first commit

sources/skills.md

@@ -0,0 +1,147 @@
+# Technical Skills
+
+## Security Operations & Incident Response
+
+**SIEM Platforms**
+- Splunk
+- ELK Stack (Elasticsearch, Logstash, Kibana)
+- Sentinel One
+- Rapid 7 IDR
+- Stellar Cyber Security
+- Microsoft Sentinel
+- Microsoft Defender (Cloud / 365)
+
+**SOAR Platforms**
+- Swimlane
+- D3 SOAR
+- Torq
+
+**EDR & Threat Detection**
+- Darktrace
+- Tanium
+- Vectra
+- FireEye
+- Sentinel One
+
+**DFIR & Forensics**
+- Volatility (memory forensics)
+- Malware analysis & reverse engineering
+- Multi-host compromise investigation
+- Incident response planning & execution
+- Evidence collection & preservation
+
+**Threat Hunting & Detection**
+- Threat hunting methodologies
+- Detection engineering
+- Custom heuristics & rule development
+- Behavioral analysis
+
+## Penetration Testing & Red Team
+
+- Metasploit Framework
+- Web application security testing
+- Automated attack simulation
+- Red team engagement oversight
+- Purple team testing
+- Phishing campaign management & security training
+- Vulnerability assessment & remediation
+
+## Cloud Platforms & Security
+
+**Cloud Providers**
+- AWS (Lambda, Bedrock, EC2, S3)
+- Microsoft Azure
+- Oracle Cloud Infrastructure (OCI)
+
+**Cloud Security**
+- Cloud security architecture
+- Hybrid cloud environments
+- Cloud security posture management
+- Identity & access management
+
+## AI/ML & Security Automation
+
+**AI & Machine Learning**
+- AWS Bedrock / Large Language Models
+- Retrieval-Augmented Generation (RAG)
+- Machine learning for security detection
+- Custom AI process development
+
+**Automation**
+- SOAR playbook development
+- Alert triage automation (11,000-21,000 alerts/month)
+- Python-based automation programs
+- Workflow automation & orchestration
+- Custom tool development
+
+## Programming & Scripting
+
+- Python (primary)
+- PowerShell
+- Bash
+- SQL
+- YAML configuration management
+
+## Infrastructure & Systems
+
+**Server Administration**
+- Windows Server (2008, 2012, 2016+)
+- Linux/UNIX administration
+- Active Directory management
+
+**Virtualization & Containers**
+- VMware
+- Hyper-V
+- Docker
+- Kubernetes
+
+**Networking**
+- Network architecture & design
+- Network segmentation & VLANs
+- Firewall management & configuration
+- WAN/LAN design & management
+
+## Compliance & Frameworks
+
+- NIST 800-53 / 800 series
+- PCI-DSS
+- HIPAA
+- GDPR
+- CIS Benchmarks
+- Security audit navigation & remediation
+
+## Leadership & Management
+
+**Team Leadership**
+- SOC team management (up to 17 direct reports)
+- Technical team oversight (8+ direct reports)
+- Cross-functional team coordination
+- Multi-timezone project management
+
+**Operations Management**
+- MSSP operations (50+ clients, 150,000+ assets, 1 million+ users)
+- Budget & P&L management
+- Vendor negotiations & management
+- Service delivery optimization
+
+**Development & Training**
+- Training program development
+- Security awareness programs
+- Mentorship & skill development
+- Hiring & team building
+- SOP & documentation creation
+
+## Operating Systems
+
+- Linux (Debian, RHEL, Ubuntu, CentOS)
+- Windows Server
+- Windows Desktop
+- macOS
+- UNIX
+
+## Project & Ticket Management
+
+- Jira
+- ServiceNow
+- Custom ticketing systems
+- Agile/Scrum methodologies