Blue Team | Defensive Security

Your Full Name (your-handle)

Your professional tagline or motto

Your professional bio. Describe your background, expertise, and what makes you unique in the cybersecurity field.

My Favorite Deployments

Projects, tools and automation I like

Example Project

SIEM Analytics Dashboard

Enterprise security information and event management (SIEM) analytics dashboard with real-time threat detection, automated incident response workflows, and comprehensive security metrics visualization. Built with security-first principles including role-based access control, encrypted data transmission, and audit logging.

PythonElastic StackSplunkSecurity AnalyticsThreat DetectionDevSecOps
View CodeLive Demo
SIEM Analytics Dashboard
Open Source

Automated Threat Intelligence Platform

Open-source threat intelligence aggregation platform that collects, correlates, and analyzes indicators of compromise (IOCs) from multiple feeds. Includes MITRE ATT&CK mapping, automated threat scoring, and integration with popular security tools. Designed for SOC teams to enhance threat hunting capabilities.

Threat IntelligenceMITRE ATT&CKPythonAPI IntegrationSOC ToolsSecurity Automation
View Code
Automated Threat Intelligence Platform
Active Development

Security Orchestration Automation

Security orchestration, automation and response (SOAR) playbooks for common incident response scenarios. Automates repetitive security tasks including phishing analysis, malware triage, and vulnerability management. Integrates with leading SIEM, EDR, and ticketing systems for streamlined security operations.

SOARSecurity AutomationIncident ResponsePythonAPIIntegration
View CodeLive Demo
Security Orchestration Automation
View All Projects

HOME LABS

Detection-first playground

Recreate the exact defensive scenarios I build to train SOC teams: zero-to-prod environments, attack simulations, and response playbooks ready to execute.

Detection EngineeringIntermediate

Detection Engineering Lab: Elastic SIEM vs Cobalt Strike

Deploy a compact Elastic Stack, ingest Sysmon telemetry, simulate a Cobalt Strike beacon, and harden detections with ATT&CK-aligned analytics and Sigma automation.

3.5 hoursReady for execution

FIRST OBJECTIVES

  • Deploy Elastic Stack with index lifecycle management tuned for home hardware
  • Enable Sysmon operational logging with minimal performance footprint
  • Simulate Cobalt Strike beacon activity mapped to ATT&CK T1059 and T1105
Launch lab
Incident ResponseAdvanced

Incident Response Lab: Azure Storage Breach Containment

Investigate and contain credential abuse against Azure Storage accounts, pivoting from unified audit logs to live containment with Logic Apps and Defender for Cloud.

4 hoursRunbook with containment

FIRST OBJECTIVES

  • Collect incident artifacts from Azure Activity and Storage logs
  • Replay the intrusion timeline entirely with KQL queries
  • Deploy a Logic App playbook that locks compromised storage keys
Launch lab
Purple TeamIntermediate

Purple Team Lab: Ransomware Kill Chain in Proxmox

Stage a compact Proxmox cluster, simulate a ransomware campaign end-to-end with Atomic Red Team, and capture telemetry into LimaCharlie for cross-vendor detection benchmarking.

5 hoursIterate for coverage

FIRST OBJECTIVES

  • Build a Proxmox blueprint with isolated VLAN for ransomware drills
  • Execute Atomic Red Team T1486 (Data Encrypted) with pre- and post-conditions
  • Collect EDR and DFIR telemetry into LimaCharlie buckets
Launch lab
Explore full catalog

ACADEMIC JOURNEY

Education & Certifications

From physics foundations to cybersecurity expertise. My journey through academic excellence and professional certifications.

Undergraduate Degrees

💻
2026 - 2030 (Expected)

Bachelor in Computer Science or Cybersecurity

University of Cambridge

My plan is to start another degree next year to improve my academic and technological foundation. I plan to pursue a degree in Computer Science because I enjoy the fundamental and more abstract knowledge (in this case, I'll focus on a postgraduate degree in Cybersecurity), but depending on opportunities, I may pursue a cybersecurity degree directly.

Academic Projects:

  • I intend to conduct research in the area of Artificial Intelligence for anomaly detection.
⚛️
2016 - 2022

Bachelor of Science in Physics

Massachusetts Institute of Technology (MIT)

Comprehensive physics education with emphasis on theoretical foundations, quantum mechanics, statistical physics, and computational modeling. Strong mathematical and analytical training applicable to cybersecurity threat analysis.

Research Projects:

  • Experimental detection of cosmic radiation using cloud chamber technology.
  • Science outreach programs for underserved communities and rural areas.
  • Active participation in academic conferences with presentations and organizational roles.

