βββ(alejandroγΏsec-ops)-[~]
ββ$ whoami --verbose
> Name : Alejandro Zavala Zenteno
> Role : Jr. Cybersecurity Professional & (soon to be) Computational Systems Engineer
> Cert : ISC2 Certified in Cybersecurity (CC) Β· 2026β2029
> Base : Morelia, MichoacΓ‘n Β· Mexico [UTC-6]
> Focus : SOC Operations | Detection Engineering | SIEM/XDR | Observability | IR
> Status : [ Seeking remote security roles Β· Open to opportunities ]
βββ(alejandroγΏsec-ops)-[~]
ββ$ cat featured_projects.md
π’ docker-monitoring-stack Β· |
β
wazuh-soc-homelab Β· |
βββ(alejandroγΏsec-ops)-[~]
ββ$ cat skill_matrix.txt
[ Security Operations ]
SIEM/XDR βββββββββββ Wazuh Β· OpenSearch Β· Splunk Β· Elastic Stack Β· Active response
Detection Eng βββββββββββ XML rules Β· Behavioral TTPs Β· Telemetry analysis Β· Rule tuning
SOC Workflow βββββββββββ Alert triage Β· Reporting Β· Escalation Β· SOC KPIs Β· Workbooks & lookups
Threat Hunt βββββββββββ FIM Β· Auth correlation Β· Discovery Β· C2 detection Β· IDS fundamentals
Incident Resp βββββββββββ TheHive v5 Β· Triage runbooks Β· Containment SOPs Β· EDR basics Β· Kill chain
Frameworks βββββββββββ MITRE ATT&CK Β· Cyber Kill Chain Β· Pyramid of Pain Β· NIST CSF Β· ISO 27001
[ Observability / DevOps ]
Metrics βββββββββββ Prometheus Β· cAdvisor Β· PromQL Β· Custom dashboards
Logging βββββββββββ Loki Β· Promtail Β· LogQL Β· Centralized pipelines
Visualization βββββββββββ Grafana Β· OpenSearch Dashboards Β· KPI engineering
Orchestration βββββββββββ Docker Compose Β· Multi-container stacks Β· Service discovery
[ Infrastructure ]
Linux βββββββββββ Ubuntu hardening Β· Debian Β· Bash scripting Β· syslog pipelines
Containers βββββββββββ Docker Β· Docker Compose Β· WSL2 Β· IaC credential management
Windows βββββββββββ PowerShell Β· WazuhSvc Β· AD basics
[ Networking ]
Protocols βββββββββββ TCP/IP Β· OSI Model Β· DNS Β· SSH Β· VPN (Sophos)
Hardware βββββββββββ Cisco Β· Ruckus Β· Switches Β· Routers
Analysis βββββββββββ Wireshark Β· Nmap Β· Firewall config Β· iptables
[ Offensive (lab only) ]
Tools βββββββββββ Hydra Β· Nmap Β· Nikto Β· Metasploit Β· Kali Β· Reverse shells
βββ(alejandroγΏsec-ops)-[~]
ββ$ systemctl status learning.service
β learning.service - Continuous Skill Development
Loaded: loaded (/etc/systemd/system/learning.service; enabled; preset: enabled)
Active: active (running) since Mon 2026-01-01; always
Main PID: 1337 (always_learning)
Status: "Building toward remote SOC Analyst & Detection Engineering roles"
Tasks: 4 (focused)
Memory: 100%
CPU: full-throttle
Active units:
β detection-engineering-lab.target active (expanding custom ruleset)
β docker-observability-phase-4.service active (performance analysis & diagnostics)
β tryhackme-soc-level-1.path active (blue team path in progress)
β english-technical-writing.service active (daily)
Queued for start:
β comptia-security-plus.target queued
β blueteam-labs-ctfs.service queued
β kql-sentinel-fundamentals.service queued
βββ(recruiterγΏinterested)-[~]
ββ$ cat hire_alejandro.txt
[ Open to ]
β’ Jr. SOC Analyst (Tier 1 / Tier 2)
β’ Detection Engineer (Junior)
β’ Blue Team / Threat Hunter (Junior)
β’ Security Operations Β· Observability-adjacent roles
[ Availability ]
β’ Full-time Β· Remote-first (worldwide)
β’ Timezone : America/Mexico_City (UTC-6) β flexible overlap with LATAM / US / EU-early
β’ Languages : Spanish (native) Β· English (technical proficient)
β’ Start date : Immediate Β· Notice period: none
[ Fastest way to reach me ]
β LinkedIn DM (usually reply within 24h)
β See contact badges below
βββ(alejandroγΏsec-ops)-[~]
ββ$ cat /etc/motd
"The goal is not to be better than everyone else,
but to be better than you were yesterday."
Building in public Β· Documenting every step Β· Failing forward.
[ Stack ]
[ Connect & Profiles ]
