// Available for opportunities
Charles Kaberere
Security & DevOps Engineer building zero-trust infrastructure, taming cloud chaos, and hunting vulnerabilities — all before lunch.
I'm a Cybersecurity & DevOps Engineer with 3+ years of hands-on experience securing infrastructure, hunting bugs, and building resilient systems. Currently a Senior Security Engineer at Confidios, where I architect zero-trust environments using HashiCorp Vault & Boundary, automate threat detection with Wazuh and Graylog, and embed security deep into CI/CD pipelines.
My edge? I think like an attacker and build like an engineer. Whether it's replacing legacy VPNs with identity-based access, designing malware analysis labs from scratch, or participating in bug bounty programs on HackerOne and Intigriti — I'm driven by the belief that great security is invisible to the people it protects.
Architected a unified SSO ecosystem (Authentik/Keycloak + LDAP), replaced legacy VPNs with HashiCorp Boundary for zero-trust access, and engineered a centralized Vault environment with automated secret rotation. Deployed Prometheus + Grafana monitoring with Slack alerting, cutting Mean Time to Detection significantly. Also led R&D for ChainTrust — a Kubernetes-orchestrated blockchain platform for agriculture, boosting deployment velocity by 110%.
Helped establish a Security Operations Centre integrated with TheHive and Grafana. Conducted vulnerability assessments and learned log analysis with Wazuh and Graylog. Gained foundational experience in enterprise-grade cybersecurity workflows.
Managed distributed AI tasks with 100% completion rate. Improved project efficiency by 30% and boosted team productivity by 15% through strong collaboration and communication.
An offensive security AI application designed to help organizations achieve compliance with GDPR, Kenya's DPA, and other industry-standard regulations. Automates compliance gap analysis and remediation workflows — currently in active development.
Full-stack Laravel + Vue 3 application where students rate class experiences and lecturers assess session quality. Features real-time data visualization and achieved 90% actionable insights processing. Scored 10/12 on academic presentation.
Built a production-grade home SOC using OPNsense firewall, Wazuh SIEM, Splunk, and IRIS-DFIR for forensic analysis. Includes a multi-OS malware analysis sandbox with REMnux + hardened Windows VMs for static and dynamic malware reverse engineering.
Active researcher on HackerOne and Intigriti, specialising in endpoint enumeration, vulnerability discovery, and responsible disclosure across diverse web platforms and APIs.