Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Timeline
Generic

Kelvin I. Kilonzo

Cyber Security Engineer
Nairobi,30

Summary

Certified Cybersecurity Engineer with 5+ years of experience securing enterprise infrastructure, cloud platforms, and applications. Skilled in threat detection, SIEM operations, incident response, and vulnerability management across AWS, Azure, and GCP environments. Experienced in security compliance frameworks including NIST, PCI DSS, MITRE and GDPR. Adept at translating complex security risks into actionable mitigation strategies while collaborating with cross-functional stakeholders.

Overview

11
11
years of professional experience
6
6
Certifications

Work History

Infrastructure Security Engineer

RJAH Hospital, NHS Trust
11.2023 - 11.2025
  • Threat Monitoring and Incident Response -Monitored enterprise infrastructure using Rapid7 InsightIDR and Microsoft Defender XDR, detecting and triaging security incidents across 6,000+ endpoints.
  • Infrastructure security and Cloud Platform Management - Secured all devices through encryption and access controls using ClearPass OnGuard, Cisco VPNs, and Cambium Cloud, while automating cloud provisioning with VMware, Terraform, and Ansible.
  • Vulnerability Management and Penetration Testing - Performed targeted scans using Nessus Scanner and correlated results using Rapid7 (LEQL) and MDE (KQL) that helped prioritize and remediate vulnerabilities hence reduced exposure scores below 20%.
  • Audits and Stakeholder Management – Conducted internal and externals audits in adherence to industry standards (PCI DSS, COBIT, CIS) to assess information security compliance and identify risks exposure in collaboration with stakeholders.
  • Incident Response and Strategy - Enhanced response strategies by correlating IoCs, enhanced detection, and fine-tuning risk mitigation procedures and created technical documentation to support in incident handling and post analysis.
  • Cybersecurity Frameworks and SIEM Tools - Utilized cyber frameworks (NIST CSF, SOC 2, Mitre ATT&CK) and ensure compliance and improve security of critical infrastructure systems.
  • Scripting and Automation – Leveraged skills in PowerShell, KQL, Python, Bash, and JavaScript to streamline security operations, automate repetitive tasks, and improve incident response efficiency.
  • Security Awareness and Threat Analysis – Delivered cybersecurity training and crisis simulations as well conducted malware analysis and developed Indicators of Compromise (IoCs) to enhance threat detection and incident response across the organization.
  • NHS England oversees healthcare commissioning in England, managing budget, planning, and operations per the Health and Social Care Act 2012.

Cybersecurity Consultant

Node Africa
09.2022 - 07.2023
  • Vulnerability Assessments – Conducted over 300 security assessments for clients, identified risks and recommended mitigation strategies to strengthen security.
  • Security Policies and Compliance –Created and executed security policies based on NIST-SP 800-53, ISO 27001, PCI-DSS and CIS to ensure compliance with industry standards.
  • Risk Mitigation and Optimization – Advised 200+ clients on risk mitigation, proposed enhancements leading to 20% performance improvement.
  • Security Audits and Risk Assessments – Performed audits and risk assessments using industry -standard frameworks identifying vulnerabilities and implementing remediation strategies.
  • Security Awareness and Training – Led training sessions and developed materials to promote cybersecurity best practices and reduce human-related risks.
  • Incident Response and Crisis Management – Supported clients in developing incident response plans, helping them address and recover from security breaches swiftly.
  • At Node Africa, I provided on-call support, assessing client data management needs and delivering secure cloud solutions.
  • Developed customized endpoint protection solutions that significantly reduced malware infections within client environments.
  • Spearheaded research projects aimed at identifying innovative techniques for combating emerging cyber threats.

Cybersecurity Analyst

Reliance Infosystems
06.2021 - 02.2022
  • Cloud Security Support - Led in designing secure cloud and hybrid architectures using Microsoft Azure, supporting security analysis and advising leadership on trends.
  • Customer Satisfaction Improvement - Boosted customer satisfaction by 30% based on client feedback and enablement of Microsoft Defender for Endpoint for specialized security options.
  • Security Controls Validation - Aided in security controls validation to reduce risk and design secure network infrastructures with Information Security Architects.
  • Incident Response and Threat Analysis - Led incident response and analysis with cross-functional teams, using Microsoft Defender for Cloud to monitor network health and report on critical security projects.
  • Project design and implementation – Designed and reviewed security projects that aligned and complied with the regional regulatory requirements.
  • Enhanced Security Posture - leveraged Microsoft Sentinel to correlate real-time threat intelligence and provide actionable preventative and responsive strategies.
  • A global ICT organization providing digital transformation, enterprise solutions, and success assurance to commercial, government, and non-profit sectors worldwide.
  • Performed regular reviews of user access rights, minimizing the risk posed by insider threats or compromised accounts.
  • Analyzed security incidents post-resolution, identifying areas for improvement in both technical controls and incident response processes.

