Skip to content

gurvinny/security-analyst-portfolio

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
detections
detections
 
 
labs
labs
 
 
soc-playbooks
soc-playbooks
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
methodology.md
methodology.md
 
 
resume-projects.md
resume-projects.md
 
 
roadmap.md
roadmap.md
 
 

Repository files navigation

Gurvin Singh

Security Analyst Portfolio

📍 New York, NY | Security Operations & Threat Analysis

Email LinkedIn Status

🚀 The Mission

Security Operations professional focused on high-fidelity detection engineering and automated incident triage. Specialized in SIEM optimization (Splunk/Elastic) and network telemetry analysis to reduce dwell time. Proven ability to bridge offensive methodology with defensive engineering to secure multi-platform enterprise environments.

⚙️ Technical Competencies

Category Technologies & Platforms
Security Monitoring & Visibility Splunk Elastic
Network Traffic Analysis (NTA) & IDS/IPS Wireshark pfSense Snort
Detection & Frameworks Sigma MITRE ATT&CK
Endpoint Security EDR (Endpoint Detection & Response)
Security Orchestration & Scripting Python Bash
Operating Systems Windows Linux

📜 Certifications & Training Validation

  • Status Verified Completion
  • Status Advanced Standing: Focus on SIEM, Digital Forensics, & Incident Response
  • Status Candidate (Exam Targeted: May 2026)

🔬 Executive Summary: Featured Deployments

Project Name Objective Primary Tools Outcome Link
Enterprise Home Network Lab Network Visibility pfSense, Splunk Engineered a hardened, segmented architecture with active IDS/IPS monitoring and centralized log aggregation for proactive Threat Hunting. View Repo
Automated Phish Extractor Triage Automation Python, APIs Reduced manual triage latency by automating IOC extraction and threat intelligence enrichment, standardizing Incident Response reports for rapid containment. View Repo
Flipper Zero Hardware Security Protocol Research Flipper Zero Conducted vulnerability research on physical access controls and wireless protocols to document defensive countermeasures against HID/RF attacks. View Repo

🛠️ Analytical Methodology

  • Framework Alignment: Mapping all lab detections to MITRE ATT&CK tactics (Initial Access, Persistence, Exfiltration).
  • Incident Lifecycle: Following NIST 800-61 r2 for structured Preparation, Detection, and Containment.
  • Documentation: Maintaining standardized investigation logs to ensure chain of custody, perform comprehensive Forensics, and deliver clear executive reporting.

📂 SOC Portfolio Modules

📘 Incident Response Playbooks

Structured standard operating procedures (SOPs) for triage, containment, and eradication.

  • Analyst Focus: Phishing Analysis, Ransomware Containment, Brute Force Triage.

🔍 Detection Engineering

Repository of custom vendor-agnostic detection logic and SIEM search patterns.

  • Analyst Focus: Sigma rule development, Splunk/Elastic queries, MITRE ATT&CK alignment.

🧪 Lab Investigations

Deep-dive forensic reports mapping attacker kill chains and identifying defensive artifacts.

  • Analyst Focus: Timeline reconstruction, log aggregation, and indicator extraction.
Disclaimer: All activities documented in this portfolio are performed in controlled, legal environments for educational purposes.

About

Hands-on SOC analyst training portfolio covering threat detection, incident response, log analysis, and blue team lab investigations.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors