As a University IT student with a background in Cyber Security, I possess a deep understanding of various aspects of computer systems and networks.
I have hundreds of classroom hours in Cyber Threat Intelligence, Cryptography, NIST Security Framework, Risk Management, System Administration,
Computer Systems and Networks, Database Systems and Cyber Defense. I have demonstrated exceptional skills in different programming languages,
including KQL, C, Java, JavaScript, Python, HTML/CSS, and SQL. My technical expertise, combined with my passion for Cyber Security, has equipped
me with the knowledge and skills required to identify, prevent, and respond to Cyber Threats.
A pivotal internship at Dyson has significantly enriched my understanding, presenting me with real-world cybersecurity challenges and enabling me
to apply my theoretical knowledge in practical scenarios. This hands-on experience has been instrumental in refining my skills in risk management
and the implementation of security protocols, preparing me to effectively address and neutralize potential cyber threats. These experiences have
not only enhanced my skills but also underscored the importance of applying theoretical knowledge in practical scenarios to safeguard digital assets
against evolving cyber threats.
Beyond the classroom and professional settings, I have engaged in practical tasks with leading companies such as Mastercard, Visa, Telstra, and
AIG, further broadening my perspective and experience in the field. My educational journey is complemented by major industry-recognized
certifications, including Penetration Testing Essential Training and Cybersecurity Virtual Experience Programs, marking me as a dedicated and
well-prepared professional in the realm of Cyber Security.
My goal is clear: to leverage my blend of academic knowledge, practical experience, and technical skills to help organizations strengthen their
defenses against cyber threats. In this ever-evolving digital landscape, I am committed to staying at the forefront of cybersecurity innovation and
practices, ready to contribute to the security and resilience of digital infrastructures around the globe.
These are some of the certificates that I have completed during my time in University and Internship/Placement. Each certification has not only
expanded my skill set but also instilled in me a profound appreciation for the complexity and ever-evolving nature of Cyber Security. The outcomes
of these learning experiences are evident in my approach to problem-solving, my ability to adapt to new challenges, and my readiness to contribute
to the field with innovative solutions and a commitment to excellence.
Security Blue Team Level 1
The Security Blue Team Level 1 (BTL1) certification is designed to validate an individual's foundational skills and practical abilities in the field of cybersecurity. This certification
emphasizes defensive security operations and equips professionals with the necessary knowledge to effectively protect organizational information systems from various cyber threats.
Skills Demonstrated:
The BTL1 certification covers five critical security operations domains, ensuring a comprehensive skill set for junior analysts:
Phishing Analysis: Identifying and analyzing phishing attempts to mitigate and respond to email-based attacks.
Threat Intelligence: Gathering and interpreting threat data to understand potential adversaries and their tactics.
Digital Forensics: Conducting forensic investigations to uncover and analyze digital evidence following security incidents.
SIEM (Security Information and Event Management): Using SIEM tools for real-time analysis of security alerts and managing security events effectively.
Incident Response: Developing and implementing response strategies to manage and recover from security incidents.
Certification Process:
The BTL1 certification process involves a rigorous practical exam that tests the candidate’s ability to respond to real-world security incidents. The key
components include:
24-Hour Practical Exam: Candidates must successfully complete a 24-hour incident response exam, demonstrating their skills in a controlled, high-pressure environment.
Passing Grade: Earning a passing grade on the practical exam is required to achieve certification.
Impact and Benefits:
Achieving the BTL1 certification demonstrates a solid understanding and practical capability in defensive cybersecurity operations. It prepares individuals for entry-level roles within
cybersecurity teams and provides the following benefits:
Industry Recognition: Validates your skills and knowledge, making you a credible candidate for cybersecurity positions.
Career Advancement: Opens up opportunities for further specialization and advanced certifications in the field.
Practical Knowledge: Ensures you are equipped to handle real-world cyber threats and incidents effectively.
Security Blue Team Junior Analyst
The Security Blue Team Junior Analyst certification is designed for individuals looking to establish a foundational understanding of cybersecurity
from a defensive perspective. A "blue team" in cybersecurity refers to the group of individuals who work to defend an organization's information
systems from cyber threats, which is the opposite of the "red team" that attempts to penetrate security measures to test their effectiveness.
Skills Learned:
The certification typically covers a range of skills essential for a cybersecurity analyst, including:
Open-Source Intelligence (OSINT): Techniques for gathering information from publicly available sources to aid in cybersecurity defense.
Digital Forensics: Understanding the methods for investigating and analyzing cyber attacks and breaches to identify the perpetrators and their methods.
Vulnerability Management: The process of identifying, evaluating, treating, and reporting on security vulnerabilities in systems and the software that runs on them.
Dark Web Operations: Gaining insights into the parts of the internet not indexed by standard search engines where cyber threats can originate.
Hunting: Proactively searching through networks to detect and isolate advanced threats that evade existing security solutions.
Network Analysis: Monitoring network traffic to identify unusual patterns or activities that could signify a security incident or breach.