IT Support Engineer

Fashtech Computers
01.2015 - 02.2021
  • Compliance and Regulatory Adherence – Ensured compliance with Kenya’s data protection laws, GDPR, ISO27001, PCI DSS, and UK regulations while supporting security awareness initiatives.
  • Customer Support & Advisory – Offered customer support with expertise in cyber security best practices that matched solutions to their business goals.
  • Cloud Migration Advisory – Advised on secure cloud migration, reducing downtime by 30% and improving scalability.
  • Incident Response & Monitoring – Monitored infrastructure for breaches, resolved and troubleshooted incidents to restore normal operations.
  • Security Solution Implementation – Configured and deployed DLP, SIEM, WAF, and database firewalls to enhance security.
  • Audit Leadership – Led ISO27001, PCI DSS, and SOC2 audits, reducing cyber-attacks by 35%.
  • Installed, configured, tested and maintained operating systems, application software, and system management tools.
  • Improved IT system performance by implementing proactive maintenance processes and timely upgrades.

Education

M.sc - Cybersecurity Engineering

University of Warwick
UK
09-2022

BSc - Computer Information Systems

Kenya Methodist University
Nairobi, Kenya
10-2019

Skills

Experienced in both Linux and Windows Administration

Management of users, groups, GPOs and Security Policies in AD

Experienced in SIEM and SOAR Solutions; Splunk, Rapid7, Chronicle, Microsoft Sentinel

Scripting and Automation: PowerShell, Python, JavaScript

Project management in terms of design, implementation and timely delivery

Vendor and stakeholder management: Compliance, support, SLAs and delivery

Monitoring, Maintenance and Technical support of networking and backup solutions

Virtualization Technologies: deployment and maintenance eg Hyper-V, VMware, EC2

PKI and Encryption techniques like Cloud, Biometric and AES

Collaboration and experience in cross-functional teams to deliver projects on time

Accomplishments

  • Chevening Scholar 2021/2
  • Professional Cybersecurity Mentor at KamiLimu.org Mentorship Programme 2016-present

Certification

EJPT (Junior PenTester) INE - Ongoing

Timeline

EJPT (Junior PenTester) INE - Ongoing

03-2026

Microsoft Security Operations Analyst (SC-200)

09-2025

Level 5 Leadership and Management, UK

12-2024

Infrastructure Security Engineer

RJAH Hospital, NHS Trust
11.2023 - 11.2025

Cyber Security Industry Training, Germany

11-2022

Cybersecurity Consultant

Node Africa
09.2022 - 07.2023

Enterprise Cyber Security, IBM

07-2022

Cybersecurity Analyst

Reliance Infosystems
06.2021 - 02.2022

Microsoft Azure Fundamentals AZ-900 (H456-1876)

08-2019

IT Support Engineer

Fashtech Computers
01.2015 - 02.2021

BSc - Computer Information Systems

Kenya Methodist University

M.sc - Cybersecurity Engineering

University of Warwick

Similar Profiles

  • CYNTHIA ARDMANCYNTHIA ARDMAN

    Security Engineer (Corporate Infrastructure) at AWSSecurity Engineer (Corporate Infrastructure) at AWS

  • William CooperWilliam Cooper

    Manufacturing Automation Infrastructure Engineer & Durable Core Team Lead at IntelManufacturing Automation Infrastructure Engineer & Durable Core Team Lead at Intel

  • Abby ParkerAbby Parker

    Systems and Infrastructure Engineer III, Information Security at WalmartSystems and Infrastructure Engineer III, Information Security at Walmart

  • Williams ArmahWilliams Armah

    Information Infrastructure Security Risk Analyst/Engineer at Pacira Biosciences, Inc, AerotekInformation Infrastructure Security Risk Analyst/Engineer at Pacira Biosciences, Inc, Aerotek

CREATE PROFILE
Kelvin I. KilonzoCyber Security Engineer