Based in Nairobi, Kenya

John Ngugi

Network Engineer Cybersecurity Data Engineer Data Scientist Systems Trainer

Results-driven engineer with 8+ years of experience securing critical infrastructure, building scalable data pipelines, and deploying enterprise networks. First Class Honours graduate with an MSc in Information Security.

Get in Touch View Projects

Years Experience

900+

Users Supported

40%

Incident Time ↓

10+

Certifications

About Me

Engineer. Educator. Problem Solver.

A multidisciplinary technologist bridging network security, data science, and systems engineering.

I'm a Network/Systems Engineer and Cybersecurity Specialist currently serving at Kenya Civil Aviation Authority (KCAA), where I design and protect enterprise infrastructure for 900+ users across critical aviation systems.

My expertise spans three distinct but deeply connected domains: network security (NGFW deployment, SIEM, threat detection), data engineering (ETL pipelines, cloud data lakes, dashboards), and machine learning (predictive models for network optimization).

Since 2021, I've also served as a Systems Instructor at East Africa School of Aviation, training industry professionals in cybersecurity, Python, SQL, and data analytics.

I hold a First Class Honours BEng in Electrical & Communications Engineering from Moi University and am completing an MSc in Information Security at USIU-Africa.

jwaithz76@gmail.com +254 727 825 332 github.com/Johnwaithz

Current Role

Senior Network / Systems Engineer

Kenya Civil Aviation Authority · Sept 2016 – Present

Also

Systems Instructor / Cybersecurity Trainer

East Africa School of Aviation · Jan 2021 – Present

Education

MBA in Aviation Management

ITAErea School of Business, Madrid

MSc Information Security (Ongoing)

USIU-Africa, Nairobi

Location

Nairobi, Kenya

Open to remote & international opportunities

Career

Professional Experience

Network / Systems Engineer

Sept 2016 – Present

Kenya Civil Aviation Authority (KCAA) · Nairobi

Designed and managed secure enterprise network architecture supporting 900+ users across multiple sites. Deployed and managed NGFWs (Palo Alto, Fortinet, Forcepoint), implemented IDS/IPS and SIEM-based monitoring, reducing incident response time by 40%. Built ETL data pipelines, ML models for traffic prediction, and interactive dashboards (Tableau, Power BI). Secured AWS and Azure cloud environments through IAM, encryption, and monitoring.

Palo AltoFortinetSIEMIDS/IPSAWSAzurePythonPostgreSQLPower BITableau

Systems Instructor / Cybersecurity Trainer

Jan 2021 – Present

East Africa School of Aviation

Delivered hands-on training in cybersecurity, penetration testing, firewall configuration, and security architecture. Trained professionals on secure network design (SD-WAN, SD-Access), Python, SQL, data analysis, and machine learning. Conducted SARPS compliance and security awareness programs.

Penetration TestingFirewall ConfigSD-WANPythonData ScienceSARPS

Systems Administrator

Apr 2015 – Aug 2016

Isuzu East Africa · Nairobi

Managed Windows and Linux server environments ensuring high availability. Implemented enterprise security controls (firewalls, antivirus, IDS), reducing incidents by 30%. Developed backup and disaster recovery strategies, providing technical support with 90% user satisfaction.

Windows ServerLinuxIDS/IPSBackup & RecoveryActive Directory

Electrical Engineer

Jan 2015 – Apr 2015

JILK Construction Ltd · Nairobi

Designed, implemented, and supervised electrical and telecommunications installations. Commissioned security and safety systems including fire systems and X-Ray scanners. Created electrical blueprints and ensured regulatory compliance.

Electrical DesignTelecomsSafety SystemsCommissioning

Portfolio

Featured Projects

Real-world engineering, data, and security projects from enterprise environments and personal labs.

