Professional Summary

Hands-on Cybersecurity Analyst with a strong foundation in SOC operations, threat detection, and incident response. Experienced building and operating a home SOC using enterprise tools (QRadar, Splunk, pfSense, Nessus) to simulate real-world attacks, tune detections, and document playbooks. Comfortable with the NIST 800-61 lifecycle and MITRE ATT&CK. Known for persistence, clean documentation, and calm, practical teamwork.

Areas of interest: cloud security (AWS), endpoint hardening, SIEM content engineering, and measurable reduction of false positives.

Core Skills

• Security Operations & SIEM: QRadar & Splunk (log onboarding, correlation rules, dashboards, alert triage)
• Incident Response: NIST 800-61, MITRE ATT&CK, phishing & ransomware simulations, containment & recovery
• Vulnerability Management: Nessus scans, prioritization, remediation tracking, patch validation
• Network & Endpoint: pfSense firewalling, segmentation, VPNs, secure protocols, Windows/Linux basics
• Cloud Security: AWS IAM, GuardDuty, CloudWatch (foundations); least-privilege and logging strategies
• Process & Collaboration: ServiceNow (tickets/changes), GitHub for labs, concise technical documentation

Tools & Platforms

IBM QRadar, Splunk, Nessus, pfSense, Windows Server, Kali Linux, Ubuntu, Wireshark, OpenVAS, PowerShell/Bash basics, MITRE ATT&CK Navigator, ServiceNow, GitHub, AWS (IAM, CloudWatch, GuardDuty).

Selected Projects & Labs

• Ransomware Detection in QRadar: Simulated abnormal file encryption behavior, authored correlation rules, tuned thresholds, and created an IR checklist to reduce time-to-contain.
• Phishing Investigation in Splunk: Parsed headers, validated SPF/DKIM/DMARC, pivoted to WHOIS/abuse contacts, and produced an analyst worksheet to standardize triage notes.
• Cloud Guard Rails: Built AWS least-privilege policies for IAM users, enabled GuardDuty findings, shipped logs to a central store, and reviewed detections in Splunk.

Experience

Cybersecurity Internship – Durham District School Board (DDSB)

Security Operations Intern

• Shadowed SOC analysts for daily monitoring in QRadar; assisted with basic investigations and false-positive reviews.
• Built Splunk dashboards for weekly summary reporting and ticket context.
• Supported awareness initiatives and contributed to incident response documentation.

Operations Manager – Hospitality (Transferable Skills)

People & Process Leadership

• Enforced standards, vendor compliance, and incident escalation under pressure—experience that maps well to GRC.
• Implemented process improvements and wrote SOPs; improved audit readiness and response time.

Education

• Cybersecurity coursework & independent labs – SIEM, IR, Vulnerability Management, Networking
• Continuous Learning: Cloud security (AWS), detection engineering, scripting basics (PowerShell/Bash)

Certifications

• CompTIA CySA+ – Cybersecurity Analyst (threat detection, SIEM, vulnerability management)
• ISC2 CC – Certified in Cybersecurity (security principles, risk, network & incident response)
• AWS Security Specialty – in progress

Achievements

• Reduced lab false positives by tuning QRadar correlation rules and asset contexts.
• Authored repeatable SOC playbooks for phishing, brute-force, and ransomware scenarios.
• Documented 10+ public labs and write-ups to demonstrate structured, real-world practice.

Download