Tools Used:
Throughout the course, I gained experience with a variety of tools and technologies commonly used by cybersecurity professionals, such as:
Wireshark: For capturing and analyzing network packets.
Nessus or OpenVAS: Vulnerability scanning software for identifying potential security risks.
TheHarvester: For gathering OSINT, which includes emails, subdomains, hosts, employee names, open ports, and banners.
Metasploit: Although typically used for penetration testing, it can also be used by blue teams to identify security weaknesses.
Snort: Network intrusion detection system (NIDS) software for identifying intrusions.
Security Information and Event Management (SIEM) tools: For real-time analysis of security alerts generated by applications and network hardware.
The certification involves practical tasks and simulations to provide experiential learning, and it also prepare us to
understand the usage of frameworks like the NIST Cybersecurity Framework to structure their cybersecurity efforts.
Upon completion of the certification, I am expected to have a foundational knowledge of the cybersecurity landscape, along with the ability to
apply their skills and knowledge in a real-world environment to protect and defend against cyber threats. Also, we are expected to be well-prepared for
entry-level positions in cybersecurity teams within various organizations.
Cybersecurity Engineering Virtual Internship Program
In the Cybersecurity Engineering Virtual Internship Program offered by SAP through Forage, I have gained hands-on experience in key cybersecurity practices through
different tasks such as:
Key Management: Learned techniques to secure sensitive access credentials, ensuring the integrity and confidentiality of critical system access points.
Phishing Mitigation: Gained expertise in identifying phishing attempts and implementing strategies to prevent such cyber threats.
System Hardening: Acquired skills in enhancing the security posture of systems through various hardening techniques.
Security Analysis and Recommendations: Developed the ability to conduct thorough security analyses and formulate strategic recommendations to bolster cybersecurity defenses.
Cybersecurity Consulting Virtual Case Experience
In the Cybersecurity Consulting Virtual Case Experience offered by PWC, I have enhanced my capabilities through practical tasks focusing on:
Integrated Information Defense: Focused on crafting comprehensive cybersecurity strategies that ensure the protection of critical information assets across varied systems.
Risk Assessment: Involved systematic evaluation of potential vulnerabilities within an organization's IT infrastructure, prioritizing risks based on their impact and likelihood.
IT System Security Baseline: Established minimum security standards for IT systems to maintain a consistent security posture and mitigate threats effectively.
Network Segmentation: Executed strategies to divide networks into smaller, manageable segments, enhancing security controls and limiting the spread of potential attacks.
These activities underscore the importance of a holistic cybersecurity approach, combining strategic planning with practical application to address
complex security challenges in a consulting context.
Cybersecurity Consulting Virtual Case Experience
In the Mastercard Cybersecurity Virtual Experience Program, I have honed my skills through these key tasks:
Designing a Phishing Email Simulation: Developed a realistic phishing attack scenario to test organizational awareness and preparedness against social engineering threats.
Interpreting Phishing Simulation Results: Analyzed outcomes to assess the effectiveness of cybersecurity awareness within the organization, identifying areas for improvement in training and response strategies.
These tasks provided practical experience in creating and evaluating cybersecurity exercises, crucial for understanding and improving defense mechanisms against common cyber threats.
Visa Token Service Technology Virtual Experience Program
In the Visa Token Service Technology Virtual Experience Program, I engaged in tasks essential to digital payment security and API integration:
Card Authentication: Focused on verifying cardholder information securely during transactions, utilizing tools and protocols designed to minimize fraud and enhance payment security.
Select Visa API for Use Cases: Tasked with choosing the appropriate Visa APIs for specific financial scenarios, demonstrating an understanding of API capabilities and how they can be leveraged to improve service delivery and user experience.
This experience provided practical insights into securing digital payments and effectively utilizing APIs to meet various operational needs.
Cybersecurity Virtual Experience Program
In the Telstra Cybersecurity Virtual Experience Program, I tackled real-world cybersecurity challenges, such as:
Responding to a Malware Attack: He learned to quickly identify and assess the extent of malware infiltration, utilizing cybersecurity protocols to contain the threat.
Analysing the Attack: Employed analytical tools to understand the malware's origin, method of attack, and impact, which is crucial for crafting an effective response strategy.
Mitigating the Malware Attack: Focused on technically eradicating the malware from the system, securing vulnerabilities to prevent future incidents.
Incident Postmortem: Conducted a detailed review of the incident to identify lessons learned and improve future cybersecurity measures.
"Shields Up: Cybersecurity Virtual Experience Program
In the AIG "Shields Up: Cybersecurity Virtual Experience Program," I demonstrated my capability to tackle critical cybersecurity challenges, such as:
Responding to a Zero-Day Vulnerability: I effectively identified and addressed a newly discovered software vulnerability, executing swift
protective actions to safeguard systems prior to the vulnerability being publicly exploited.
(Technical) Bypassing Ransomware: He applied technical skills to navigate around ransomware encryption, recovering access to critical files without conceding
to the demands of cyber attackers, showcasing a proactive approach to emergent cybersecurity threats.