Data Engineering

End-to-End ETL Pipeline (API → PostgreSQL)

Extracted live cryptocurrency data from CoinGecko REST API
Transformed raw JSON using Pandas into analytics-ready datasets
Loaded structured data into PostgreSQL for downstream analytics
Implemented logging and error handling for pipeline reliability

PythonPandasPostgreSQLREST APIs

View on GitHub

Cloud Pipeline

AWS Cloud Data Pipeline (S3 → Glue → Redshift)

Designed cloud-native data pipeline ingesting raw data into Amazon S3
Transformed data using AWS Glue with PySpark jobs
Loaded processed data into Redshift enabling scalable analytics
Enabled large-scale queryable datasets for business reporting

AWS S3AWS GlueRedshiftPySparkPython

View on GitHub

Machine Learning

ML Models for Network Traffic Analysis

Built predictive models for network traffic forecasting and optimization
Developed classification models for anomaly and threat detection
Performed feature engineering, data cleaning, and model evaluation
Deployed models to improve KCAA infrastructure decision-making

Scikit-learnTensorFlowPandasNumPyMatplotlib

View on GitHub

Cybersecurity

Enterprise Security Architecture – KCAA

Deployed NGFW perimeter defense (Palo Alto, Fortinet, Forcepoint)
Implemented SIEM-based monitoring with real-time log analysis
Developed incident response playbooks to minimize data exposure
Reduced incident response time by 40% via advanced threat tools

Palo AltoFortinetSIEMIDS/IPSDLP

Analytics

Network Performance Dashboards

Built interactive Tableau and Power BI dashboards for leadership
Designed complex SQL queries across Oracle, MySQL, PostgreSQL
Automated data collection and processing with Python scripts
Enabled real-time visibility into infrastructure performance metrics

TableauPower BISQLPythonOracle

Cloud Security

Cloud Security Implementation (AWS & Azure)

Hardened cloud environments through IAM, encryption, and access policies
Integrated cloud monitoring and alerting for proactive threat detection
Automated infrastructure provisioning using Ansible and Terraform
Managed containerized workloads with Docker and Kubernetes

AWSAzureAnsibleTerraformDockerKubernetes

Expertise

Technical Skills

Cybersecurity & Network Security

NGFW (Palo Alto, Fortinet, Forcepoint)95%

IDS/IPS & SIEM92%

Penetration Testing & Vuln Assessment88%

Incident Response & Forensics85%

LAN/WAN, SD-WAN, VPN93%

Data Engineering & Analytics

Python (Pandas, NumPy)90%

SQL (PostgreSQL, MySQL, Oracle)92%

ETL Pipelines & Data Warehousing85%

Tableau & Power BI88%

Machine Learning & AI

Scikit-learn & TensorFlow82%

Predictive Modeling & Forecasting80%

Feature Engineering & Evaluation78%

Cloud & Infrastructure

AWS (S3, Glue, Redshift, EC2)85%

Microsoft Azure80%

Docker & Kubernetes78%

Ansible & Terraform75%

Tools & Technologies

VMware ESXiHyper-VProxmox BashPowerShellWireshark NagiosSolarWindsActive Directory Apache SparkHadoopMongoDB SeabornMatplotlibR

Credentials

Certifications

Certified Ethical Hacker (CEH)

EC-Council

CySA+ — Cybersecurity Analyst

CompTIA

Security+

CompTIA

Linux+

CompTIA

(ISC)² Certified in Cybersecurity

ISC2 CC

CCNP — Cisco Certified Network Professional

Cisco

CCNA — Cisco Certified Network Associate

Cisco

Professional Data Scientist

IBM

Azure Fundamentals AZ-900

Microsoft

Google IT Support Professional

Google

Oracle Cloud AI Foundations

Oracle

AWS Solutions Architect Essentials

Amazon Web Services

Impact

Key Achievements

40%

Incident Response Time Reduced

Through implementation of real-time monitoring and advanced threat detection at KCAA

30%

Security Incidents Reduced

At Isuzu East Africa through enterprise firewall, antivirus, and IDS deployments

900+

Enterprise Users Supported

Across multi-site critical aviation infrastructure with high availability

90%

User Satisfaction Rate

Maintained while providing technical support across enterprise environments

Years of Experience

Spanning network engineering, cybersecurity, data science, and systems administration

10+

Certifications Earned

Across cybersecurity, networking, cloud, and data science domains