Skip to content
View gerarddiaz01's full-sized avatar

Block or report gerarddiaz01

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
gerarddiaz01/README.md

Github banner

Gerard | SOC Analyst

Blue Team • Detection • Network Defense

LinkedIn Email


My Approach: "Show, Don't Tell"

I don't just study cybersecurity theory, I deploy it. I treat my learning like a production environment: rigorous documentation, realistic labs, and hands-on configuration of enterprise equipment.

I came to cybersecurity through a deliberate career change, and I bring a foundation in programming and scripting that I now apply to defensive security.

This repository isn't a CV. It's my open-air laboratory.


Portfolio & Labs (Hands-on)

This is where I document my technical skills. Click through for the investigation reports and configurations.

Projects & Certifications What you'll find there (proven skills)
Iron4Software Project (Purple Team)
(Architecture, Red Team Audit & SOC Blue Team Defense)
Build: deployed a vulnerable-by-design lab (Proxmox, pfSense, AD, Ubuntu).
Red Team: executed the Cyber Kill Chain (webshell RCE, pivot, SMB brute force, ransomware).
Blue Team (SIEM): post-incident investigation in Splunk (threat hunting, Event Logs 4624/4625).
Hardening: flaw remediation, strict GPO, and securing the Splunk log pipeline (TLS between forwarders and indexer).
Stormshield CSNA (Certified)
(Certified Stormshield Network Administrator)
Initial deployment: SNS appliance setup, network segmentation.
Filtering & NAT: security policy creation and address translation.
Hardening: securing the administration plane (SSH, WebUI).
Monitoring: log management and tuning for the SOC.
SOC Analyst Training (Main Repo)
(Full documentation of my path)
Windows Forensics: suspicious process analysis, Event Viewer, Sysmon.
Linux Hardening: permissions (chmod/chown), log analysis (grep/awk).
Network Analysis: manual protocol interaction (Telnet, FTP, HTTP), packet analysis.
PowerShell/Bash: scripting for security task automation.

Technical Arsenal

Defense & Network

  • Firewalling & Routing: pfSense, Stormshield SNS (filtering, NAT, IPS, objects).
  • Systems: Windows 11 / Server 2019 (Active Directory, GPO, UAC), Linux (Kali, Ubuntu).
  • Protocols: TCP/IP, DNS, DHCP, HTTP/S, SMB, SSH, RDP.

Detection & Analysis

  • SIEM & Detection: Splunk (SPL, Universal Forwarders), Elastic Stack / Kibana, Wazuh, Sigma, ElastAlert.
  • Endpoint & Logs: Sysmon, Windows Event Viewer, Linux auth logs.
  • Network & Forensics: Wireshark, tcpdump, Nmap, Netcat, CyberChef.
  • Methodology: MITRE ATT&CK, Cyber Kill Chain, OWASP Top 10.

Scripting

  • Languages: Python (custom tooling), Bash, PowerShell, SQL.

Soft Skills & Languages

A SOC analyst has to communicate clearly under incident pressure.

  • Polyglot: I speak 5 languages fluently, which lets me work effectively in international teams and handle incidents across language barriers.
  • Analytical mindset: a foundation in programming and scripting helps me reason about how the systems and applications I defend actually work.
  • Persistence: used to complex debugging, I don't drop a lead until the anomaly is explained.

"Security is not a product, it's a process."
Open to Junior SOC Analyst / Blue Team opportunities.

Pinned Loading

  1. SOC-Analyst-Cybersecurity-Training SOC-Analyst-Cybersecurity-Training Public

    Portfolio Analyste SOC : Fiches techniques, règles de détection, scripts d'automatisation et rapports de projets issus de ma formation en cybersécurité.

    2

  2. Stormshield-Network-Security-Labs Stormshield-Network-Security-Labs Public

    Déploiement, durcissement et administration d'infrastructures de sécurité avec Stormshield SNS. Laboratoires pratiques de certification CSNA (Filtrage, NAT, VPN, Logs SOC).

    2