Lorna Kariuki
Cybersecurity Engineer (Entry Level)
About me
Entry-level Cybersecurity Engineer | GRC Analyst with a strong foundation in networking, system security, and threat analysis. Skilled in identifying vulnerabilities, monitoring security events, and implementing best practices to protect systems and data. Passionate about continuous learning, hands-on labs, and staying current with emerging cyber threats. Seeking an opportunity to apply technical knowledge, problem-solving abilities, and a security-focused mindset in a professional environment.
Work Experience
Cybersecurity Engineer | GRC Analyst (Entry-Level)
AfricaHackOn Academy
2025-04-15
-
2025-10-18
• Performed penetration testing and vulnerability assessments using Kali Linux, Nmap, Metasploit,
Burp Suite, Wireshark/, analyzing traffic to detect vulnerabilities and understand core defensive
architectures.
• Conducted structured wireless network assessments, captured and analyzed packets, exploited
WPA2/3 vulnerabilities, and provided actionable mitigation recommendations. Focused on full
reconnaissance workflow including network discovery, enumeration, and vulnerability mapping.
• Conducted OSINT investigations and vulnerability assessments in lab environments (crAPI,
VulnWeb), following OWASP Top 10 techniques to simulate real-world attack scenarios.
• Developed Incident Response Plan Reports by leading red-team exercises and collaborating with
peers on simulated ransomware and malware containment scenarios.
• Gained practical experience with Windows administration through Active Directory operations
and malware vulnerability exploitation.
• Used Metasploit Framework to exploit misconfigurations such as weak SSH credentials and
vulnerable web applications, enhancing offensive security skills.
• Deployed Snort IDS, created custom rules, analyzed alerts, and monitored network traffic to
strengthen defensive monitoring capabilities.
• Applied foundational network security knowledge: TCP/IP, DNS, HTTP/S, VPNs, Firewalls, and
IDS/IPS monitoring.
• Built understanding of Governance, Risk & Compliance (GRC) principles, including risk
assessment, regulatory compliance, and organizational security policies.
• Participated in red-team and blue-team exercises, challenges, and collaborative projects,
developing teamwork, communication, and professional reporting skills.
• Gained exposure to IoT security, Linux system administration, cryptography, endpoint security,
and secure coding principles.
Education
AfricaHackon Cybersecurity Swara
Level 2
2025-04-15
-
Performed penetration testing, vulnerability assessments, and OSINT using Kali Linux, Metasploit, Nmap, Burp Suite, and Wireshark.
Conducted wireless network assessments and full reconnaissance workflows, exploiting WPA2/3 vulnerabilities.
Developed incident response plans and participated in red-/blue-team exercises.
Gained hands-on experience with Windows, Linux, IoT security, Snort IDS, and GRC principles.
Digital Forensics Essentials (DFE)
Entry/Beginner
2024-10-03
-
2024-12-03
Gained hands-on experience in acquiring, preserving, and analyzing digital evidence from computers, storage devices, and memory.
Learned to investigate system and network logs, detect malware, and extract actionable intelligence.
Developed skills in documenting and reporting forensic findings for legal and organizational purposes.
Women’s Cybersecurity Mentorship Bootcamp
Entry/Beginner
2024-08-01
-
2024-08-31
Gained a foundational understanding of cybersecurity principles, including network security, endpoint protection, and risk management.
Built awareness of cybersecurity career paths and industry best practices.
Bachelor of Commerce- Finance major
Degree
2019-05-03
-
2023-11-03
Business Management
Diploma
2017-05-03
-
2018-12-03
Honors & awards
AfricaHackOn Cyber Security Swara
2025-10-15
Awarded for completing the AfricaHackOn Academy cybersecurity program, covering hands-on skills in penetration testing, OSINT investigations, incident response, Windows/Active Directory operations, Snort IDS monitoring, Linux fundamentals, and GRC principles.