Michael Ted Ndeda | Cybersecurity Portfolio

Background

About Me

ISO/IEC 27001:2022 Lead Auditor (Mastermind, April 2026) with hands-on experience supporting National Treasury security operations in Nairobi. I combine SOC operations, network security, and practical GRC exposure with Forage simulations from Datacom, Mastercard, Deloitte, AIG, PwC, and Tata. Focus on governance frameworks, risk assessment, and security controls design.

I am hands-on with Splunk, TheHive, Wireshark, Nmap, Metasploit, Autopsy, SIEM workflows, and Python scripting. I apply risk-based thinking informed by the Data Protection Act 2019 and Computer Misuse and Cybercrimes Act 2018 in project documentation and investigation reporting.

Network Security & Ethical Hacking
SIEM Tools & Security Operations
Firewall, VPN & Endpoint Security
Incident Triage & First-line Support
Digital Forensics (Autopsy)
Technical Documentation & Reporting

Practical

Practical Projects

Active

SOC Operations Lab

Production-grade home SOC on VMware Workstation: multi-phase detection engineering lab with real attack telemetry. ARTEMIS architecture spans pfSense firewall, AD DC, Windows workstation, and integrated security stack.

Splunk
TheHive
Cortex
OpenCanary
Sysmon
Ubuntu Server

View on GitHub

Active

ISMS Suite

ISO/IEC 27001:2022 ISMS template suite — 10-document MSSP client onboarding package. Covers all 93 Annex A controls, Kenya DPA 2019, risk assessment, SoA, policies, procedures. Production-ready for SME deployment.

ISO 27001
GRC
Risk Assessment
ISMS
Compliance

View on GitHub

Active

Sentry

Autonomous multi-agent offensive security tool. Generates real attack telemetry against the SOC Lab for detection engineering and ISMS documentation. Built on LangGraph for orchestrated attack simulation.

LangGraph
Red Team
Autonomous Agents
Python
Offensive Security

View on GitHub

Expertise

Technical Skills

Networking & Security

TCP/IP
DNS & DHCP
Firewall Configuration
VPN Setup
Cisco Umbrella
WHOIS Lookups
Domain Reconnaissance

Systems & Tools

Splunk
TheHive & Cortex
Wireshark
Nmap
Metasploit
OpenCanary
Sysmon
Autopsy

Cloud & Scripting

Azure Fundamentals
Python
LangGraph
Bash
Technical Documentation
Incident Reporting

GRC & Compliance

Risk Assessment
Security Awareness Training
Data Protection Act 2019
Computer Misuse Act 2018
ISO 27001 Awareness

Academic

Education & Professional Training

Education

KCA University
BSc Information Security and Forensics
Completed 2026 (Awaiting Graduation)

Professional Training & Certifications

ISO/IEC 27001:2022 Lead Auditor (Mastermind, Apr 2026)
Windows Event Logs & Finding Evil (HTB, Apr 2026)
Security Monitoring & SIEM (HTB, Apr 2026)
Ethical Hacking (Cisco, Sep 2025)
Network Security (Cisco, Nov 2023)
CCNA: Introduction to Networks (Apr 2023)
CCNA: SRWE (Sep 2022)

Professional

Work Experience

Apr 2026 Forage Simulation

AIG — Shields Up

Forage

Threat analysis and vulnerability remediation recommendations
Built Python brute-force decryption script for credential security assessment

Apr 2026 Forage Simulation

Tata — Cybersecurity Analyst

Forage

Comprehensive threat analysis and vulnerability remediation aligned with risk frameworks

Apr 2026 Forage Simulation

PwC US — Cyber Security Consulting

Forage

Risk assessment, Test of Design & Operating Effectiveness, controls gap analysis

Apr 2026 Forage Simulation

Datacom — Cyber Security Operations

Forage

Structured risk register development, OSINT research, and prioritised control recommendations
Full deliverables in Portfolio Artifacts → Work Simulations folder

