- π‘οΈ Cybersecurity Analyst (Blue Team) focused on detection, monitoring, and incident response
- π§ Strong foundation in networking, security fundamentals, and SOC workflows
- π Hands-on experience with Splunk, Elastic Stack (ELK), and Wireshark for log & network investigations
- π Use Python for scripting, automation, and security tooling
- π§ͺ Hands-on practitioner: labs, detections, log analysis, and analyst-style investigations
- π Turning practical security labs into recruiter-ready GitHub portfolio projects
- π― Career goal: Entry-level SOC / Blue Team Analyst
- π‘οΈ Incident Response Casework
- π SIEM Threat Investigations
- 𧬠Malware Analysis Campaigns
- π― Detection Engineering Labs
- π¨ Phishing & Social Engineering Investigations
- π§ Threat Intelligence & Adversary Tracking
Each project includes:
- Scenario overview
- Evidence & logs
- Detection logic
- Analyst reasoning
- Lessons learned
- Security Operations Center (SOC)
- Incident Response & Alert Triage
- Log Analysis & SIEM Concepts (Splunk / Elastic Stack)
- Detection Engineering (entry-level)
- Threat Monitoring & Investigation
- Offense-informed defensive security
-
Cybersecurity Fundamentals
Issued: September 14, 2025- Threats, vulnerabilities, and risk concepts
- Security controls and defensive best practices
- Core cybersecurity principles for enterprise environments
-
Explore Emerging Tech
Issued: September 14, 2025- Cloud, AI, and emerging technologies
- Security implications of modern technology stacks
-
Introduction to Cybersecurity
Issued: July 12, 2025- Cyber threats and attack methodologies
- Defensive strategies and SOC fundamentals
-
Networking Basics
Issued: June 12, 2025- TCP/IP fundamentals
- IP addressing, protocols, and network communication
-
Complete Ethical Hacking Bootcamp
Completed: September 9, 2025Focus: Attacker Tradecraft for Defensive Security
- Understanding common attacker initial access techniques
- Windows exploitation concepts, including analysis of vulnerabilities such as EternalBlue (SMB exploitation)
- Post-exploitation techniques and artifacts left in logs, memory, and system activity
- Windows privilege escalation concepts and indicators
- Malware behavior fundamentals and execution flow
- Network-based attacks and how malicious activity appears in traffic
- Password attacks and authentication weaknesses (defensive awareness)
- Web application attack concepts (authentication and input validation flaws)
This training strengthened my ability to think like an attacker in order to
improve detection logic, log analysis, and incident response effectiveness.
- π Credly: View Certifications
- π§ͺ Udemy Certificate: View Certificate
- SOC workflows & analyst triage
- Incident response lifecycle
- Log analysis fundamentals
- Threat detection concepts
- MITRE ATT&CK framework familiarity
- Windows & Linux security fundamentals
- Splunk: search queries, investigations, alert analysis
- Elastic Stack (ELK): Kibana queries, log filtering, timeline analysis
- Windows Event Logs & Sysmon
- Sigma rule concepts
- Wireshark packet analysis for malicious traffic identification
- Network-based attack detection and protocol abuse analysis
- Identification of C2 indicators and suspicious network behavior
- Phishing email analysis and malicious payload identification
- Sandbox-based threat isolation and behavioral observation
- Malware triage and execution artifact recognition
- Vulnerability research and exploit awareness using Searchsploit
- Python scripting & automation
- Object-Oriented Programming (OOP)
- Log parsing & structured data handling
- Security-focused scripting
- β 146 completed rooms
- π‘οΈ Completed Incident Response and Detection & Monitoring rooms
- π Practiced real SOC analyst workflows:
- Alert triage
- Log analysis
- Evidence correlation
- Detection logic reasoning
- π§ Applied MITRE ATT&CK concepts to simulated real-world attacks
- π§Ύ Documenting labs as SOC-style case studies in this portfolio
- π Earned multiple TryHackMe badges demonstrating consistency and hands-on depth
- π Profile: View on TryHackMe
- Incident response lifecycle
- Windows event analysis
- Network activity investigation
- Log-based threat detection
- Attacker behavior recognition
TryHackMe is used strictly as a hands-on training platform,
not for badge or leaderboard collection.
- π CompTIA Security+ (in progress)
- π CompTIA CySA+ (planned)
- π οΈ Detection-focused Python tooling
- π§ͺ Sigma rule creation
- π Advanced SIEM queries (Splunk / Elastic)
- β Foundational cybersecurity certifications (IBM, Cisco)
- π Security+ preparation
- π CySA+ preparation
- β³ Detection engineering portfolio expansion
- π― Entry-level SOC / Blue Team role
- π§ Email: tgbeele@gmail.com
Detect early. Respond fast. Defend smart.
