I'm a cybersecurity analyst with 4+ years of hands-on experience across threat hunting, digital forensics, network defense, and cyber infrastructure management. Most of that came through the U.S. Marine Corps as a Cyber Warfare Operator before transitioning to the federal civilian side.
Today I'm a Shift Lead at the Defense Finance and Accounting Service - running detection workflows in Microsoft Sentinel, building automated toolsets, authoring SIEM rules, and performing digital forensics in support of investigations. I hold an active TS/SCI clearance with CI Polygraph.
I like building tools more than I like talking about them. Most of what's on this site exists because something at work annoyed me enough to script it. The SOC Dashboard grew out of wanting somewhere to drill hunting queries against realistic data without a production Sentinel tenant. It's still growing.
Currently pursuing a B.S. in Applied Cybersecurity at SANS Technology Institute (expected 2027-01).
Lead detection and response on a federal civilian SOC. Identify suspicious traffic patterns through Microsoft Sentinel, drive incident investigations, and process 30,000+ alerts while establishing baseline behavior. Built automated toolsets, authored SIEM rules, and performed digital forensics in support of active investigations.
Conducted advanced threat hunting using Splunk and Security Onion with custom dashboards and queries to surface anomalous traffic. Led digital forensic investigations using Autopsy and FTK. Architected and maintained virtual infrastructure supporting 100+ users and enforced STIG compliance across legacy and modernized systems.
A self-contained lab environment built around realistic Sentinel-shaped sample data. Includes a KQL translator (Invoke-KqlPS), threat-intel enrichment wrappers (AbuseIPDB, urlscan.io, NIST NVD, Team Cymru, NSRL), MITRE ATT&CK lookups, and a daily CVE/KEV/EPSS brief generator.
The SOC Dashboard's portable pieces, running in your browser. A working KQL playground (sql.js + 16 sample tables), graded practice questions, a visual query builder, and a live honeypot threat feed.
97th percentile in the Fall 2025 Individual Game across OSINT, cryptography, password cracking, log analysis, network traffic analysis, scanning, web exploitation, and forensics.
Awarded for analyzing 3.5M+ daily packets across critical networks and leading defensive cyberspace operations in Okinawa, JP.
Recognized for exemplary leadership of 75 Marines during the Joint Cyber Analysis Course.