Cybersecurity engineer — blue team. Building toward an agentic SOC: AI-assisted triage, alert enrichment, and correlation across log sources. Working with Defender XDR, KQL, and Splunk. Background in data science and materials engineering.
- Active Directory Lab — AD environment with Splunk ingestion, brute-force telemetry, and Atomic Red Team testing
- SOC Automation Lab — automated event collection, alerting, and incident response with Wazuh, Shuffle, and TheHive
- Malware Analysis Lab — static and dynamic analysis with REMnux and FlareVM
- Honeypot Lab — T-Pot honeypot deployed on a cloud server

