Intelligence-led security, built in the real world
Cybersecurity that thinks like an operator, hunts like an analyst, and explains like a teacher.
I build security labs, investigate threats, harden systems, and turn complex cyber concepts into clear action. My work sits where intelligence analysis, SOC operations, offensive testing, and practical engineering meet.
$ ./profile --load operator loading intelligence background... done loading security operations... done loading project evidence... done ready.
Experience
A career built across intelligence, defense, security operations, and hands-on engineering.
USMC Intelligence & Security Management
Produced operational reporting, coordinated UAS support, briefed leadership, and managed security responsibilities for large personnel populations in high-accountability environments.
Industrial Security Analyst
Managed classified accountability, PERSEC workflows, DISS visit verification, safe combination changes, inventories, briefings, and compliance-driven security processes.
Cybersecurity Student & Builder
Built Linux-first labs, Windows Server Active Directory environments, enterprise-level firewall and network segmentation, CTI tooling, and CTF tools to turn theory into repeatable skill.
Threat Research, SOC Thinking & Practical Proactive Defense
Focused on detection, exposure management, tactical threat intelligence, vulnerability validation, and communicating risk in a way decision-makers can actually use.
Selected operations
Portfolio projects that look like real work, not classroom filler.
Each project is written like a mission brief: objective, execution, tooling, evidence, and business value.
Threat Intelligence Daily Console
A desktop intelligence workflow that aggregates trusted security feeds, converts noise into analyst-ready notes, and supports daily briefings.
- Feed collection and triage logic
- Analyst notes and source tracking
- Executive-ready summary format
TSS Homelab Security Architecture
A practical enterprise-style lab with Palo Alto routing, isolated VLANs, Windows AD, Linux hosts, security monitoring, and controlled attack paths.
- WAN/LAN/isolation zoning
- AD + Linux hybrid environment
- Detection and validation playground
ESP32 HaleHound Field Toolkit
A practical ESP32-based cyber hardware project showing flashing workflow, field-tool testing, interface notes, and how it informs the larger handheld design concept.
- ESP32 flashing and validation notes
- HaleHound feature mapping
- All-in-one handheld concept design log
Creator Account Protection Framework
A scalable security service model for influencers and creators exposed to account takeover, doxxing, impersonation, phishing, and stalking risk.
- Risk intake and OSINT hygiene
- Account hardening checklist
- Monthly monitoring model
Cyber Club & CTF Program
A campus cybersecurity development plan centered on peer mentoring, NCL practice, homelabs, student leadership, and real conference exposure.
- Student skills pipeline
- CTF practice model
- Hardware and advisor asks
Cyber Skyline / NCL Competition Record
Repeated performance across timed NCL seasons with score reports covering OSINT, crypto, password cracking, logs, traffic analysis, forensics, scanning, web exploitation, and enumeration.
- 8 Cyber Skyline result reports
- Team and individual seasons
- Category-level analyst proof
The lab is the proof
Built like a miniature enterprise, abused like a training range, documented like a client engagement.
Great cybersecurity portfolios show receipts. This section shows what exists and why it exists
Policy / NAT / Zones
192.168.1.0/24
10.10.10.0/24
triadic.local
triadic.outland
Capabilities
Where I create value.
SOC & Detection
Alert triage, log review, incident notes, containment thinking, escalation quality, and meaningful detection tuning.
Threat Intelligence
Collection plans, source validation, actor/TTP mapping, briefings, executive summaries, and intelligence-to-action workflows.
Vulnerability Validation
Turning scanner output into evidence, impact, risk, remediation priority, and clear stakeholder communication.
Infrastructure Security
Linux, Windows Server, AD, routing, VLANs, firewall rules, VPN concepts, and practical segmented lab design.
Offensive Methodology
Recon, enumeration, web testing, privilege escalation, password attacks in controlled environments, and CTF writeups.
Security Communication
Clear reports, briefings, diagrams, training material, and translating technical findings into decisions.
Briefings & teaching
Cybersecurity is only useful when people understand what to do next.
Operator Vault
Find the credentials. Prove you can inspect what others ignore.
This is a portfolio CTF gate. The username and password are hidden across the page source, stylesheet, and scripts. Unlock it to reach deeper research artifacts, hardware build notes, adversary-simulation material, and threat-intelligence training cases.
Session access granted. Open the proof locker.
Open channel
Need a security analyst who can think, build, brief, and execute?
Reach out for SOC analyst roles, threat intelligence work, security operations, vulnerability validation, lab collaborations, talks, or practical cyber projects.