Cybersecurity Professional

Digital Forensics | Insider Risk | Threat Detection Specialist

About Skills Experience Projects Contact

About Me

🛡️

Digital Forensics and Insider Risk Investigation specialist with extensive experience in cybersecurity monitoring, threat detection, and incident response. Proven track record of developing sophisticated detection rules and security monitoring solutions.

Previously served as an Insider Risk Investigator T2 at DTEX Systems, where I managed 10+ client accounts, conducted advanced threat hunting using UEBA/SIEM tools, and pioneered Linux detection capabilities. Developed over 100 custom detection rules for enterprise security operations.

Currently focused on building comprehensive EDR platforms, creating realistic threat simulation environments, and developing production-ready security monitoring systems with real-time alerting capabilities.

Technical Skills

🔍 Digital Forensics

  • Windows Forensic Analysis
  • Memory Dump Analysis
  • Artifact Recovery & Analysis
  • Evidence Collection Automation
  • Timeline Analysis
  • Credential Extraction

🛡️ Security Operations

  • SIEM/UEBA (Wazuh, DTEX)
  • EDR Development
  • Threat Hunting
  • Incident Response
  • Detection Engineering
  • SIGMA Rule Development

🌐 Network Security

  • Zeek/Bro Network Monitoring
  • Traffic Analysis
  • IDS/IPS Configuration
  • Network Forensics
  • Packet Capture Analysis

💻 Development

  • Python (Security Tools)
  • Bash Scripting
  • C++ (Sysmon Agents)
  • Flask Web Applications
  • PowerShell Automation
  • SQL/SQLite Databases

🔐 Penetration Testing

  • Empire Framework
  • Web Application Testing
  • Password Spraying
  • Privilege Escalation
  • Post-Exploitation

☁️ Cloud & Infrastructure

  • AWS EC2 Operations
  • Ubuntu Server Administration
  • SSL/TLS Configuration
  • Docker Containerization
  • Infrastructure as Code

Professional Experience

Insider Risk Investigator T2

DTEX Systems

Previous Role

  • Managed 10+ enterprise client accounts for insider risk and threat detection
  • Conducted advanced threat hunting using UEBA/SIEM platforms
  • Developed over 100 custom detection rules for Windows and Linux environments
  • Pioneered Linux detection capabilities, expanding platform coverage
  • Investigated complex insider threat cases and data exfiltration attempts
  • Collaborated with security teams on incident response and remediation
  • Created comprehensive documentation for detection logic and investigation procedures

Cybersecurity Tutor

Hudson Valley Community College

Previous Role

  • Taught Python programming for security applications
  • Instructed Java fundamentals and secure coding practices
  • Mentored students in cybersecurity concepts and tools
  • Developed hands-on lab exercises for practical learning

Network Administrator

Various Organizations

Previous Role

  • Maintained network infrastructure and security controls
  • Implemented monitoring solutions for network traffic analysis
  • Performed security assessments and vulnerability management
  • Configured firewalls and access control systems

Featured Projects

Flask-Based EDR Platform

Comprehensive endpoint detection and response system with real-time alerting, custom detection rules, and enhanced dashboard with regex pattern support and keyword exclusion capabilities.

Python Flask SQLite JSON Real-time Monitoring

Wazuh SIEM Deployment

Enterprise-grade SIEM deployment for comprehensive security monitoring with custom detection rules for insider threat scenarios, data exfiltration attempts, and sensitive document access monitoring.

Wazuh SIEM Detection Rules Threat Hunting

Sysmon C++ Agent

Custom Windows event collection agent that captures Sysmon events and forwards them to Flask web applications with real-time dashboards and sequence analysis for threat hunting.

C++ Sysmon Windows API Event Forwarding

Financial Company Simulation

Realistic financial institution environment for testing detection capabilities, including insider threat scenarios with realistic artifact placement for digital forensics training and threat detection validation.

Threat Simulation Digital Forensics Training Labs

Zeek Network Monitoring

Production-ready network monitoring system with automated alert generation and manual correlation detection. Integrated across WiFi networks for comprehensive traffic analysis.

Zeek Network Analysis Python Bash

Windows Forensic Collection Scripts

Automated forensic artifact collection tools for Windows environments, including memory dump analysis utilities and credential file search tools for professional investigations.

PowerShell Python Memory Analysis Forensics

SIGMA Detection Rules

Library of custom SIGMA rules for detecting advanced persistent threats, lateral movement, and data exfiltration across diverse security platforms.

SIGMA Detection Engineering Threat Detection

Chrome Browser Data Extraction

Forensic tool for extracting and analyzing Chrome browser artifacts including history, credentials, and cached data for incident response investigations.

Python Browser Forensics SQLite

Education & Certifications

University at Albany

Bachelor of Science in Digital Forensics

Graduated

CompTIA Security+

Certified

NIST RMF

Framework Knowledge

Frameworks & Methodologies

🎯 Threat Detection

  • MITRE ATT&CK Framework
  • Cyber Kill Chain
  • Diamond Model
  • Pyramid of Pain

📋 Compliance

  • NIST Risk Management Framework
  • GDPR Requirements
  • PCI-DSS Standards
  • HIPAA Compliance

🔬 Analysis Methods

  • Static Malware Analysis
  • Dynamic Analysis
  • Behavioral Analysis
  • Indicator Extraction

⚡ Incident Response

  • SANS Incident Response
  • Evidence Preservation
  • Chain of Custody
  • Post-Incident Analysis

Get In Touch

📧
Email
your.email@domain.com
💼
LinkedIn
linkedin.com/in/yourprofile
🐙
GitHub
github.com/yourusername
📍
Location
Available for Remote Work
echo "Thank you for visiting my portfolio!"