Nairobi, Kenya · Available for contracts

The networks work.
The code ships.
You stay unbothered.

I'm Adrian Kwach — a CCNA & CCNP-certified network engineer and software developer based in Nairobi. I take on contracts that sit at the intersection of infrastructure and code, solve them properly, and hand over documentation that actually makes sense.

Accepting Contracts CCNA Certified CCNP ENCOR Remote Available Nairobi On-site

Hire Me Now See Services

Adrian Kwach

Network Engineer & Software Developer

Location

Nairobi, Kenya · EAT (UTC+3)

Platforms

Upwork · Toptal · Direct Contract

Response Time

Within 24 hours, Mon–Fri

CCNA — Cisco Certified

Active

CCNP ENCOR 350-401

Certified

BEng EEE · Univ. of Nairobi

Final Year

Available now — responding to new project briefs

What I Do

Two disciplines.
One engineer.
Zero bloat.

No account managers. No junior staff doing the work you hired a senior for. You describe the problem, I solve it, you get documentation.

Edderek is a one-person technical operation. The two services on offer are network and infrastructure consulting and software engineering. They often overlap — the best network engineers automate everything.

Available on Upwork, Toptal, and direct contract. If your problem sits at the intersection of code and network infrastructure, this is the profile for it.

Track 01 Network & Systems

Network & Infrastructure Consulting

Remote IT infrastructure support, enterprise topology design, and Cisco environment configuration. I lab-test every solution before it touches production.

Enterprise topology design — LAN, WAN, VLAN architecture
Cisco router & switch configuration (IOS/IOS-XE)
Firewall policy design — Cisco ASA, pfSense, ZBF
VPN deployment — IPSec, DMVPN site-to-site & remote access
OSPF, EIGRP, and BGP routing protocol configuration
Network audit — health check, ACL review, security posture
Lab validation in GNS3 / EVE-NG before any production change

Cert baseline: CCNA · CCNP ENCOR · BEng EEE

Track 02 Software Engineering

Software Engineering & Automation

Scripts, backend systems, and migration work. The sweet spot is software that touches infrastructure — automation, network tooling, and APIs.

C# / .NET — scripts, automation tools, backend systems
C# to C++ DLL migration and interop projects
Python scripting — network automation, APIs, data processing
Network automation with Netmiko, NAPALM, Ansible
REST API integration and backend architecture
Algorithmic and rules-based system development
Custom tooling — dashboards, monitors, parsers

Languages: C# · C++ · Python · Bash · Pine Script

Lab & Shipped Work

Built, documented,
repeatable.

Every project was built and documented — in GNS3, EVE-NG, or a physical testbed. Full topology files and write-ups available on request.

On Transparency

These are lab and self-initiated projects. They demonstrate real technical execution and are fully reproducible. Documentation available on request.

PRJ-001Network

Three-Tier Enterprise Campus Network

Full hierarchical campus topology in GNS3 — core, distribution, and access layers with redundant uplinks, RSTP, inter-VLAN routing, and OSPF.

Cisco IOSOSPFSTP/RSTPVLANsGNS3

3-tier topology with 4 access, 2 distribution, 2 core switches
RSTP with BPDU Guard on all access ports
OSPF Area 0 backbone with inter-area summarisation
Failover verified under 2 seconds via RSTP and ECMP

Topology PDF GitHub →

Complexity

PRJ-002Network

BGP Multi-Homed Internet Edge

Enterprise edge with dual ISP eBGP, route filtering, AS path prepending, and automatic failover validated under link-loss conditions.

BGPeBGPRoute-MapsPrefix-ListsEVE-NG

eBGP peering with two simulated ISPs — load preference tuned
Inbound filtering rejecting RFC1918 and bogon routes
AS path prepending to influence inbound traffic
Full failover test: secondary takes over within BGP hold-time

Write-up PDF GitHub →

Complexity

PRJ-006Software

TMSD 4.0 — Automated Trade Manager

Production C# cBot for cTrader — automated trade management with dynamic SL, TP laddering, pyramiding logic, and state persistence. Commercialised to live traders.

C# / .NETcTrader APIcAlgoState Mgmt

Dynamic SAR logic with configurable pip distance and lot scaling
Pyramiding mode with arithmetic and geometric position sizing
State persistence across bot restarts via cTrader storage API
Commercialised at $100/month and $500 lifetime — active users

edderek.com Docs PDF

Complexity

PRJ-003Network

Zero Trust Access — ZBF + 802.1X NAC

Zone-based firewall on Cisco ISR with explicit permit policies, combined with 802.1X port authentication. Devices authenticate before any network access is granted.

