Open to opportunities

Derick Mwenda

@derickmwenda

Message

I’m an Information Security Analyst improving SOC and cloud protections with Azure.

Kenya

Message

What I'm looking for

I’m looking for a role where I can run and improve SOC workflows in Microsoft Sentinel, harden cloud and identity security with Entra ID/PIM/RBAC, automate detections and response, and collaborate with teams to prevent threats and improve user-safe access.

I’m an accomplished and result-oriented ITIL-certified ICT professional with 8 years of experience spanning information security, on-prem and cloud infrastructure, networking, system administration, service delivery, and ICT4D—supporting users across different countries and cultures.

As an Information Security Analyst, I protect the organization through the security operations centre (SOC) by investigating, analysing, and remediating security alerts and incidents in Sentinel (leveraging KQL) and Microsoft Defender. I drive security hardening initiatives—improving Microsoft Secure Score, reducing attack surface using Defender Exposure Management and rules, and aligning infrastructure hardening with CIS benchmarks—while contributing to project design, test, and execution (e.g., Web Defend, Windows Hello, and Microsoft 365 Passwordless).

I also build practical, end-to-end security and identity solutions: from implementing data loss protection with Microsoft Purview to developing incident response and disaster recovery procedures, phishing evaluation procedures, and knowledge base articles. I enhance user awareness through security awareness programs and simulated phishing campaigns, resolve escalated security tickets with high user satisfaction, manage privileged/service accounts, and improve identity security by configuring Privileged Identity Management (PIM) and RBAC.

In my part-time ICT Consultant role, I lead migrations and secure modernization across Microsoft 365 ecosystems—migrating email from cPanel to Exchange Online, moving office collaboration to Microsoft 365, and migrating profiles to Entra ID for unified managed identity and endpoint management. I deploy and configure Microsoft Sentinel SIEM, implement analytics and threat monitoring, set up sensitivity labels with Purview, automate internal workflows with Power Apps and Power Automate, and support secure network implementations (including Cloudflare DDoS protection and cloud-managed networking via Ubiquiti Unifi and Cisco Meraki) while mentoring teams and coordinating vendor-led IT projects.

Experience

Work history, roles, and key accomplishments

Current

ICT Consultant

Current

Powershift Africa

May 2021 - Present (5 years)

Provided ICT leadership and technical support, migrating email from cPanel to Exchange Online and moving to Microsoft 365, Entra ID-managed identities, and endpoint management via Intune. Designed SharePoint and Teams collaboration, built Power Apps/Power Automate solutions, and deployed Sentinel SIEM with Defender monitoring and security analytics.

Exchange Online Migration Microsoft 365 Administration Entra ID SharePoint Power Automate Microsoft Intune Cisco Meraki

IT GRC Intern

Equity Bank

May 2016 - Aug 2016 (3 months)

Contributed to IT policy development and reviews, supported IT risk management through audits and risk assessments, and helped map risks to owners for remediation. Assisted with enforcing ICT policy compliance, supporting vendor/contract activities, and participating in IT asset management across the lifecycle.