Security Operations Detection Investigation Response
Security labs, detection engineering, and incident response. Documented from concept to execution.
Featured Project
SOC Automation Lab
This lab simulates a real-world SMB brute-force attack in a controlled virtual environment, detects it using Splunk, and automates case note generation using the Splunk REST API and Python.
Environment: Splunk, Python, Windows Event Logs
Threat Focus: Authentication anomalies and brute-force detection
Result: Detected 80+ failed logon attempts within a defined time window and developed alerting logic to support rapid triage
Featured Labs
Hands-on labs built to simulate, detect, and respond to real threats.
Every lab simulates a threat scenario and walks through the full detection and response lifecycle.
Detection Engineering
SOC Automation with Splunk
Built a brute-force detection workflow with alert logic, event triage, and automation concepts for SOC-style response.
Incident Response
Simulated Phishing & IR Lab
Modeled a phishing-to-malware scenario with host investigation, log review, and response documentation.
Identity Security
IAM & Access Security Notes
Showcases operational knowledge around MFA, access workflows, least privilege, and account recovery controls.
About Me
Security Operations Practitioner
I am an IT professional with over five years of enterprise experience working in some of New York's most demanding technical environments, including Columbia University and NYC Health & Hospitals.
My work focuses on security operations, including detection, identity and access management, and structured investigation methods. Through hands-on lab environments, I build and execute attack simulations, develop detection logic, and document response workflows that reflect real security operations practices.
I approach my work with analytical discipline, technical depth, and a strong focus on evidence-based decision making, applying the same standards used in active security environments to continuously improve my capabilities.
Lab Engineering
Every project is built from scratch, covering attack simulation, detection logic, alerting, and full documentation.
Core Competencies
Grounded in SIEM analysis, log triage, and incident response workflows practiced across real lab environments.
My Mission
To operate at the intersection of threat detection and emerging technology, building the expertise to secure modern environments against an evolving threat landscape shaped increasingly by artificial intelligence.