I hold a Masters in Cyber Security with industry certifications, and I am currently building hands-on Python scripting, SQL, KQL and SPL skills applied directly to real SOC workflows β log analysis, threat detection, IOC enrichment, and security automation.
- π Python β log parsing, automation, API integration, IOC enrichment
- π KQL β Microsoft Sentinel and Defender XDR threat hunting
- π SPL β Splunk alert investigation and detection engineering
- ποΈ SQL β querying security data and SIEM exports
- πͺ Windows Security β Event Log analysis, Active Directory fundamentals
- π΅ SOC workflows β alert triage, incident investigation, shift reporting
| Project | Status | Description |
|---|---|---|
| soc-python-tools | π¨ In progress | Python scripts for SOC automation β IOC checker, log analyser, alert triage |
| soc-sample-logs | β Live | 500-line realistic SOC log files simulating a full attack lifecycle |
| kql-soc-queries | β Live | Comprehensive KQL query library for Microsoft Sentinel and Defender XDR |
| spl-soc-queries | β Live | Comprehensive SPL query library for Splunk SOC analysts |
| cybersecurity-portfolio | β Live | Full portfolio β tools, skills, and learning roadmap |
| SQL Security Investigation Lab | π Planned | SQL queries for security data analysis |
| Windows Event Log Notes | π Planned | Reference notes for Windows security event IDs |
- π MSc Cyber Security
- π Certified Ethical Hacker (CEH)
- π CompTIA Security+
Security: SIEM analysis Β· Alert triage Β· Log analysis Β· Threat intelligence Β· IOC enrichment Β· Incident response Β· MITRE ATT&CK Β· OWASP Top 10
Query Languages: KQL (Microsoft Sentinel) Β· SPL (Splunk) Β· SQL
Programming: Python Β· Regex Β· Git Β· GitHub
Tools: Wireshark Β· Nmap Β· VirusTotal API Β· AbuseIPDB Β· Shodan Β· Microsoft Sentinel Β· Splunk
Actively building β this profile updates as new projects and skills are completed.