ZBF802.1XRADIUSCisco ASA

ZBF: Inside, Outside, DMZ zones — default deny, explicit permit
FreeRADIUS as 802.1X authentication backend
Guest VLAN fallback for non-802.1X devices
Documented attack surface reduction vs. ACL-only approach

Security Report GitHub →

Complexity

PRJ-005Automation

Bulk Network Automation — Python + Ansible

Automation toolkit that provisions, audits, and backs up configs across a fleet of Cisco devices. Python + Netmiko for config push; Ansible for idempotent state.

PythonNetmikoAnsibleJinja2

CSV inventory → SSH into each device → push templated configs
Ansible enforces NTP, DNS, banner, and password policy
Daily config backup with diff + email alert on changes
Compliance check: flags missing ACLs or unsupported IOS

README GitHub →

Complexity

PRJ-008Software

C# Indicator Engine → C++ DLL Migration

Migration of a performance-critical price action engine from C# to native C++ DLL with P/Invoke interop — reducing calculation latency for unmanaged host processes.

C++C# / .NETP/InvokeDLL Interop

Core calculation logic ported with equivalent test coverage
DLL exported with __cdecl convention, consumable via P/Invoke
Marshalling layer for structs and arrays across managed/unmanaged
60–75% latency reduction on tight calculation loops

Write-up GitHub →

Complexity

Adrian Kwach

Network Engineer & Software Developer · Nairobi

CCNA

Cisco Certified Network Associate

Active

CCNP ENCOR 350-401

Enterprise Core · Cisco Certified

Certified

BEng Electrical & Electronic Eng.

University of Nairobi

Final Year

Who This Actually Is

Adrian Kwach.
Network Engineer &
Software Developer.

I'm a final-year Electrical and Electronic Engineering student at the University of Nairobi. I hold active CCNA and CCNP Enterprise (ENCOR 350-401) certifications — the CCNP covers advanced BGP policy, OSPF design, SD-WAN, and network automation at enterprise scale.

On the software side, I've built and commercialised algorithmic trading tools in C# for cTrader and MetaTrader, plus Pine Script systems for TradingView. Shipped production code, handled licensing, dealt with real paying users. That's actual software engineering experience, not side projects.

I've also conducted academic research with a professor at UoN on beyond-5G and 6G network frameworks — SDN, NFV, and next-generation mobile infrastructure. A depth in network theory that goes beyond what most CCNA contractors carry.

No exaggeration. No invented credentials. What I am right now: a certified network engineer, a working software developer, and a freelancer available for technical contracts.

Cisco Routing & Switching

85%

Network Security / Firewall

80%

C# / .NET Development

83%

Python & Automation

78%

BGP / OSPF / Routing

72%

How It Works

Simple. Scoped. Delivered.

No bloated onboarding. No status meetings for the sake of it. Four steps.

Brief & Scope

Send a brief — the problem, what needs to be built, your timeline and budget. I respond within 24 hours with whether I can take it and at what rate.

→

Agree & Start

Scope agreed, contract signed, 50% deposit for project work. Work starts immediately — no weeks of "discovery" before anything happens.

→

Build & Validate

Network work: lab-tested in GNS3/EVE-NG before production. Software: built, tested, reviewed. Updates at agreed milestones, not silence.

→

Deliver & Hand Over

Everything handed over with documentation. Topology diagrams, config archives, post-implementation report. Software includes readme and code comments.

Vendor Partnerships

The Longer Game:
Cisco Partner Status

In Kenya, the companies that win enterprise network contracts — banks, county governments, telcos — typically do so through vendor partner programs. Cisco's tiers give you formal standing: certified engineers, verified revenue, and reseller access.

Edderek's current status is Cisco Registered Partner — the entry level, requiring at minimum one CCNA-certified engineer. This is real. It enables selling Cisco solutions and accessing the partner portal.

The next step is Select Partner — requiring two CCNPs and demonstrated revenue. That is the target once CCNP ENCOR completes and the first client contracts close.

GOLD

Cisco Gold Partner

4+ CCIEs/CCNPs, major revenue, advanced specialisations

Future

PREM

Cisco Premier Partner

Multiple CCNPs/CCIEs, recurring revenue, specialisations

Long term

SEL

Cisco Select Partner

2 CCNPs minimum, demonstrated revenue

Next target

REG

Cisco Registered Partner

Entry level — 1 CCNA minimum, partner portal access

Current

Transparent Rates

What It Costs

Three engagement models. Rates in USD. No hidden fees on direct contracts.

