Elastic SIEM • Sysmon • Zeek • SOC Investigations • Windows Security Audits • MITRE ATT&CK • NIST • SOX ITGC
Cybersecurity Analyst specializing in SIEM monitoring, alert triage, endpoint and network telemetry analysis, and SOC investigation. Experience building Elastic SIEM pipelines with Sysmon and Zeek and conducting Windows security assessments aligned with MITRE ATT&CK, NIST, and SOX ITGC.
Founder & Cybersecurity Consultant | NS Cybersecurity (Dec 2024–Present).
Cybersecurity & IT Support Technician | Sunset Auto Sales (Mar 2019–Present).
Endpoint telemetry pipeline using Sysmon v15+ plus Elastic Agent and Fleet. Validated process, network, and PowerShell events in Kibana Discover and Elastic SIEM.
Artifacts: Endpoint Detection – Elastic SIEM + Sysmon (PDF) · Kibana – Sysmon process events (screenshot)
Investigated persistence mechanisms and SSH-based exfiltration. Used FTK Imager, Autopsy, and Autoruns to reconstruct a timeline and document remediation aligned with NIST and ITGC.
Built SPL queries for failed logins and suspicious process activity. Designed triage dashboards to pivot quickly by host and user.
Python wrapper around Nmap that runs enumeration profiles, parses XML output, and generates an HTML summary for reporting handoff.
Designed an 8-bit ALU and simple CPU in Logisim-evolution supporting multiple operations with registers, flags, and a control unit.
LinkedIn
GitHub