My Story

Technology adopter. Forensic and cyber risk advisor. Security-aware developer. Avid fitness advocate.

Hi there! I'm Ray.

My education background is in Information Systems and Technology with a focus on Digital Forensics and Cybercrime, coupled with professional training in Information Systems Audit (CISA) and Cybersecurity Fundamentals (CSX-F). Currently, I am pursuing a Master of Science in Information Security and have been a member of ISACA since 2017 - the same year I co-authored the Kenya Cyber Security Report in partnership with Serianu and attained my QRadar Security Intelligence credential from IBM.

I worked as a Consultant at a forensic, audit, and risk advisory firm in Kenya, where I supported multiple assignments in investigation, audit, and risk assessment domains across seven countries, including Kenya, South Sudan, Ethiopia, Nigeria, Cameroon, Sudan, and Uganda. I consistently applied my skills in digital forensics, information security, and open-source intelligence (OSINT), coupled with various frameworks and legislation such as COBIT, PCI-DSS, GDPR, and Computer Misuse & Cybercrimes Act of Kenya (2018). My professional development also led me to attend trainings and workshops in Cyber Resilience and Incident Response (IR).

Additionally, as an independent developer with over 8 years' experience, I have consulted on various web and mobile projects from which I gained programming skills that have proven to be invaluable in my area of specialisation. I have gained experience working in over 15 industries, including Agriculture, Finance, Humanitarian, Manufacturing, Oil and Gas, Telecommunications, Tours and Travel, Hospitality, Logistics, Legal, Entertainment and Technology.

Consulting Services

Specialised areas that I am available to engage in professionally.

Experience

Forensic Advisory

I have the experience to identify, collect, analyse, and present digital evidence from electronic devices to support cases and investigations.

Get in Touch

Web & Email Security

As a developer, I have the experience to assess web and email applications and help to mitigate security risks and minimise the impact of potential abuse.

Past Work

Web Consulting

I take a security-oriented approach to create user-centric, cross-compatible, and responsive web experiences matching individual and business brands.

Skills and Tool Proficiency

Some of the technical skills I've acquired, as well as tools I interact with.

Technical Skills

  • Computer Forensics
  • Email Forensics
  • Mobile Forensics
  • Vulnerability Assessment
  • Risk Management
  • Database Administration
  • Networking

Specialised Skills

  • Due Diligence
  • Document Examination
  • Fingerprint Analysis
  • Handwriting Analysis
  • Fraud Examination
  • Intelligence Gathering
  • Interviews

Coding and Scripting

  • Python (Basic)
  • C/C++ (Basic)
  • Java (Basic)
  • PHP (Intermediate)
  • JSX (Intermediate)
  • SQL (Intermediate)
  • HTML5/CSS3

Forensics Tools

  • EnCase v8
  • Paraben E3
  • Autopsy
  • Paladin Suite
  • Magnet Forensics
  • FTK Imager
  • Volatility
  • Registry Viewer
  • Exiftool

Intelligence Tools

  • SpiderFoot
  • Maltego
  • IBM QRadar
  • Nessus
  • SysInternals Suite

Other Tools Used

  • HashCalc
  • Kali Linux
  • APKtool
  • VMware (Virtualisation)
  • Hyper-V (Virtualisation)
  • Wireshark

Professional Training

Brief overview of my professional development journey, including training and qualifications.

2020 - NSE 1 Network Security Associate

  • Facilitated by Fortinet NSE Institute

2020 - Autopsy Basics and Hands-on Training

  • Facilitated by Basis Technology and instructed by Brian Carrier

2019 - Incident Response (IR) Training

  • Facilitated by AfricaHackOn and instructed by Jessica Payne (Microsoft)

2018 - ISO 9001:2015 (Quality Management Systems) Training

  • Facilitated by Sentinel Africa Consulting

2017 - Security Intelligence Analyst with IBM QRadar SIEM v7.2

  • IBM Skills Academy in partnership with United States International University - Africa

2017 - Certified Information Systems Auditor (CISA) Training

  • ISACA in partnership with United States International University - Africa

2017 - Cybersecurity Nexus (CSX) Training

  • ISACA in partnership with United States International University - Africa

Published Work

Relevant industry contributions made to research, journal articles, and more.

Journal Article for PenTest Magazine's OSINT in Offensive Security Edition (2020)

  • Leveraging Open-Source Intelligence in Proactive Cyber Defence [Purchase]

The Annual Kenya Cybersecurity Report in Partnership with Serianu Limited (2017)

  • Demystifying Africa’s Cyber Security Poverty Line [Download]