Summary
Overview
Work History
Education
Skills
Software
Certification
Timeline
BusinessAnalyst
Eric Mwangi

Eric Mwangi

Senior SOC Specialist
Munich

Summary

Result-Oriented IT Security Professional with demonstrated history of working in the Banking, Consulting and Aviation Industry, Notable Experience in the Security Operations Center (SOC), Vulnerability Assessment and Information Security Solutions.

Overview

9
9
years of professional experience
3
3
years of post-secondary education
10
10
Certificates

Work History

Senior Security Specialist

Lilium GmbH
09.2024 - Current

Achievements:

  • Onboarding and Integration of Log sources sources, streamlining the ingestion process by filtering out unwanted data fields to optimize SIEM Cost.
  • Defining Use Cases and Response plans for the onboarded Log sources.
  • Conducted thorough security assessments of current security controls, identifying and implementing improvements to enhance organizational resilience and reduce risk exposure.

Security Delivery Specialist

Accenture
11.2023 - 08.2024

Achievements:

  • Developed and documented incident response plans tailored to various security incidents and threat categories.
  • Prepared and delivered weekly and monthly SOC metrics reports covering key performance indicators both for board and regulatory consumption.
  • Documented and shared Threat Hunting findings to enhance overall security posture and guide preventive measures to the Security Engineers.
  • Led training sessions to help L1 analysts understand advanced threat vectors and response techniques.
  • Reviewed and updated use cases to adapt to evolving threat landscapes.

SOC Engineer

Equity Bank Limited
11.2020 - 10.2023

Achievements

  • Mobile Hotspot Vulnerability Uncovered: The misconfiguration allowed all bank users to create a portable hotspot which was able to bypass NAC.
  • Successfully conducted upgrades to Tripwire Enterprise Console to the latest versions 8.9 as at June 2022 and running with continuous optimization of the solution (Agent Upgrades).
  • Successfully conducted upgrades to ArcSight Logger to the latest versions v7.11 as at June 2022 and running with continuous optimization of Security solution.
  • Supported upgrades of DarkTrace Enterprise Immune System and supporting Models
  • Deployment of CrowdStrike Console and Agents across the Group.
  • Enhancements of Detection Models on Antigena Email.
  • Led the Development of Security and Compliance KPIs and metrics to track security Monitoring effectiveness : MSSP Service Level Agreements & Incident Reporting Metrics.
  • Successfully conducted 26 Hours of Cyber Security Awareness to New Joiners in the Bank both Physical and Virtual sessions.
  • Purple Team Activities - Active Directory attack and Defense, Network Vulnerability Assessment & Malware Hunting & Reporting.

SOC Analyst

Diamond Trust Bank
04.2016 - 11.2020

Achievements:

  • Developed Customized Flex connectors / Parsers to monitor Critical Business Applications on ArcSight Platform – Aruba, CiscoFTD connector
  • Part of team that conducted upgrades on ArcSight Manager, ArcSight Logger, ArcMC (to latest versions as at May 2017 i.e., ArcSight Express v6.9.1.c, ArcSight Logger v6.2, ArcMC v2.2). Upgrade project also included upgrading all appliances to RHEL 6.7 Operating system.
  • Upgrade of ArcSight Manager from v6.1 to v6.11
  • ArcSight Appliance RHEL upgrade from v6.2 to v6.8
  • HP Reputation Security Monitor (RepSM) Plus (v1.6) connector implementation on ArcSight Manager

Education

Bachelor of Science - Information Technology

Strathmore University
Nairobi, Kenya
01.2012 - 06.2015

Skills

Azure Security Technologies

Software

SIEM: ArcSight, Qradar, Sentinel & AlienVault

Email Security : Office 365, DarkTrace Antigena, FireEye & Cisco IronPort

EDR / XDR : DarkTrace, McAfee & FireEye

FIM : TripWire

DAM : Imperva

Cloud : Azure

Vulnerability Management : Qualys

CASB: Netskope

Certification

Certified Red Team Professional

Timeline

Senior Security Specialist

Lilium GmbH
09.2024 - Current

Security Delivery Specialist

Accenture
11.2023 - 08.2024

SOC Engineer

Equity Bank Limited
11.2020 - 10.2023

SOC Analyst

Diamond Trust Bank
04.2016 - 11.2020

Bachelor of Science - Information Technology

Strathmore University
01.2012 - 06.2015

Certified Red Team Professional

ISO 22301 Lead Implementor

AZ 900 - Microsoft Certified Azure Fundamentals

ESM200 - ArcSight ESM Administrator & Analyst

ITIL® FOUNDATION CERTIFICATE IN IT SERVICE MANAGEMENT

AUTOPSY DIGITAL FORENSICS TRAINING

Splunk Core Power User

Google Chronicle SIEM & SOAR Fundamentals

ArcX Foundation Level Threat Intelligence Analyst

SC-200: Microsoft Certified: Security Operations Analyst Associate

Eric MwangiSenior SOC Specialist