Portfolio
Resume
Download my up-to-date cybersecurity resume to review my skills, hands-on Blue Team experience, and certifications.
Lazarus Group Threat Intelligence Report
Researched the Lazarus APT group, analyzed their TTPs, and mapped behaviors to MITRE ATT&CK.
Outcome: Created a structured intelligence report used to understand attack patterns and improve detection strategy.
Windows Event Log Deep Dive (SIEM Analysis)
Performed detailed review of Windows Security, System, and PowerShell logs to identify suspicious activity and access anomalies.
Outcome: Discovered unsafe activity patterns and improved understanding of log-based threat detection.
Phishing Email Investigation
Analyzed a suspicious email using header forensics, URL inspection, and sender validation techniques.
Outcome: Successfully identified a credential-harvesting attempt and documented clear user-protection recommendations.
SIEM Log Triage — Alert Investigation & MITRE Mapping
Investigated Windows event logs to identify suspicious behavior, using SIEM techniques to analyze authentication events, process activity, and anomalies.
Outcome: Documented triage steps, indicators, alert decisions, and mapped activity to MITRE techniques for improved detection accuracy.
Phishing URL Analysis (Blue Team Project)
Analyzed suspicious URLs using safe lookup tools, domain reputation checks, and sandboxing methods.
Outcome: Identified a phishing domain and provided user-safe remediation steps.
Brute Force Attack Investigation (SOC Project)
Investigated authentication logs to detect failed login patterns and potential brute force activity.
Outcome: Documented indicators, improved detection rules, and recommended password hardening.
Terraform Cloud Firewall Project
Built and deployed a cloud firewall rule set using Terraform to enforce secure network segmentation.
Outcome: Strengthened inbound/outbound controls and improved cloud environment security posture.
Google Cloud Key Management Lab
Configured secure key creation, rotation, and IAM permissions using Google Cloud KMS.
Outcome: Implemented strong encryption practices and improved access control auditing.