Open to SOC Roles & Consulting

Securing Your
Digital World.

I am John Mwaura Karanja — a Cybersecurity Professional and SOC Analyst based in Mombasa, Kenya. I protect organisations from cyber threats using real-world tools and proven methodology.

📲 Book a Consultation View My Work →
JMK
John Mwaura Karanja
SOC Analyst · Cybersecurity Professional
📍 Mombasa, Kenya
3
Projects
6+
Yrs Exp
2026
Certified
Splunk Nmap Kali Linux MITRE ATT&CK Forensics
About Me

The Clinician Who Became
a Cyber Defender

I am a Clinical Officer turned Cybersecurity Professional — a background that gives me a unique edge. Over 6 years managing hospital operations under pressure taught me the exact skills that make a great SOC Analyst: rapid triage, systematic documentation, and calm decision-making in a crisis.

Today I apply those same skills to detecting threats, responding to incidents, and protecting organisations across East Africa. I hold a Cybersecurity Program certificate from Mediacrest Training College (Class of 2026) and am completing TryHackMe SOC Level 1.

💡 At Bliss Medical Centre, I grew facility revenue by 300% in 6 months and ranked Top 3 clinician across 60+ branches — the same operational mindset I bring to cybersecurity.
Cybersecurity 2026 TryHackMe SOC L1 Splunk Nmap MITRE ATT&CK Digital Forensics
🔍
Primary Tool
Splunk SIEM
🌐
Network Scanner
Nmap
💻
Platform
Kali Linux
🎯
Framework
MITRE ATT&CK
📍
Based In
Mombasa, Kenya 🇰🇪
What I Offer

Cybersecurity Services

Whether you are a small business, hospital, or enterprise — I help you stay protected, compliant, and resilient against modern cyber threats.

🔍
Threat Detection & Monitoring
Real-time threat detection using Splunk SIEM. I find threats before they find you — brute force, lateral movement, anomalous behaviour.
🚨
Incident Response
Fast, systematic response when things go wrong. Alert triage, containment, evidence preservation, and a clear report of what happened and how to prevent it.
🌐
Vulnerability Assessment
I scan your network with Nmap to uncover exposed services and risks — then deliver a prioritised action plan to fix them.
📧
Email Security & Anti-Phishing
SPF, DKIM, and DMARC configuration review plus live phishing simulations — protecting your team from CEO fraud and business email compromise.
🎓
Security Awareness Training
Practical, engaging training that turns your staff into your first line of defence — not your biggest vulnerability.
📋
Security Documentation & Compliance
Policy writing, gap analysis, and compliance documentation built on a clinical background of rigorous, precise record-keeping.
📲 Let's Discuss Your Needs
Portfolio

Real SOC Projects

Not theory — actual hands-on lab work documented and published on GitHub. This is what I can do for your organisation.

01
Splunk · Detection
Brute Force Detection & Response
Simulated SSH brute force attacks, built real Splunk detection queries, constructed full attack timelines, and produced a structured SOC incident report with severity ratings.
View on GitHub →
02
Nmap · Risk Assessment
Network Scanning & Risk Assessment
Performed stealth SYN scans, service version detection, and OS fingerprinting on live targets. Identified critical exposures and delivered a formal risk assessment with remediation steps.
View on GitHub →
03
SWAKS · Email Security
Phishing & Email Spoofing Simulation
Configured a Kali Linux SMTP server to simulate CEO fraud phishing attacks. Analysed SPF, DKIM, and DMARC weaknesses — then documented exactly how SOC analysts detect and stop them.
View on GitHub →
Insights

From the SOC Desk

Cybersecurity insights written for Kenyan businesses and professionals — practical, honest, and actionable.

Coming Soon · 8 min read
How I Detected a Brute Force Attack Using Splunk — Step by Step
A full walkthrough of my SOC lab: the simulation, the Splunk queries, the attack timeline, and the incident report. If you want to understand what real threat detection looks like, start here.
Read on GitHub →
Coming Soon · 5 min read
Your Domain's DMARC is "p=none" — Here's Why That's Dangerous
Most Kenyan organisations have SPF records but no DMARC enforcement — leaving them wide open to CEO fraud and email spoofing. Here's what you need to fix this week.
Get in Touch →

Ready to Secure Your
Organisation?

Whether you need threat detection, incident response, a vulnerability assessment, or security training — let's talk. I respond within 24 hours.

Chat on WhatsApp
Contact

Get In Touch

Let's Work Together

I respond within 24 hours. The fastest way to reach me is WhatsApp — but you can also fill the form and I'll get back to you same day.

📍
Location
Mombasa, Kenya 🇰🇪
📱
WhatsApp
+254 708 153 047
📧
🐙
💼
🟢
Status
Available for Consulting