# Technical Skills ## Security Operations & Incident Response **SIEM Platforms** - Splunk - ELK Stack (Elasticsearch, Logstash, Kibana) - Sentinel One - Rapid 7 IDR - Stellar Cyber Security - Microsoft Sentinel - Microsoft Defender (Cloud / 365) **SOAR Platforms** - Swimlane - D3 SOAR - Torq **EDR & Threat Detection** - Darktrace - Tanium - Vectra - FireEye - Sentinel One **DFIR & Forensics** - Volatility (memory forensics) - Malware analysis & reverse engineering - Multi-host compromise investigation - Incident response planning & execution - Evidence collection & preservation **Threat Hunting & Detection** - Threat hunting methodologies - Detection engineering - Custom heuristics & rule development - Behavioral analysis ## Penetration Testing & Red Team - Metasploit Framework - Web application security testing - Automated attack simulation - Red team engagement oversight - Purple team testing - Phishing campaign management & security training - Vulnerability assessment & remediation ## Cloud Platforms & Security **Cloud Providers** - AWS (Lambda, Bedrock, EC2, S3) - Microsoft Azure - Oracle Cloud Infrastructure (OCI) **Cloud Security** - Cloud security architecture - Hybrid cloud environments - Cloud security posture management - Identity & access management ## AI/ML & Security Automation **AI & Machine Learning** - AWS Bedrock / Large Language Models - Retrieval-Augmented Generation (RAG) - Machine learning for security detection - Custom AI process development **Automation** - SOAR playbook development - Alert triage automation (11,000-21,000 alerts/month) - Python-based automation programs - Workflow automation & orchestration - Custom tool development ## Programming & Scripting - Python (primary) - PowerShell - Bash - SQL - YAML configuration management ## Infrastructure & Systems **Server Administration** - Windows Server (2008, 2012, 2016+) - Linux/UNIX administration - Active Directory management **Virtualization & Containers** - VMware - Hyper-V - Docker - Kubernetes **Networking** - Network architecture & design - Network segmentation & VLANs - Firewall management & configuration - WAN/LAN design & management ## Compliance & Frameworks - NIST 800-53 / 800 series - PCI-DSS - HIPAA - GDPR - CIS Benchmarks - Security audit navigation & remediation ## Leadership & Management **Team Leadership** - SOC team management (up to 17 direct reports) - Technical team oversight (8+ direct reports) - Cross-functional team coordination - Multi-timezone project management **Operations Management** - MSSP operations (50+ clients, 150,000+ assets, 1 million+ users) - Budget & P&L management - Vendor negotiations & management - Service delivery optimization **Development & Training** - Training program development - Security awareness programs - Mentorship & skill development - Hiring & team building - SOP & documentation creation ## Operating Systems - Linux (Debian, RHEL, Ubuntu, CentOS) - Windows Server - Windows Desktop - macOS - UNIX ## Project & Ticket Management - Jira - ServiceNow - Custom ticketing systems - Agile/Scrum methodologies