Aspiring SOC Analyst · Cyber Security Student · ISC2 Candidate securitycyber.uk · github.com/sercuritycyber · LinkedIn: Charlie Collins · United Kingdom PROFESSIONAL PROFILE
Motivated and self-driven cybersecurity student completing a BSc (Honours) in Cyber Security with The Open University. Passionate about defensive security operations and threat detection, with hands-on practical experience gained through intensive study on TryHackMe and Hack The Box platforms. Actively working towards the ISC2 Certified in Cybersecurity (CC) credential, with Domain 1 (Security Principles) and Domain 2 (Incident Response, Business Continuity & Disaster Recovery) already achieved. Completed 100+ TryHackMe rooms spanning SOC operations, web application security, network security, and penetration testing fundamentals. A proactive threat intelligence consumer who regularly researches and shares emerging CVEs, APT campaigns, and industry breaches. Eager to bring technical knowledge, practical lab experience, and genuine enthusiasm for the blue-team craft into a first professional security role.
EDUCATION
BSc (Honours) — Cyber Security | The Open University | Distance Learning 2024 – Present ▪ Currently studying module R60 as part of the Cyber Security degree programme ▪ Curriculum covers: network security, cryptography, secure software development, risk management, and cyber law
CERTIFICATIONS & CREDENTIALS
ISC2 — Certified in Cybersecurity (CC) | ISC2 2026 – In Progress ▪ CC Domain 1: Security Principles — Completed ▪ CC Domain 2: Incident Response, Business Continuity & Disaster Recovery — Completed ▪ Registered ISC2 Candidate (Credly verified)
TryHackMe — Pre Security Certificate | TryHackMe 2026 ▪ Completed full Pre Security learning path — networking, web fundamentals, Linux & Windows basics
TryHackMe — Web Fundamentals Certificate | TryHackMe 2026 ▪ Completed full Web Fundamentals path — OWASP Top 10, HTTP, authentication, SQL injection, XSS, SSRF
PRACTICAL LAB EXPERIENCE
TryHackMe — Senior Skill Level (opseccharlie) | Hands-on Cyber Range Platform 2025 – 2026
▪ Completed 100+ rooms across SOC, Web Application Security, Network Security, and Penetration Testing paths
▪ SOC / Blue Team: SOC / Blue Team:
– SOC Alert Triaging with Microsoft Sentinel
– Investigating Windows
– Malware Analysis in sandbox environments
– Phishing analysis
▪ Web Application Security:
– XSS, SSRF, IDOR, SQLi / ORM Injection, XXE, Prototype Pollution, Insecure Deserialisation
– File Inclusion / Path Traversal, Authentication Bypass, Command Injection, Upload Vulnerabilities
– Race Conditions, Prompt Injection / AI agent security
▪ Network Security:
– Nmap (Basic, Advanced, Post Scans), OSI Model, TCP/IP
– Protocols & Servers (HTTP, FTP, DNS, SMTP, POP3)
▪ Offensive Fundamentals:
– Metasploit (Introduction, Exploitation, Meterpreter)
– Linux & Windows Privilege Escalation, Active Directory Basics, Shells, Password Cracking
▪ Achievements: Sapphire League 1st Place, Silver League 1st Place, Authentication Striker badge, Pentesting Principles badge
Hack The Box — Active Player | Hack The Box Labs 2025 – 2026 ▪ Owned machines: Redeemer, Facts, SpookyPass — demonstrating practical exploitation and enumeration skills ▪ Experience with realistic lab environments mirroring enterprise infrastructure and red-team scenarios
PERSONAL PROJECTS
NeoSwitch — Open Source VPN Manager | Python | github.com/sercuritycyber/NEO-Switch 2026 ▪ Developed a cross-platform GUI VPN manager supporting OpenVPN and WireGuard protocols ▪ Implemented an iptables-based kill switch that permits tunnel traffic and blocks all other egress on disconnection — mitigating IP leakage in lab environments ▪ Tested on Kali Linux, macOS, and Windows; secure credential storage enforced (600 permissions, no plaintext)
BugTrace — Security Assessment Toolkit | Python | github.com/sercuritycyber 2026 ▪ Python-powered toolkit covering HTTP header analysis, XSS probing, IDOR enumeration, secret and API key scanning, GraphQL introspection, and instant PoC report generation
THREAT INTELLIGENCE & COMMUNITY ENGAGEMENT
▪ Active LinkedIn presence researching and communicating real-world threats: APT29 credential harvesting campaigns, Zscaler Salesforce data breach (UNC6395), Oracle Fusion Middleware CVE-2026-21992, and Citrix NetScaler RCE vulnerabilities ▪ Covers dual-use tool abuse (Velociraptor forensics misuse, Microsoft Teams-based social engineering) and supply-chain risk topics ▪ Reached 457+ professionals advocating for the ISC2 free Certified in Cybersecurity initiative ▪ Streams live security lab walkthroughs on Twitch to support the learning community
TECHNICAL SKILLS
SIEM / SOC Tools ▪ Microsoft Sentinel ▪ Alert triage & log analysis ▪ Incident response workflows Web Application Security ▪ Burp Suite, OWASP Top 10 ▪ XSS, SQLi, SSRF, IDOR, XXE, LFI/RFI ▪ Prototype Pollution, Insecure Deserialisation
Network Security ▪ Nmap, Wireshark, Masscan ▪ TCP/IP, OSI Model ▪ DNS, HTTP/S, SSH, TLS Penetration Testing ▪ Metasploit, Hydra, Gobuster, SQLMap ▪ John the Ripper, BloodHound ▪ Aircrack-ng
Operating Systems ▪ Kali Linux, Ubuntu/Debian ▪ Windows (Registry, PowerShell, UAC, AD) Scripting & Development ▪ Python 3, Bash, PowerShell ▪ Git, GitHub Actions ▪ Open-source tooling
Malware Analysis ▪ Sandbox & static analysis ▪ Phishing email investigation Threat Intelligence ▪ CVE monitoring, APT tracking ▪ Breach analysis, indicator enrichment
Frameworks & Standards ▪ NIST, ISC2 CC, OWASP ▪ Incident Response lifecycle ▪ Business Continuity VPN & Network Privacy ▪ OpenVPN, WireGuard ▪ iptables, kill-switch configuration
ADDITIONAL INFORMATION
Availability Open to entry-level SOC Analyst / Junior Security Analyst roles Platforms TryHackMe: opseccharlie | Hack The Box | GitHub: sercuritycyber Website securitycyber.uk — Offensive Security Done Honestly Development Completing ISC2 CC; CompTIA Security+ planned thereafter