Exceedingly Great Technologies
·
Harare, Zimbabwe
Security Engineer
Most Recent
Apr 2022 - Jul 2025
Led enterprise-wide security operations, threat detection, incident response, vulnerability management, and cloud security hardening while developing an attacker's mindset to anticipate and neutralise threats before exploitation.
35%
MTTD Reduction
45%
Critical CVEs Eliminated
98%
SLA Resolution Rate
-
Engineered 200+ custom Splunk detection rules across a 1,000+ endpoint environment mapped to MITRE ATT&CK TTPs, cutting MTTD by 35%, building firsthand knowledge of which adversary behaviors trigger alerts and which evade them, directly informing current red team tradecraft and detection evasion methodology.
-
Led penetration testing and vulnerability assessment engagements using Nessus and Nmap, mapping exploitable paths to CVSS attack vectors and driving a 45% reduction in critical CVEs within 30-day remediation cycles.
-
Conducted adversarial simulations and firewall rule-set analysis to stress-test network perimeter defenses, identifying 30% of existing detection gaps and false-positive sources. This sharpened the ability to think like an attacker while operating inside a defender's environment.
-
Deployed and operated Microsoft Defender EDR/XDR across enterprise endpoints, containing lateral movement activity, ransomware precursors, and advanced malware with 98% SLA resolution, acquiring deep operational knowledge of EDR telemetry, alert logic, and behavioral signatures that now directly informs EDR evasion and living-off-the-land tradecraft in offensive engagements.
-
Hardened AWS cloud infrastructure by enforcing IAM least-privilege controls, MFA, Security Groups, and CloudTrail logging, identifying and closing 40% of unauthorized access vectors, including overprivileged roles, stale access keys, and misconfigured trust policies that are now primary targets during cloud penetration testing assessments.
-
Drove ISO 27001 and NIST CSF compliance programs by implementing technical controls and closing audit gaps across consecutive external assessment cycles, building institutional knowledge of where compliance posture and real security diverge, a gap that consistently produces high-value findings in penetration testing engagements.
SplunkMITRE ATT&CKNessus
Microsoft DefenderAWS IAMNmap
ISO 27001NIST CSFIDS/IPS
Exceedingly Great Technologies
·
Harare, Zimbabwe
Junior Security Analyst
Feb 2021 - Mar 2022
Frontline SOC analyst responsible for monitoring, triaging, and investigating security events, developing the threat-hunting instincts and investigative methodology that underpin offensive security thinking.
1,200+
Daily Alerts Analysed
25%
False Positive Reduction
60%
Phishing Awareness Gain
-
Triaged and investigated 1,200+ daily SIEM alerts in Splunk, reducing false positives by 25% through detection tuning and behavioral pattern recognition, building an attacker's understanding of which activity signatures blue teams prioritize and which routinely go unexamined.
-
Investigated and escalated 15+ potential incidents weekly involving malware, phishing, and unauthorized access attempts, developing firsthand familiarity with attacker tooling artifacts, C2 indicators, and credential theft patterns that now inform offensive operation planning and OPSEC decisions.
-
Performed vulnerability assessments across 250+ endpoints and 10 servers, remediating 95% of critical findings within SLA and mapping all findings to real-world attack vectors.
-
Executed targeted phishing simulation campaigns against 80+ staff members, analyzing click rates and credential harvesting susceptibility, achieving a 60% improvement in phishing awareness scores and gaining direct experience with social engineering mechanics, pretexting, and credential capture techniques used in offensive engagements.
-
Collaborated with network teams on MFA rollout and password policy hardening, reducing account lockout incidents by 40% and mapping every authentication control gap that weak policy enforcement leaves open to password spraying and credential stuffing attacks.
-
Documented forensic incident reports and root-cause analyses that cut average response time by 20%, building structured analytical habits around attacker timelines, persistence mechanisms, and lateral movement chains that now underpin offensive reporting and engagement documentation.
-
Produced weekly security metrics dashboards for management tracking incident trends and control performance, developing the communication skills to translate technical security findings into business-impact language, directly applied in professional penetration test reporting for technical and executive audiences.
SplunkSIEMIncident Response
Vulnerability ScanningPhishing SimulationLog Analysis
Exceedingly Great Technologies
·
Harare, Zimbabwe
Junior Developer
Origin Story
Aug 2020 - Jan 2021
Where it all began. Full-stack development work that built a deep understanding of how systems are architected from the inside, the same knowledge that now makes identifying and exploiting application-layer vulnerabilities second nature.
10+
Backend Systems Optimised
2×
API Performance Gain
10+
Automations Deployed
-
Designed and developed REST and SOAP APIs integrated with payment processors, Google Maps, and OAuth social login services, building the developer-side mental model of API authentication flows, token handling, and integration trust boundaries that now directly drives API penetration testing methodology, including IDOR discovery, broken object-level authorization, and injection chain identification.
-
Improved API execution performance 2x migrating to Node.js, analyzing and resolving bottlenecks across 10+ backend systems, including identifying insecure coding patterns, improper error handling, and information disclosure behaviors in legacy code that are now primary targets during web application penetration testing.
-
Implemented security controls and data protection settings across full-stack applications and learned firsthand how security is cut during sprint crunch, which inputs get trusted without validation, and which authentication shortcuts developers reach for under deadline pressure. These are now the first places tested on every web application engagement.
-
Delivered in an Agile environment across sprint planning, code reviews, and cross-functional collaboration, developing the ability to read codebases quickly and identify logic flaws, insecure dependencies, and missing authorization checks during secure code review as part of penetration testing scope.
-
Assisted in deploying 10+ automated business systems, including CI/CD-integrated pipelines, gaining early exposure to automation architecture attack surfaces, including secrets in environment variables, misconfigured deployment permissions, and unvalidated pipeline triggers that are increasingly primary targets in modern infrastructure penetration testing.
Node.jsREST APIsSOAP
AgileSecurity HardeningJavaScript