Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Naomi Kosgei

Nairobi,

Summary

A Cyber Security Analyst specializing in Security Operations, Incident Response and Threat Intelligence. Experienced in analyzing security events, investigating network intrusions and mitigating cyber threats using SIEM, SOAR and forensic tools. Strong background in network security, malware analysis and digital forensics to enhance threat detection and response. Adaptable and committed to continuous learning, staying ahead of evolving cyber threats and best practices.

Overview

6
6
years of professional experience
1
1
Certification

Work History

Senior Cyber Security Analyst

Safaricom PLC
02.2025 - Current
  • Optimized security monitoring processes by implementing automated tools like SOAR for real-time threat detection and analysis.
  • Customized and managed security information and event management (SIEM) systems for real-time threat detection and analysis.
  • Improved incident response times by developing and maintaining cybersecurity playbooks for common attack scenarios.
  • Reduced false positive alerts in security monitoring systems by fine-tuning detection parameters, enhancing operational efficiency.
  • Ensured compliance with industry regulations by performing comprehensive audits on existing security policies and procedures.
  • Conducted security audits to identify vulnerabilities.

Cyber Security MSSP Analyst

Safaricom PLC
09.2022 - 01.2025
  • Monitored and performed in-depth investigations of real-time security alerts and logs for multiple clients to identify indicators of compromise (IOCs) by utilizing SIEM solutions and the MITRE ATT&CK framework.
  • Led the deployment and configuration of Palo Alto Cortex SOAR, integrating it with SIEM and other tools to automate response processes, reducing manual tasks and enhancing operational efficiency.
  • Created XSOAR playbooks to automate routine security tasks, achieving a 40% reduction in incident response time and automating repetitive tasks.
  • Conducted regular threat hunting activities, leveraging threat intelligence to investigate potential attack vectors and uncover hidden threats within the network.
  • Collaborated with Content engineering teams to implement continuous security monitoring and data enrichment strategies, increasing visibility into suspicious behaviors and anomalies.
  • Providing expert guidance on cybersecurity trends and emerging threats, offering tailored recommendations to managed security services clients.

Cyber Security Operations Engineer

Safaricom PLC
01.2022 - 08.2022
  • Managed security tools, including Imperva WAF, Tripwire FIM and Intrusion Prevention Systems, to strengthen security posture and achieve compliance across multiple sites.
  • Worked with cross-functional teams, including infrastructure and network operations teams, to ensure comprehensive security across the complex environments through strategic network security and firewall configurations.
  • Participated in audits with the GRC team, ensuring regulatory compliance and alignment with industry standards for robust network security.
  • Actively engaged in continuous patching and vulnerability management for both Windows and Linux environments, maintaining a resilient infrastructure.
  • Led onboarding and integration of network and database security solutions contributing to streamlined security workflows, including Cisco ISE and various Intrusion Prevention Systems.
  • Investigated and resolved issues related to MFA and VPN access in collaboration with external users and vendors.

Software Delivery Graduate Trainee

Huawei Technologies
07.2021 - 12.2021
  • Performed comprehensive product testing and delivery of the software services including maintenance and support, addressing and resolving issues to maintain operational efficiency.
  • Conducted security and functionality testing for software services, including API testing to validate the performance and reliability of endpoints.
  • Monitored and responded to system alarms, supporting system stability and enhancing operational resilience through early detection of potential issues using as Grafana, Kibana, and Prometheus.
  • Assisted in the configuration of network environments, supporting optimal integration and performance of deployed systems.

NOC Student Intern

Jamii Telecommunications Limited (JTL)
05.2019 - 08.2019
  • Monitored network operations and participated in incident response, gaining hands-on experience in real-time network management.
  • Configured and tested network equipment, such as Optical Network Units (ONUs) and fiber optics, to support network infrastructure growth and reliability.
  • Conducted quality control checks for network optical fiber implementation, ensuring adherence to industry standards and project specifications.

Education

Bachelor of Science - Computer Science

University of Eldoret
03.2021

Certificate - Data Science

Moringa School
03.2021

Skills

  • Security Incident Response & Malware Analysis
  • Threat Intelligence & Hunting
  • SIEM & SOAR Operations
  • Network & Cloud Security
  • Security Automation & Scripting
  • Cross-Team Collaboration & Communication

Certification

  • CompTIA Cyber Security Analyst (CySA+) (2024-10 - 2027-10)
  • CompTIA Security+ (2023-02 - 2027-02)
  • Amazon Web Services Cloud Practitioner- AWS (2022-05 - 2025-05)
  • Fortinet Certified Professional Network Security (FCP) (2024-03 - 2027-03)
  • Fortinet Network Security Associate (2023-05 - 2026-05)

Timeline

Senior Cyber Security Analyst

Safaricom PLC
02.2025 - Current

Cyber Security MSSP Analyst

Safaricom PLC
09.2022 - 01.2025

Cyber Security Operations Engineer

Safaricom PLC
01.2022 - 08.2022

Software Delivery Graduate Trainee

Huawei Technologies
07.2021 - 12.2021

NOC Student Intern

Jamii Telecommunications Limited (JTL)
05.2019 - 08.2019

Certificate - Data Science

Moringa School

Bachelor of Science - Computer Science

University of Eldoret

Similar Profiles

  • Clifford Owens Obura

    Clifford Owens OburaClifford Owens Obura

    Acting Lead - Cloud, Cybersecurity and IoT Product Management at SAFARICOM PLCActing Lead - Cloud, Cybersecurity and IoT Product Management at SAFARICOM PLC

    View Profile
  • Ian Murimi

    Ian MurimiIan Murimi

    Operations and Support Engineer at Safaricom PLCOperations and Support Engineer at Safaricom PLC

    View Profile
  • DAVID NDUNG’U

    DAVID NDUNG’UDAVID NDUNG’U

    Software Developer Engineer in Test (SDET) at Safaricom PLCSoftware Developer Engineer in Test (SDET) at Safaricom PLC

    View Profile
Naomi Kosgei