About

About

Professional Summary

I’m a GIAC-certified Incident Handler (GCIH, GSEC) and Security Analyst with hands-on experience in incident response, endpoint forensics, and threat hunting through SANS SEC504 DFIR labs. I combine technical investigation skills with a background in Business Management and Psychology to communicate security findings clearly during high-pressure incidents.

I ranked in the top 2% of the National Cyber League team competition and focused on log analysis, network traffic investigation, and practical DFIR workflows. I’m currently completing the SANS Applied Cybersecurity Certificate (ACS) and pursuing GCFA (Expected May 2026).

Education & Certifications

Applied Cybersecurity Certificate (ACS) – SANS Technology Institute (In Progress, GPA: 4.0)

  • GIAC Certifications: GCIH, GSEC, GFACT, GCFA (Expected May 2026)

Google Cybersecurity Professional Certificate: Completed Feb 2024

B.Mgmt (Honours), Minor in Psychology – University of British Columbia (GPA: 3.7/4.0)

Technical Skills

  • Incident Response & DFIR: Endpoint triage, threat hunting, log-based investigations
  • Network Defence: Zeek, RITA, Wireshark, Tcpdump, Nmap
  • SIEM & Detection: Splunk (Basic), Chronicle, SQL
  • Forensics Tools: Volatility, Hayabusa, Procmon, Regshot, Timeline Explorer, CyberChef
  • Scripting: PowerShell, Python, Bash
  • Platforms: Windows, Linux (CLI)

Projects

Check out my cybersecurity projects to see examples of my technical skills in action, including:

National Cyber League (Spring 2025)

Ranked Top 2% (63rd/4,798 Teams)

  • Specialized in Network Traffic Analysis and Forensics, identifying malicious C2 traffic and reconstructing attack timelines from PCAPs.
  • Executed challenges in OSINT, Web Exploitation, and Cryptography.

Enterprise Incident Response | SANS SEC504 (Falsimentis Simulation)

  • Investigation: Executed the full IR lifecycle to neutralize a multi-stage wiper/ransomware breach. Analyzed memory dumps with Volatility 3 to identify malicious process trees and injected code.
  • Network Forensics: Reconstructed attack timelines by analyzing PCAPs and proxy logs to identify Command & Control (C2) channels and scope the extent of the breach.
  • Threat Hunting: Detected low-jitter C2 beacons using RITA & Zeek. Performed high-speed log analysis with Hayabusa to track lateral movement and persistence mechanisms.

Cloud & Web Exploitation | SANS SEC504 Lab Series

  • Cloud Security: Identified exposed assets via Masscan/TLS-Scan. Exploited SSRF vulnerabilities to compromise AWS IAM credentials and audited configurations using ScoutSuite.
  • Offensive Operations: Simulated adversary tradecraft including AppLocker bypass (Living off the Land), Command Injection, and browser hooking with BeEF to validate system hardening.
  • Credential Assessment: Audited network authentication by capturing NTLM hashes with Responder (LLMNR poisoning) and validating password complexity policies using Hashcat and password spraying.