David Nangoi · Cybersecurity Engineer

Chain of custody

Experience

EXH-01 · JAN 2026 → FEB 2026 · JAKARTA, ID

Digital Forensics Intern

Polda Metro Jaya · Indonesian National Police

Delivered forensic reports for 2 enterprise breach cases, contributing evidence to ongoing criminal proceedings with full evidentiary traceability.
Maintained 100% unbroken chain of custody across all seized evidence under ISO/IEC 27037-compliant handling.
Performed end-to-end investigations across 5 devices (Windows, Linux, iOS) using Autopsy, Volatility, KAPE, Magnet AXIOM, and iLEAPP/ALEAPP.
Reconstructed multi-stage attack timelines from enterprise logs, mapping threat-actor TTPs to MITRE ATT&CK from initial access through exfiltration.
Operated inside an ISO/IEC 17025-aligned lab, following ISO/IEC 27037–27050 across acquisition, analysis, retention, and reporting.

EXH-02 · MAR 2026 → JUN 2026 · WELLINGTON, NZ

Digital IT Support & Technician (Contract)

DiVE Networks

Provided Level 1/2 helpdesk support to SMB clients across Wellington, resolving Microsoft 365 and Google Workspace issues at first contact.
Managed accounts, shared mailboxes, and permissions across multi-tenant environments via Active Directory and the Microsoft 365 admin centre, maintaining least-privilege access.
Deployed and monitored REDStor cloud backups; configured Synology and Asustor NAS environments with RAID volumes and granular ACLs.
Maintained auditable, client-facing ticketing workflows documented to internal SLA standards.

EXH-03 · 2024 → 2025 · WELLINGTON, NZ

Academic Tutor

Victoria University of Wellington

Tutored 150+ students across CYBR271 (Cybersecurity), NWEN243 (Networking & Cloud), and ENGR101 (C/C++).
Taught secure software design and hands-on vulnerability testing: XSS, CSRF, SQL injection, buffer overflows, and privilege escalation countermeasures.
Guided students through OSI networking, AWS infrastructure (EC2, S3), UNIX systems, and Git workflows.

Active investigation

Research & Projects

Honours thesis · completing Nov 2026

Interpretable botnet detection for SOC analysts

Building an explainable ML framework for botnet detection across 20M+ labelled network flows from CIC-IDS-2017, CIC-IDS-2018, CTU-13, and UNSW-NB-15, spanning 15+ attack categories.

Comparing Random Forest, XGBoost, and Neural Network classifiers, then applying SHAP, LIME, and feature-importance analysis to turn black-box predictions into transparent, actionable explanations. Evaluating robustness under class imbalance and noisy traffic, so analysts can trust the detector and act faster.

PythonXGBoostSHAP LIMERandom ForestNetwork flow analysis

SWEN326

Autonomous Emergency Braking System

Designed and tested a safety-critical AEBS in a sandboxed environment, applying ISO 26262 functional safety: hazard analysis, safety requirements, and verification for automotive software.

Ongoing

Hands-on offensive security practice

Consistent top-1,000 global ranking on Hack The Box and top 5% on TryHackMe's Red Team / Pentesting path. Sustained, practical work across web exploitation, privilege escalation, and Active Directory attack paths.

Toolkit

Technical Skills

Offensive Security

Nmap, Burp Suite, Metasploit, XSS/SQLi/CSRF testing, SQLmap, Hashcat, Hydra, John the Ripper, Mimikatz, Evil-WinRM, LinPEAS, Gobuster/ffuf, Aircrack-ng, Shodan.

Digital Forensics

Autopsy/Sleuth Kit, FTK Imager, Magnet AXIOM, Volatility 2 & 3, KAPE, Wireshark, Zeek, iLEAPP/ALEAPP, Velociraptor, Eric Zimmerman Tools, Registry Explorer, HxD.

Malware Analysis

Ghidra, IDA, x64dbg/OllyDbg, PE-Studio, Detect-It-Easy, AnyRun, YARA, VirusTotal, Procmon/ProcExp, Regshot, for static and dynamic analysis.

Networking & Systems

TCP/IP, OSI layers, VLANs, Active Directory, Kali/Ubuntu/Windows Server, Docker, VirtualBox/VMware, AWS (EC2, S3, IAM).

Standards & Frameworks

MITRE ATT&CK, Cyber Kill Chain, OWASP Top 10, NIST CSF, CVSS, ISO/IEC 27037 & 17025, ISO 26262.

Languages

Python, Java, C/C++, Bash, PowerShell, SQL, SPL (Splunk), YARA, R.

Findings

Achievements

ACH-01 Hack The Box: Top 0.025% globally. Consistently ranked within the top 1,000 of 4 million+ members.
ACH-02 Magnet Forensics Virtual Summit CTF (2026): Mobile & AI Expert, top 180 of 1,000+ DFIR professionals.
ACH-03 TryHackMe: Top 5% globally, Red Team / Pentesting path.
ACH-04 NZ Cyber Security Challenge (2023): Team placed #8 of 52 in the open category.
ACH-05 UP Education Pathways Foundation Excellence Scholarship (2022).
ACH-06 Badminton New Zealand: #1 regional representative (#2 in Wellington).

Interactive

Run your own queries

[email protected] · bash

visitor@dn:~$

Try help, whoami, skills, contact, or go on and try sudo something.