I don't just study cybersecurity theory, I deploy it. I treat my learning like a production environment: rigorous documentation, realistic labs, and hands-on configuration of enterprise equipment.
I came to cybersecurity through a deliberate career change, and I bring a foundation in programming and scripting that I now apply to defensive security.
This repository isn't a CV. It's my open-air laboratory.
This is where I document my technical skills. Click through for the investigation reports and configurations.
| Projects & Certifications | What you'll find there (proven skills) |
|---|---|
| Iron4Software Project (Purple Team) (Architecture, Red Team Audit & SOC Blue Team Defense) |
• Build: deployed a vulnerable-by-design lab (Proxmox, pfSense, AD, Ubuntu). • Red Team: executed the Cyber Kill Chain (webshell RCE, pivot, SMB brute force, ransomware). • Blue Team (SIEM): post-incident investigation in Splunk (threat hunting, Event Logs 4624/4625). • Hardening: flaw remediation, strict GPO, and securing the Splunk log pipeline (TLS between forwarders and indexer). |
| Stormshield CSNA (Certified) (Certified Stormshield Network Administrator) |
• Initial deployment: SNS appliance setup, network segmentation. • Filtering & NAT: security policy creation and address translation. • Hardening: securing the administration plane (SSH, WebUI). • Monitoring: log management and tuning for the SOC. |
| SOC Analyst Training (Main Repo) (Full documentation of my path) |
• Windows Forensics: suspicious process analysis, Event Viewer, Sysmon. • Linux Hardening: permissions (chmod/chown), log analysis (grep/awk). • Network Analysis: manual protocol interaction (Telnet, FTP, HTTP), packet analysis. • PowerShell/Bash: scripting for security task automation. |
- Firewalling & Routing: pfSense, Stormshield SNS (filtering, NAT, IPS, objects).
- Systems: Windows 11 / Server 2019 (Active Directory, GPO, UAC), Linux (Kali, Ubuntu).
- Protocols: TCP/IP, DNS, DHCP, HTTP/S, SMB, SSH, RDP.
- SIEM & Detection: Splunk (SPL, Universal Forwarders), Elastic Stack / Kibana, Wazuh, Sigma, ElastAlert.
- Endpoint & Logs: Sysmon, Windows Event Viewer, Linux auth logs.
- Network & Forensics: Wireshark, tcpdump, Nmap, Netcat, CyberChef.
- Methodology: MITRE ATT&CK, Cyber Kill Chain, OWASP Top 10.
- Languages: Python (custom tooling), Bash, PowerShell, SQL.
A SOC analyst has to communicate clearly under incident pressure.
- Polyglot: I speak 5 languages fluently, which lets me work effectively in international teams and handle incidents across language barriers.
- Analytical mindset: a foundation in programming and scripting helps me reason about how the systems and applications I defend actually work.
- Persistence: used to complex debugging, I don't drop a lead until the anomaly is explained.
Open to Junior SOC Analyst / Blue Team opportunities.