01 / Audit

Network Health Check

A full review of your existing network — topology discovery, routing check, security posture, ACL audit, and a written report with prioritised findings.

$299 / engagement

One-time · delivered in 5–7 business days

✓Topology discovery & documentation
✓Routing & switching health review
✓Firewall & ACL audit
✓Written report with findings & priorities
✓30-min debrief call included
—Configuration changes
—Implementation work

Start an Audit →

Most Common 02 / Project

Project Contract

A scoped engagement — network design & deployment, a software build, or a migration. Fixed quote after a brief. Lab-tested and documented.

$999 / project

Starting price — exact quote after brief

✓Requirements brief & scope agreement
✓Design document before work starts
✓Lab validation or dev + test
✓Production deploy or code delivery
✓Full documentation package
✓30 days post-delivery support
✓50% upfront · 50% on delivery

Send a Brief →

03 / Retainer

Monthly Retainer

Ongoing technical support without the cost of a full-time hire. Network changes, scripting, troubleshooting, and advice — for teams that need an engineer on-call.

$499 / month

3-month minimum · cancel after

✓Up to 20 hrs/month of work
✓4-hour response on business days
✓Monthly infrastructure report
✓Config changes & tuning included
✓Incident support & troubleshooting
✓Unused hours roll over (up to 10h)
—On-site visits (separate rate)

Start Retainer →

Prices in USD · M-Pesa accepted for Kenya-based clients · Upwork/Toptal platform rates slightly higher

Questions

Straight
Answers.

If your question isn't here, email hello@edderek.com — I'll reply within 24 hours.

CCNA is an industry-recognised credential that requires passing a real exam. The skills it validates — routing, switching, IP services, firewall basics — are the same skills used in production enterprise environments. On the software side, I've shipped production code that real users have paid for and used. Being a student and being technically competent aren't mutually exclusive. Judge me on the work, not the title.

Most network engineering work can be done remotely with appropriate access — SSH, a console server, or a local contact at the equipment. Software work is fully remote by default. For on-site work in Nairobi and the surrounding region, that's available. For the right engagement size, I can also arrange visits elsewhere in East Africa.

Upwork adds a platform fee (typically 10–20%), slower payment cycles, and some communication constraints. For Nairobi-based and East African clients, direct contract is cheaper and faster — same quality of work, paid via M-Pesa, Wise, or bank transfer. For international clients who want Upwork escrow for peace of mind, that's available too.

Yes. MikroTik and Ubiquiti are common in the East African SME market and I work with both. The routing and switching concepts are the same regardless of vendor — the CLI syntax differs. For enterprise-grade environments, Cisco is the primary stack. For anything outside that, ask and I'll give you an honest answer on my level with it.

Every network change is lab-tested before production, and every engagement includes a documented rollback procedure. If something unexpected happens during a change window, I stay engaged until the network is fully stable. All projects include 30 days of post-delivery support. If an issue traces back to something I built, I fix it at no extra charge.

Yes, within scope. "Medium-sized" means single or multi-site with up to around 200 devices, standard enterprise topology, VLANs, routing, firewall, and possibly wireless. That's well within CCNA/CCNP territory. For very large enterprise builds — hundreds of routers, SP-grade MPLS VPN, complex multi-vendor — I'll be upfront about what's in scope vs. what would need a larger team.

The networks work.
The code ships.
You stay unbothered.

Two disciplines.
One engineer.
Zero bloat.

Built, documented,
repeatable.

Adrian Kwach.
Network Engineer &
Software Developer.

Simple. Scoped. Delivered.

The Longer Game:
Cisco Partner Status

What It Costs

Straight
Answers.

Got a technical problem.
Let's solve it.

Let's Work
Together.

The networks work. The code ships. You stay unbothered.

Two disciplines.One engineer.Zero bloat.

Built, documented,repeatable.

Adrian Kwach.Network Engineer &Software Developer.

Simple. Scoped. Delivered.

The Longer Game:Cisco Partner Status

What It Costs

StraightAnswers.

Got a technical problem.Let's solve it.

Let's WorkTogether.

The networks work.
The code ships.
You stay unbothered.

Two disciplines.
One engineer.
Zero bloat.

Built, documented,
repeatable.

Adrian Kwach.
Network Engineer &
Software Developer.

The Longer Game:
Cisco Partner Status

Straight
Answers.

Got a technical problem.
Let's solve it.

Let's Work
Together.