Information Security Subject Matter Expert
Building a safer digital future, one secure system at a time.
Current Projects
Azure SIEM(Security Information and Event Management)
To visualize the scope of online threats, this project analyzes log data from Windows 10 Pro N1's Event Viewer. The security logs capture key information, including usernames, passwords, and IP addresses used to access the 'flytrap1' virtual machine. Using an IP Geolocation API, we mapped the attackers' locations by determining their latitude, longitude, state, province, and country. To attract potential threats, we disabled firewall rules and security features on the virtual machine, then simulated login attempts with intentional failures. We trained the Azure Log Analytics Workspace with this sample data, creating custom fields to improve data capture. Microsoft Sentinel was then configured to process and filter the log data, which was visualized using a heat map to show attacker locations and attempt frequencies. In summary, the internet is full of threats targeting connected endpoints. To protect your information, ensure that endpoints are updated, built-in security features are enabled, access rules are fine-tuned, and best practices for online security are followed.
Incident Response Automation
Developing automated scripts to handle and respond to security incidents, reducing response time and improving efficiency.
Cloud Security Assessment
Conducting a thorough security assessment of cloud infrastructure, identifying vulnerabilities and recommending mitigation strategies.
Active Directory Domain Services
A cloud project in which I simulated corporate infrastructure and architecture. I used VirtualBox to create a virtual domain controller with Windows Server 2019, set up IP assignment rules through server management applications, and employed PowerShell to batch-create over 1,000 mock users. Another virtual machine running Windows 10 Pro was connected to the domain 'homelabdomain.com'. Finally, I logged into the 'labendpoint' using one of the new mock user credentials and tested internet access by pinging 'www.google.com' through the command line interface.
Professional Experience
Information Security Analyst - Sylvan Road Capital LLC
Implemented security measures to protect the organization’s computer systems, networks, and data. Monitored systems for security breaches and investigated any violations, ensuring swift and effective responses. Conducted regular security assessments, identified vulnerabilities, and recommended improvements to enhance overall security posture. Collaborated with teams to establish and enforce security policies, providing guidance on best practices. Utilized strong analytical skills to anticipate potential threats and stay ahead of emerging risks, ensuring the organization’s information assets remained secure.
Desktop Support Specialist - Sylvan Road Capital LLC
Provided technical support to employees by troubleshooting and resolving computer, software, and network issues. Conducted training sessions to enhance employees' proficiency with technology, focusing on secure and efficient system use. Utilized active listening skills to understand and address user concerns, delivering customized solutions and clear, empathetic guidance to improve overall productivity and maintain smooth operations.
Certifications
The CompTIA A+ certification is a widely recognized credential that certifies a person's foundational skills in IT support and technical roles. It covers essential areas such as hardware, software, networking, troubleshooting, operating systems, cybersecurity, and customer service.
The CompTIA Network+ certification validates a person's knowledge and skills in networking. It covers topics such as network design, configuration, management, troubleshooting, and security. This certification ensures that individuals can handle both wired and wireless networks, understand essential network protocols and services, and implement network security practices.
The CompTIA Security+ certification validates a person's foundational skills in cybersecurity. It covers essential topics such as network security, risk management, threat analysis, encryption, identity management, and compliance. This certification ensures that individuals can identify and address security threats, secure networks and devices, and apply best practices for protecting data.