Benson K | Freelancer Resume

BENSON KANYORE Threat Modeling Specialist | STRIDE · DREAD · CVSS | MTMT & OWASP Threat Dragon 📍 Nairobi, Kenya | 🌐 Remote-Ready PROFESSIONAL SUMMARY Cybersecurity and Threat Modeling Specialist with expertise in identifying, assessing, and mitigating security risks across cloud-native and enterprise systems. Skilled in using Microsoft Threat Modeling Tool (MTMT) and OWASP Threat Dragon, applying methodologies such as STRIDE, DREAD, and CVSS for structured risk analysis. Experienced in analyzing complex system architectures, designing secure cloud infrastructures, and developing actionable mitigation strategies. Adept at translating technical security insights into clear, business-relevant recommendations. Strong foundation in NIST SP 800-30 Rev.1, NIST Cybersecurity Framework (CSF), and ISO/IEC 27001, ensuring that every project meets global best-practice standards. CORE COMPETENCIES           Threat Modeling (MTMT, OWASP Threat Dragon) STRIDE · DREAD · CVSS Data Flow Diagram (DFD) Creation Risk Assessment & Analysis Secure Architecture Design (Azure, AWS) Secure CI/CD Pipeline Implementation Identity & Access Management (IAM) Cloud & Application Security Vulnerability Management Security Documentation & Technical Writing PROFESSIONAL EXPERIENCE Freelance Threat Modeling Specialist Independent Consultant | 2024 – Present Delivered comprehensive threat modeling and secure design reviews for clients across cloudbased and enterprise environments. Key Achievements & Contributions:      Built detailed threat models using MTMT and OWASP Threat Dragon for Azure-based applications. Applied STRIDE, DREAD, and CVSS frameworks to evaluate risk likelihood, impact, and prioritization. Conducted secure architecture reviews for Azure deployments (Key Vault, Application Gateway, Private DNS, and Azure Monitor). Produced risk assessment reports with actionable mitigations aligned with NIST CSF, OWASP Top 10, and CIS Controls. Collaborated with developers and project managers to integrate threat modeling early in the design lifecycle. Key Projects Secure Azure Web Application – Freelance | 2025 Designed and delivered a secure web application hosted on Microsoft Azure with private access and CI/CD through Azure DevOps.     Created DFDs and threat models using MTMT. Applied STRIDE and CVSS methodologies to classify and score risks. Integrated Azure Key Vault, Application Gateway (WAF), and Private DNS for end-toend security. Hardened the system against spoofing, tampering, and denial-of-service attacks. Result: Reduced breach risks and achieved compliance with enterprise-grade security standards. Threat Modeling for Enterprise Cloud Architecture – Freelance | 2024 Performed in-depth threat modeling using OWASP Threat Dragon for a multi-service enterprise cloud environment.   Identified insecure data transmission and misconfigured permissions. Recommended encryption enforcement, RBAC tightening, and enhanced logging. Result: Improved security posture, aligned with NIST CSF and OWASP Top 10, and minimized attack surfaces. University Project: Endpoint Detection and Response (EDR) Solution – Freelance | 2024 Participated in the design of a scalable EDR solution to detect and respond to endpoint threats.   Modeled endpoint risks using DREAD scoring. Developed detection and response workflows for malware and privilege escalation threats. Result: Delivered a foundational EDR architecture for enterprise-level deployment readiness. EDUCATION Bachelor of Science in Information Security and Forensics KCA University, 2018 CERTIFICATIONS & CONTINUOUS LEARNING   Microsoft Learn – Introduction to Threat Modeling Ongoing Professional Development – OWASP, NIST, CIS Controls Communities TECHNICAL TOOLS & FRAMEWORKS Tools: Microsoft Threat Modeling Tool (MTMT), OWASP Threat Dragon, Azure DevOps, Azure Key Vault, Application Gateway, Private DNS, Azure Monitor Frameworks: STRIDE, DREAD, CVSS, NIST SP 800-30 Rev.1, NIST CSF, ISO/IEC 27001, OWASP Top 10, CIS Controls WORK SAMPLES   Data Flow Diagrams (DFDs): Examples of secure workflows (e.g., Key Vault ↔ App Service communication). Threat Models: STRIDE, DREAD, and CVSS-based analyses for Azure and enterprise systems.  Security Reports: Professional risk and mitigation documentation for cloud-native applications. Samples are available upon request. Note: All samples are anonymized to maintain confidentiality. ADDITIONAL STRENGTHS    Strong analytical and problem-solving abilities. Excellent written and verbal communication for technical and executive audiences. Proven ability to work remotely with global clients, meeting strict deadlines and standards.