwork
    May 2023 - Current (3 years 3 months)
    ● Discovered and responsibly disclosed vulnerabilities across web, API, and mobile applications, including critical issues such as IDORs, XSS, SSRF, and access control flaws, helping companies strengthen their security postures. Additionally, my knowledge of GCP and AWS allowed me to assess cloud-based applications effectively, ensuring comprehensive security evaluations. ● Conducted end-to-end penetration testing engagements on web applications for UpWork clients, including black-box and authenticated testing, aligning with OWASP Top 10 and NIST standards. My familiarity with ISO/IEC 27001 and GDPR standards further enhanced my ability to ensure compliance during testing processes. ● Delivered professional pentest reports with detailed
  • H
    Red TeamEngineer
    Hackerbro Technologies,
    Jan 2023 - Dec 2023 (1 year)
    • Conducted penetration testing simulations on over 15 companies' systems, identifying and exploiting high-risk vulnerabilities, thereby enhancing the organizations' cybersecurity resilience by over 50%. • Implemented, tested, and operated security software in compliance with the technical reference architecture. Performed ongoing security testing and code reviews to uncover vulnerabilities and stay current on IT security trends. • Generated comprehensive reports on penetration testing activities, highlighting over 50 key findings and recommendations over the internship period, leading to over 50% improvement in the organization's overall security posture. • Conducted vulnerability assessments in alignment with NIST and ISO/IEC 27001
  • C
    CTF Player
    Cyb3rk1math1
    Jul 2022 - Current (4 years 1 month)
    • Contributed to this award-winning CTF team, consistently placing in the top 4 of over 15 national and international competitions, showcasing advanced skills in offensive security and team collaboration. • Specialized in penetration testing challenges (web, Android, boot2root), achieving a 90% success rate in solving security vulnerabilities, further honing practical skills in exploitation and remediation techniques. • Collaborated with team members to develop innovative solutions to problems, completing over 100 challenges across various categories, and demonstrating teamwork and problem-solving skills. Constantly learned over platforms like TryHackMe, HackTheBox, and OffSec. Additionally, employed agile methodologies to design cha
  • S
    Network Engineer Intern
    State Law Offices - Kenya
    May 2021 - Dec 2021 (8 months)
    ● Designed and implemented network architecture enhancements resulting in a 20% increase in network efficiency within the Offices of the President and Attorney General. ● Successfully implemented network security measures, reducing security incidents by 30% and preventing unauthorized access to critical systems, and also provided Information Technology support to over 50 staff members achieving a 95% satisfaction rate.
Education verified_user 0% verified
  • C
    Network and Cloud Security
    Cyber Shujaa
    Sep 2024 - Dec 2024 (4 months)
  • Dedan Kimathi University of Technology
    BSC in Computer Science
    Dedan Kimathi University of Technology
    Aug 2020 - May 2024 (3 years 10 months)
Projects (professional or personal) verified_user 0% verified
  • H
    Himaya
    Apr 2024 - Oct 2024 (7 months)
    I worked in a team of 3 as the main developer of this email add-on using Apps Script to detect ransomware in emails. My role involved not only the technical development but also ensuring compliance with various security standards and frameworks, such as the NIST Cybersecurity Framework and ISO/IEC 27001, to enhance the security posture of the application. Additionally, I integrated principles of GDPR to ensure data protection and privacy for users. I also applied knowledge of firewall configurations to bolster the add-on's defenses against potential threats. Furthermore, I utilized concepts from the SAFe and Scrum methodologies to facilitate agile development processes, ensuring timely delivery and adaptability to changing requirements. My
  • D
    Django Password Manager
    Feb 2024 - May 2024 (4 months)
    • A secure password manager that I developed using Django, and implemented the best security features.
  • S
    Static Testing Django Application
    Jun 2023 - Jul 2023 (2 months)
    • As a sole developer, I developed this static testing application for mobile APKs using the Django framework, employing a pattern-based approach. Additionally, I utilized agile methodologies throughout the development process, which facilitated iterative progress and enhanced collaboration, ultimately leading to a more efficient and effective application development cycle.