Mar 2026 Forage Simulation

Deloitte Australia — Cyber

Forage

Enterprise log analysis, networking fundamentals, and IAM security architecture

Mar 2026 Forage Simulation

Mastercard — Cybersecurity

Forage

Phishing threat analysis and targeted security awareness training programme design

Apr – Jun 2025 Internship

Cybersecurity Policy Implementation Support — National PFM Infrastructure

The National Treasury, Nairobi

Contributed to VPN configuration, firewall rule management, and endpoint hardening aligned with the PFM ICT Information Security Policy 2024
Supported compliance implementation activities tied to the Data Protection Act 2019 and the Computer Misuse and Cybercrimes Act 2018
Configured LAN connections for IFMIS users and resolved connectivity issues to maintain secure access to national financial systems
Participated in enterprise integration planning for Cisco Umbrella deployment and Java application whitelisting
Provided first-line user support and hardware/software maintenance while escalating complex incidents appropriately

Credentials

Certifications & Badges

ISO/IEC 27001:2022 Lead Auditor Mastermind · Issued April 2026 · Valid through April 2029 · Credential ID: 9ea583e0-51df-4ef6-8ddc-5688e8bcc8fa
Certified
CompTIA Security+ CompTIA
In Progress
Windows Event Logs & Finding Evil HackTheBox Academy · Issued Apr 2026
Completed
Security Monitoring & SIEM HackTheBox Academy · Issued Apr 2026
Completed
SC-200: Microsoft Security Operations Analyst Microsoft
In Progress
Datacom - Cyber Security Operations Job Simulation Forage · Issued Apr 2026 · Credential ID: PEZmK8et8BA5MNTvr
Virtual Program
Mastercard - Cybersecurity Job Simulation Forage · Issued Mar 2026 · Credential ID: SdYdLZ7btggNLjPfE
Virtual Program
Deloitte Australia - Cyber Job Simulation Forage · Issued Mar 2026 · Credential ID: 4Lbk7fTtwRZE7v8M8
Virtual Program
Ethical Hacker Cisco NetAcad · Sep 2025
Cisco Badge
Cybersecurity Essentials Cisco NetAcad · Sep 2023
Cisco Badge
Introduction to Cybersecurity Cisco NetAcad · Apr 2023
Cisco Badge
CCNA: Introduction to Networks Cisco NetAcad · Apr 2023
Cisco Badge
Network Security Cisco NetAcad · Nov 2023
Cisco Badge
CCNA: Switching, Routing, and Wireless Essentials Cisco NetAcad · Sep 2022
Cisco Badge
SC-200: Microsoft Security Operations Analyst Microsoft
Studying
ISO/IEC 27001 Information Security Management
Studying

View all badges on Credly ↗

Evidence

Portfolio Artifacts

Comprehensive documentation of investigations, risk assessments, detection engineering, and job simulation results. All materials stored in Google Drive with full credential trails.

🔍

SOC and Detection

SIEM detection rules, threat hunting queries, incident reports, and log analysis documentation.

View Folder

🛡️

Governance and Risk

Risk assessments, ISMS frameworks, Statement of Applicability, and compliance documentation.

View Folder

📋

Work Simulations

Datacom risk register, PwC consulting analysis, Mastercard phishing report, and all Forage deliverables.

View Folder

📚

Reflection and Methodology

Project reflections, detection engineering methodology, MITRE ATT&CK mappings, and learning outcomes.

View Folder

Leadership

Volunteer Experience

2024 - Present Founder & Head Coach

Invictus Performance

Nairobi, Kenya

Established and operated independent performance coaching business with 3-person training team and 30+ active clients
Designed and managed personalised fitness programs across multiple client tiers; maintained 85% client retention through programme outcomes
Supervised trainer performance, quality control, and client satisfaction; implemented operational systems and scheduling

Get in Touch

Contact

Open to junior cybersecurity roles, internship opportunities, and security collaborations. Based in Nairobi, Kenya. Let's connect.

theondeda@gmail.com github.com/Archer7Mi linkedin.com/in/michaelndeda +254 711 677 140

Nairobi, Kenya