ABOUT ME

I'm a Senior Cyber Security Analyst and Shift Lead at e2e-assure Ltd.
I’m interested in Cloud, Security, and Automation, and currently improving my skills with Python, IaC, CI/CD, and containerization.

Certifications

GIAC Cloud Threat Detection (GCTD)

Nov 2023

GIAC Cloud Security Automation (GCSA)

Oct 2022

Security Operations Analyst Associate (SC-200)

Jun 2022

Azure Security Engineer Associate (AZ-500)

May 2021

Azure Fundamentals (AZ-900)

Sep 2020

GIAC Certified Incident Handler (GCIH)

Jul 2018

GIAC Security Essentials (GSEC)

Jun 2017

Education

BSc Ethical Hacking and Countermeasures (Hons)

Abertay University - 2012-2016

Projects

Available on my GitHub

Azure Cloud Resume

  • Static website in Azure (Blob Storage, HTML/CSS)
  • Azure Functions API (HTTP Trigger, C#, DOTNET 6.0)
  • CosmosDB to store counter (NoSQL DB, Serverless)
  • Azure Key Vault
  • Azure Front Door and CDN
  • Github Actions (CI/CD)
  • Automation with Workflow:
    - Testing for frontend
    - Testing for backend
    - Push changes to Azure if tests are successful
    - Flush cached DNS

    • Azure Cloud Detection Lab

  • Configure and Deploy Azure Resources such as Log Analytics Workspace, Virtual Machines, and Azure Sentinel
  • Implement Network and Virtual Machine Security Best Practices
  • Utilize Data Connectors to bring data into Sentinel for Analysis
  • Understand Windows Security Event logs
  • Configure Windows Security Policies
  • Utilize KQL to query Logs
  • Write Custom Analytic Rules to detect Microsoft Security Events
  • Utilize MITRE ATT&CK to map adversary tactics, techniques, detection and mitigation procedures

    • Azure Dev Env creation using Terraform (IaC)

  • Terraform (IaC)
    - Create Resources
    - Use of Variables
    - Use of customdata.tpl to execute on startup
    - Use of Conditional Expressions
  • Azure Virtual Network
  • Azure NSG + Rules
  • Azure Subnet
  • Azure NIC
  • Azure Compute

    • Work

    e2e-assure Ltd.

    Senior Security Analyst & Shift Lead Jan 2021 - Present

  • Manage a team of SOC analysts, delivering training and leadership, in order to boost performance and help team members achieve performance targets.
  • Monitoring, investigating and responding to potential threats, in real-time, using an in-house SIEM system (open-source).
  • Serve as the SOC's initial POC for security anomalies, events and escalations; working to the agreed-upon SLAs.
  • Conduct weekly meetings with customers in order to discuss any concerns they may have, and resolve them in a timely manner.
  • Carry out log analysis, from multiple sources (AWS, Cisco ASAs, Microsoft Defender, Darktrace, etc), and generate use-cases for future rules or dashboards.
  • Perform threat hunting in Microsoft Defender using kusto query language (KQL).
  • Develop Playbooks/SOPs to assist analysts with the day to day job.

    • Senior Security Analyst Feb 2020 - Jan 2021

    Security Analyst Aug 2016 - Feb 2020