Postgraduate Studies

⚛️
2025 - PausedPAUSED

Master's in Applied Physics and Materials Science

California Institute of Technology (Caltech)

Advanced research in condensed matter physics and topological materials. Project focused on quantum properties of Bi₂Se₃ and Bi₂Te₃ topological insulators under magnetic field influence. Paused due to career transition to cybersecurity.

🛡️
To start in ~2027COMING SOON

Master of Science in Cybersecurity

Stanford University

Advanced graduate program specializing in defensive cybersecurity, threat intelligence, incident response, and security operations. Focus on Blue Team methodologies and security architecture.

Professional Certifications

CompTIA Security+

CompTIA|In Progress

Industry-leading certification in cybersecurity fundamentals, covering network security, threats, and vulnerabilities. Currently studying for exam preparation.

🔗 Verify Authenticity

ID: SEC+-IN-PROGRESS

🔐
COMING SOON

Certified Ethical Hacker (CEH)

EC-Council|Planned 2026

Advanced certification in ethical hacking methodologies, penetration testing, and vulnerability assessment. Planned after Security+ completion.

🔗 Verify Authenticity

ID: CEH-PLANNED

🔵
COMING SOON

Blue Team Level 1 (BTL1)

Security Blue Team|Planned 2026

Practical Blue Team certification focusing on defensive security operations, threat detection, and incident response. Primary certification goal.

🔗 Verify Authenticity

ID: BTL1-PLANNED

View Complete Details

TIMELINE

Professional Experience

From physics lab to Blue Team. Each experience shaped my analytical approach to cyber defense.

Jan 2024 - Present

Blue Team Security Specialist

TechCorp Security · Full-time

Lead defensive security operations including threat detection, incident response, and security monitoring. Design and implement detection rules, conduct threat hunting, and mentor junior analysts in Blue Team methodologies.

Key Achievements:

  • Designed and deployed 50+ custom SIEM detection rules reducing MTTD by 40%
  • Led incident response for 100+ security incidents with 98% successful resolution rate
  • Implemented automated threat hunting workflows using Python and Splunk SPL
  • Developed security playbooks for ransomware, phishing, and insider threat scenarios
  • Conducted regular purple team exercises to validate detection capabilities
  • Mentored 3 junior SOC analysts in threat detection and incident response
Jun 2022 - Dec 2023

SOC Analyst Level 2

Global Finance Corp · Full-time

Advanced security monitoring and incident investigation in a 24/7 SOC environment. Performed deep-dive analysis of security alerts, threat intelligence integration, and coordination with security teams for incident containment.

Key Achievements:

  • Triaged and investigated 500+ security incidents across SIEM, EDR, and network tools
  • Reduced false positive rate by 35% through alert tuning and correlation rules
  • Integrated threat intelligence feeds (MISP, AlienVault OTX) with SIEM platform
  • Created comprehensive incident reports for management and compliance teams
  • Performed malware analysis and forensic investigation of compromised systems
  • Developed documentation and training materials for L1 analysts
Mar 2021 - May 2022

SOC Analyst Level 1

CyberDefense Solutions · Full-time

First-line security monitoring and alert triage in enterprise SOC. Monitored security events from SIEM, firewalls, IDS/IPS, and endpoint protection platforms. Escalated confirmed incidents to senior analysts.

Key Achievements:

  • Monitored and triaged 1000+ daily security alerts across multiple platforms
  • Achieved 95% SLA compliance for alert response times
  • Identified and escalated 50+ confirmed security incidents
  • Performed initial containment actions for phishing and malware incidents
  • Maintained detailed incident documentation and tracking in SOAR platform
  • Completed SANS SEC401 training and applied learnings to daily operations
Aug 2019 - Feb 2021

IT Support Specialist / Junior Security Analyst

Enterprise Tech Services · Full-time

Provided technical support while transitioning to security role. Gained hands-on experience with security tools, vulnerability management, and basic incident response. Supported security team with log analysis and security patching.

Key Achievements:

  • Resolved 200+ IT support tickets monthly with 98% satisfaction rating
  • Assisted security team with vulnerability scanning and patch management
  • Performed basic log analysis for security investigations
  • Deployed security agents (EDR, DLP) across 500+ endpoints
  • Created user security awareness training materials
  • Obtained CompTIA Security+ certification while working full-time
View Complete Details

KNOWLEDGE SHARING

My recent logs

Technical articles & insights on Cybersecurity

View All Articles

SECURE CONTACT

Drop a Secure Message

For sensitive topics, reach out through the channels below. Encrypted links and trusted networks are always preferred.

LinkedIn

Connect for professional networking

GitHub

View my open source projects

Email

Send me a secure email

|
|
Your Name - Cybersecurity Professional Portfolio