Open to opportunities

omoshofcourse User

@omoshofcourseuser

Message

I am a SOC Analyst who turns telemetry into threat insights through DFIR, OSINT, and incident response.

Kenya

Message

What I'm looking for

I’m looking to grow in a SOC/DFIR environment where I can improve detection quality, triage faster with automation, and turn telemetry and forensic evidence into clear IOCs, timelines, and actionable recommendations.

I’m a cybersecurity professional with a network engineering foundation and specialized training in digital forensics, threat intelligence, and security operations. I’m ISC² Certified in Cybersecurity and focused on turning evidence into clear, actionable next steps for incident response.

In simulated and capstone work, I’ve conducted hard drive and PCAP investigations using Linux CLI and Wireshark/TCPDump to extract indicators, reconstruct timelines, and produce reports with IOCs and recommended detection filters for SIEM ingestion. I’ve also performed end-to-end malware threat hunts, generating hashes/strings, searching images for hidden artifacts, and recommending enrichment and detections.

My DFIR approach emphasizes disciplined methodology—recovering hidden data via steganography, applying file signature analysis and file carving, and documenting chain of custody. I also build threat intelligence using OSINT, research threat actors and attack vectors, and analyze dark web infrastructure to support threat hunting and prevention strategies.

As a NOC Intern, I operated and tuned network telemetry (syslog, netflow, SNMP) across multi-site infrastructure, triaged anomalous events with packet-level analysis, and delivered timelines and root-cause reporting for SOC investigations. I automated log-forwarding pipelines, developed Python/Bash tooling to flag suspicious patterns, and authored runbooks/playbooks to improve triage and escalation consistency.

Experience

Work history, roles, and key accomplishments

SOC Analyst Simulation

Let's Defend

Triaged SIEM alerts, validated true/false positives, and investigated web application attacks (e.g., SQLi/XSS) using attacker-like analysis. Produced incident timelines, mapped findings to MITRE ATT&CK and the Cyber Kill Chain, and documented containment and remediation steps.

SIEM Alert Triage Web Application Attack Analysis IOC Extraction ATT&CK Mapping Incident Timeline Documentation

Digital Forensics Capstone

Let's Defend

Conducted comprehensive hard drive analysis with Linux forensic methodologies, recovering hidden data via steganography extraction and file signature analysis. Documented chain of custody and produced a formal forensic report with IOCs and evidence preservation details.

Linux CLI Forensics Steganography Extraction File Carving File Signature Analysis Chain Of Custody

Vulnerability Assessment Capstone

Let's Defend

Assessed a Metasploitable2 test system using Nessus Essentials with supporting scans (Nmap/WPScan), analyzing outputs and prioritizing findings by CVSS risk. Produced a formal vulnerability report with remediation recommendations and suggested detection filters for SIEM ingestion.

Nmap WPScan Testing OpenVAS Redline Scanning Vulnerability Reports SIEM Detection Filter Design

Malware Threat-Hunt Capstone

Let's Defend

Performed an end-to-end malware threat hunt on a provided system image by generating IOCs (hashes/strings/filenames) and analyzing the image in a VM environment. Reconstructed malware spread and persistence mechanisms and delivered an investigative brief with SIEM-ready detection/enrichment recommendations.

IOC Generation VM Based Analysis Hash And String Analysis Filesystem Searching Persistent

Education

Degrees, certifications, and relevant coursework

ISC2

ISC² Certified in Cybersecurity (CC), Cybersecurity

Activities and societies: OSINT investigations, dark web operations, and digital evidence analysis using forensic methodologies; focused on incident documentation and anomaly detection.

Completed ISC2 Certified in Cybersecurity (CC) with hands-on work across threat intelligence, OSINT investigations, dark web research, and digital evidence analysis.

Let's Defend

Let's Defend SOC Learning (Blue Team), Security Operations (SOC)

Activities and societies: Threat hunting and incident response exercises including PCAP/network analysis, OSINT threat intelligence reporting, and structured evidence handling.

Completed Let's Defend SOC Learning (Blue Team) focused on security operations and practical SOC investigation workflows.

Microsoft Blue Team Academy (BTJA)

Microsoft Student SOC Path (BTJA) Foundations, SOC Fundamentals

Activities and societies: Built investigation and triage skills for common SOC alerts, including enrichment, escalation criteria, and incident timeline documentation.

Completed the Microsoft Student SOC Path Team Junior (BTJA) Pathway Program Foundations, building SOC and blue-team fundamentals.