Raymond Musumba, CFE

Tech, cyber security, and investigation anti-nerd who codes and advocates for fit living.

I'm an experienced Cybersecurity Professional from Nairobi, Kenya with a Focus on Digital Forensics and Fraud Examination

With a solid foundation in Information Systems and Technology, I've specialized in Digital Forensics, Cybercrime, and Fraud Examination. My education is complemented by professional certifications in CFE and training in CISA, and CSX-F. Currently pursuing a Master of Science in Information Security, I've been an active member of ISACA since 2017.

In 2017, I co-authored the Kenya Cyber Security Report in collaboration with Serianu and earned my QRadar Security Intelligence credential from IBM. My practical experience includes working as a Consultant at a leading forensic, audit, and risk advisory firm in Kenya. Over the years, I've supported numerous investigations, audits, and risk assessments across seven countries, including Kenya, South Sudan, Ethiopia, Nigeria, Cameroon, Sudan, and Uganda.

My expertise lies in digital forensics, information security, and open-source intelligence (OSINT). I've applied frameworks like COBIT, PCI-DSS, GDPR, and relevant Kenyan legislation (Computer Misuse & Cybercrimes Act, Data Protection Act) to my work. Continuous professional development has led me to attend training in Cyber Resilience and Incident Response.

As an independent developer with over 14 years of experience, I've consulted on various web and mobile projects. This has equipped me with valuable programming skills that directly contribute to my specialization areas. My industry experience spans over 15 sectors, including Agriculture, Finance, Humanitarian, Manufacturing, Oil and Gas, Telecommunications, Tours and Travel, Hospitality, Logistics, Legal, Entertainment, and Technology.

Consulting Services

Specialised areas that I am available to engage in professionally.

Explore Brandefy

Brand Consulting

I take a security-oriented approach to creating user-centric, and market-responsive digital experiences matching individual and business brands.

Explore CADMUS

Forensic Advisory

I have the experience to identify, collect, analyse, and present digital evidence from electronic devices to support cases and investigations.

Get in Touch

Internet Security

As a developer, I have the experience to assess web and email applications and help to mitigate security risks and minimise the impact of potential abuse.

Skills and Tool Proficiency

Some of the technical skills I've acquired, as well as tools I interact with.

Technical Skills

  • Computer Forensics
  • Email Forensics
  • Mobile Forensics
  • Vulnerability Assessment
  • Risk Management
  • Database Administration
  • Networking

Specialised Skills

  • Due Diligence
  • Document Examination
  • Fingerprint Analysis
  • Handwriting Analysis
  • Fraud Examination
  • Intelligence Gathering
  • Interviews

Coding and Scripting

  • Python (Basic)
  • C/C++ (Basic)
  • Java (Basic)
  • PHP (Intermediate)
  • JSX (Intermediate)
  • SQL (Intermediate)
  • HTML5/CSS3

Forensics Tools

  • EnCase v8
  • Paraben E3
  • Autopsy
  • Paladin Suite
  • Magnet Forensics
  • FTK Imager
  • Volatility
  • Registry Viewer
  • Exiftool

Intelligence Tools

  • SpiderFoot
  • Maltego
  • IBM QRadar
  • Nessus
  • SysInternals Suite

Other Tools Used

  • HashCalc
  • Kali Linux
  • APKtool
  • VMware (Virtualisation)
  • Hyper-V (Virtualisation)
  • Wireshark

Professional Training

Brief overview of my professional development journey, including training and qualifications.

2024 - Certified Fraud Examiner (CFE)

  • Professional certification from the Association of Certified Fraud Examiners (ACFE)

2020 - NSE 1 Network Security Associate

  • Issued by Fortinet NSE Institute

2020 - Autopsy Basics and Hands-on Training

  • Facilitated by Basis Technology and instructed by Brian Carrier

2019 - Incident Response (IR) Training

  • Facilitated by AfricaHackOn and instructed by Jessica Payne (Microsoft)

2018 - ISO 9001:2015 (Quality Management Systems) Training

  • Facilitated by Sentinel Africa Consulting

2017 - Security Intelligence Analyst with IBM QRadar SIEM v7.2

  • IBM Skills Academy in partnership with United States International University - Africa

2017 - Certified Information Systems Auditor (CISA) Training

  • ISACA in partnership with United States International University - Africa

2017 - Cybersecurity Nexus (CSX) Training

  • ISACA in partnership with United States International University - Africa

Published Work

Relevant industry contributions made to research, journal articles, and more.

Journal Article for PenTest Magazine's OSINT in Offensive Security Edition (2020)

  • Leveraging Open-Source Intelligence in Proactive Cyber Defence [Purchase]

The Annual Kenya Cybersecurity Report in Partnership with Serianu Limited (2017)

  • Demystifying Africa’s Cyber Security Poverty Line [Download]