August 2025 - Present
Built a virtual SOC using Splunk and Elastic Stack to ingest and analyze security logs, create dashboards, and detect anomalies in simulated enterprise environments.
Configured Snort IDS/IPS to monitor network traffic and generate alerts for simulated attacks.
Performed vulnerability scanning on lab machines with OpenVAS/Nessus to identify security gaps and prioritize mitigation steps.
Automated security monitoring tasks using PowerShell, including log analysis, endpoint checks, and reporting.