SOC Analyst → Detection Engineer | SIEM · MITRE ATT&CK · Detection-as-Code
I'm a security analyst focused on detection engineering — writing, testing, and tuning detections so defenders catch real attacker behaviour, not just noise. I'm building my skills through hands-on, lab-based projects that mirror how modern SOCs actually work.
- Building a detection-as-code pipeline: Sigma rules, version control, and CI testing, mapped to MITRE ATT&CK.
- Practising threat hunting and detection tuning in a home lab.
- Documenting my detections so they're reproducible and reviewable.
Detection Engineering · Threat Hunting · SIEM · MITRE ATT&CK · Sigma · Log Analysis
- SIEM / Detection: Elastic Security, Sumo Logic, Microsoft Sentinel
- Detection-as-code: Sigma, Git, GitHub Actions (CI)
- Scripting: Python
- Frameworks: MITRE ATT&CK
Detection engineering workflows, CI/CD for detections, and KQL (Microsoft Sentinel)
🔎 Featured project: detection-as-code — my hands-on detection engineering portfolio.