Digital Forensics & IR
Memory analysis with Volatility, disk imaging, timeline reconstruction, malware triage, and evidence preservation following chain-of-custody protocols.
DFIR Specialist • Security Engineer • Web App Developer
Investigating threats, securing infrastructure & building forensic solutions.
I investigate digital crimes, perform memory & disk forensics, harden cloud infrastructure, and build full-stack security tools — with a zero-trust mindset and forensic precision.
- 6+Years in IT
- 40%Avg. attack surface reduced
- 99.95%App uptime maintained
</> About Me
Hi, I'm Wilfred
I'm an IT professional who lives at the intersection of cybersecurity, digital forensics, and web engineering. I investigate cyberattacks, perform memory and disk forensics, harden cloud infrastructure, and build full-stack security products — always with forensic rigor and a zero-trust mindset.
- 4+ years hardening production systems
- 40% avg. attack-surface reduction
- 2 industry certifications
Security Engineering
Threat modeling, pen-test coordination, SIEM tuning, SOC automation, and incident-response playbooks across cloud-native environments.
Secure Development
Building security tools, hardened APIs, and forensic platforms with shift-left practices and automated testing.
Detection
SIEM alerts, anomaly detection & threat hunting
Analysis
Memory & disk forensics, malware reverse engineering
Containment
Isolate threats, preserve evidence, eradicate root cause
Recovery
System restoration, hardening & lessons learned
</> Core Capabilities
Technical depth across security, forensics, and engineering — here's what I bring to every engagement.
Security & Forensics
Memory Forensics
Volatility framework, process analysis, malware artifact extraction & IOC identification
Disk Forensics & E-Discovery
Forensic imaging, timeline analysis, file carving, and deleted data recovery
Penetration Testing
Web app & network pen-test coordination, CVE exploitation, vulnerability assessment
SIEM & Threat Detection
Log aggregation, Sigma rules, alert tuning, and real-time incident triage
Engineering & Development
Secure SDLC
Shift-left security, SAST/DAST integration, and code review
Cloud Security
IAM policies, infrastructure as code, and cloud-native threat detection
Full-Stack Development
Modern front-end frameworks, strong typing, responsive design & build tooling
APIs & Services
RESTful & GraphQL services, auth flows, and API hardening
</> Case Files
Real-world engagements where forensic analysis met execution — delivering measurable results.
CASE-01
Identity & Access
Zero-Trust Access Portal
Built an MFA-enforced SSO gateway with behavior analytics and adaptive risk scoring for a distributed workforce.
63%
fewer account takeovers
OIDC
conditional access
CASE-02
Incident Response
Forensic Analysis Toolkit
Developed an automated DFIR pipeline with memory dump analysis, IOC extraction, and evidence chain tracking for rapid incident triage.
72%
faster triage time
YARA
rule matching
CASE-03
Threat Intelligence
Threat Monitoring Dashboard
Created a real-time incident visibility console aggregating logs from cloud, endpoint, and network sensors with automated IOC correlation.
45%
faster detection
1-click
SOC triage
</> Establish Connection
Have an incident to investigate or a project to secure? Initiate contact through any channel.
Encrypted Email
wilfredmutai@outlook.comBase of Operations
Nairobi, Kenya
Availability
Open to freelance & full-time