SIEM & Log Management

Deploying and managing Splunk Enterprise environments on Ubuntu Linux. Experienced in log ingestion, configuring data inputs, and parsing Sysmon / Windows Security event logs.

Splunk SPL Linux

Triage & Incident Handling

Analyzing security alerts, performing false-positive reductions, and executing defensive playbooks. Mapping adversarial techniques directly to the MITRE ATT&CK Framework.

Alert Triage MITRE ATT&CK Incident Response

Lab Architecture

Building isolated virtualized networks using VMware Workstation Pro to securely analyze malware vectors, Windows telemetry, and network capture tracking.

VMware Virtualization Network Security