I run Suricata on a Raspberry Pi on my home network because I want to know what’s actually on it, not just what my router dashboard says.
That curiosity is what drives my work in blue team security. I build detection infrastructure, tune rules against real traffic, and document everything publicly so others can follow the same path.
My current projects include a Splunk CTI dashboard correlating AlienVault OTX threat intelligence against live Sysmon endpoint telemetry, and a home NIDS running Suricata on a Raspberry Pi 4 with alerts forwarded to Splunk via a port-mirrored switch. I validate detections by simulating adversary techniques with Atomic Red Team and write about what I find at this site.
Professionally, I bring experience in SIEM operations, alert triage, MITRE ATT&CK-based threat contextualization, and Python and PowerShell automation. During my M.S. program I led an enterprise AlienVault SIEM deployment covering risk assessment, dashboard design, and policy development.
I am currently seeking SOC Analyst and MDR roles focused on detection engineering, alert triage, and incident response.
Education
• M.S. in Cybersecurity and Information Assurance – Western Governors University
• B.A.S. in Cybersecurity – St. Petersburg College
• CompTIA SecurityX, PenTest+, CySA+, Security+, A+
• Splunk Core Certified Power User, Core Certified User
• AWS Certified Cloud Practitioner
• Microsoft AZ-900 (Azure Fundamentals)
• Security Blue Team – Blue Team Level 1
• (ISC)² Certified in Cybersecurity (CC)