Hood Mukiibi Semwogerere bio photo

Hood Mukiibi Semwogerere

Security Engineering and Operations

Email Twitter LinkedIn Github

Key Projects

Security Operations & Incident Response

  • Incident Response & Threat Hunting (Tabiri Analytics, Rohde & Schwarz) – Conducted root-cause analysis on security incidents, improving threat detection capabilities using Elastic SIEM.
  • AI-Assisted Security Operations (CMU - CyLab) – Integrated LLM-based AI assistants into SOC workflows to enhance alert triage and case management. Optimized prompt engineering techniques to improve SOC analysts’ response effectiveness during security incidents.
  • SOC Automation & Response Playbooks (Tabiri Analytics) – Developed Python scripts & SOAR workflows, reducing incident response time by 40%.
  • Forensic Analysis & Malware Reverse Engineering (Tabiri Analytics) – Analyzed malware samples, conducted memory forensics, and mitigated advanced threats.
  • Cloud Security Monitoring (Tabiri Analytics, Rohde & Schwarz) – Configured AWS GuardDuty & Security Hub for cloud threat visibility, detecting misconfigurations & unauthorized access.

Threat Intelligence & Detection Engineering

  • Custom SIEM Rule Development (Rohde & Schwarz, Tabiri Analytics) – Tuned Splunk & ELK Stack detection rules, reducing false positives by 30%.
  • Threat Intelligence & Attack Surface Reduction (Tabiri Analytics, Rohde & Schwarz) – Mapped threat actor TTPs using MITRE ATT&CK, enhancing security defenses.
  • DNS & Network Traffic Analysis (Rohde & Schwarz, CMU - CyLab, Tabiri Analytics) – Monitored HTTP, DNS, and TCP/IP traffic, detecting suspicious activities using Suricata, Snort, Wazuh, Elastic & Zeek.

Security Research & Scripting

  • Security Log Parsing & Analysis (Tabiri Analytics, CMU - CyLab) – Automated log correlation with Python & Bash, improving threat visibility & response.
  • Security Awareness & Training (CMU - CyLab, Tabiri Analytics) – Conducted incident response training, improving team readiness & detection skills.