Intelligence-led security, built in the real world

Cybersecurity that thinks like an operator, hunts like an analyst, and explains like a teacher.

I build security labs, investigate threats, harden systems, and turn complex cyber concepts into clear action. My work sits where intelligence analysis, SOC operations, offensive testing, and practical engineering meet.

USMC Intelligence Industrial Security Security+ Threat Research
Live Portfolio Console
$ ./profile --load operator
loading intelligence background... done
loading security operations... done
loading project evidence... done
ready.

Security+ certified and building toward SOC, CTI, and security analyst work
CTF result reports, writeups, and applied problem-solving evidence
TSS Lab Palo Alto, Active Directory, Linux, VLANs, and isolated testing
CTI daily intelligence workflow, source tracking, and briefing practice

Experience

A career built across intelligence, defense, security operations, and hands-on engineering.

Foundation

USMC Intelligence & Security Management

Produced operational reporting, coordinated UAS support, briefed leadership, and managed security responsibilities for large personnel populations in high-accountability environments.

Defense Industry

Industrial Security Analyst

Managed classified accountability, PERSEC workflows, DISS visit verification, safe combination changes, inventories, briefings, and compliance-driven security processes.

Technical Growth

Cybersecurity Student & Builder

Built Linux-first labs, Windows Server Active Directory environments, enterprise-level firewall and network segmentation, CTI tooling, and CTF tools to turn theory into repeatable skill.

Forward Edge

Threat Research, SOC Thinking & Practical Proactive Defense

Focused on detection, exposure management, tactical threat intelligence, vulnerability validation, and communicating risk in a way decision-makers can actually use.

Selected operations

Portfolio projects that look like real work, not classroom filler.

Each project is written like a mission brief: objective, execution, tooling, evidence, and business value.

CTIOperational Briefing

Threat Intelligence Daily Console

A desktop intelligence workflow that aggregates trusted security feeds, converts noise into analyst-ready notes, and supports daily briefings.

  • Feed collection and triage logic
  • Analyst notes and source tracking
  • Executive-ready summary format
LabFirewall / Segmentation

TSS Homelab Security Architecture

A practical enterprise-style lab with Palo Alto routing, isolated VLANs, Windows AD, Linux hosts, security monitoring, and controlled attack paths.

  • WAN/LAN/isolation zoning
  • AD + Linux hybrid environment
  • Detection and validation playground
HardwareField Toolkit

ESP32 HaleHound Field Toolkit

A practical ESP32-based cyber hardware project showing flashing workflow, field-tool testing, interface notes, and how it informs the larger handheld design concept.

  • ESP32 flashing and validation notes
  • HaleHound feature mapping
  • All-in-one handheld concept design log
SOCDetection Thinking

Creator Account Protection Framework

A scalable security service model for influencers and creators exposed to account takeover, doxxing, impersonation, phishing, and stalking risk.

  • Risk intake and OSINT hygiene
  • Account hardening checklist
  • Monthly monitoring model
ProgramLeadership

Cyber Club & CTF Program

A campus cybersecurity development plan centered on peer mentoring, NCL practice, homelabs, student leadership, and real conference exposure.

  • Student skills pipeline
  • CTF practice model
  • Hardware and advisor asks
CTFCompetition Evidence

Cyber Skyline / NCL Competition Record

Repeated performance across timed NCL seasons with score reports covering OSINT, crypto, password cracking, logs, traffic analysis, forensics, scanning, web exploitation, and enumeration.

  • 8 Cyber Skyline result reports
  • Team and individual seasons
  • Category-level analyst proof

The lab is the proof

Built like a miniature enterprise, abused like a training range, documented like a client engagement.

Great cybersecurity portfolios show receipts. This section shows what exists and why it exists

Internet
Firewall & Switch Network Architecture
Policy / NAT / Zones
LAN
192.168.1.0/24
Workstations • Admin • Services
Isolation
10.10.10.0/24
Testing • Malware-safe patterns • CTF • Network testing
AD Lab
triadic.local
Windows Server • DNS/DHCP • SMB
DMZ
triadic.outland
Reverse proxy networking • VPN traffic • Threat hunting

Capabilities

Where I create value.

01

SOC & Detection

Alert triage, log review, incident notes, containment thinking, escalation quality, and meaningful detection tuning.

02

Threat Intelligence

Collection plans, source validation, actor/TTP mapping, briefings, executive summaries, and intelligence-to-action workflows.

03

Vulnerability Validation

Turning scanner output into evidence, impact, risk, remediation priority, and clear stakeholder communication.

04

Infrastructure Security

Linux, Windows Server, AD, routing, VLANs, firewall rules, VPN concepts, and practical segmented lab design.

05

Offensive Methodology

Recon, enumeration, web testing, privilege escalation, password attacks in controlled environments, and CTF writeups.

06

Security Communication

Clear reports, briefings, diagrams, training material, and translating technical findings into decisions.

Briefings & teaching

Cybersecurity is only useful when people understand what to do next.

Operator Vault

Find the credentials. Prove you can inspect what others ignore.

This is a portfolio CTF gate. The username and password are hidden across the page source, stylesheet, and scripts. Unlock it to reach deeper research artifacts, hardware build notes, adversary-simulation material, and threat-intelligence training cases.

Open channel

Need a security analyst who can think, build, brief, and execute?

Reach out for SOC analyst roles, threat intelligence work, security operations, vulnerability validation, lab collaborations, talks, or practical cyber projects.