🚀 Featured Projects
GITHUB + BLOG
Identity Governance Portal
Read-only identity governance and drift monitoring portal on Microsoft Graph. Weekly PowerShell snapshots feed a Fluent-styled dashboard with an AI Copilot powered by Claude. Surfaces disabled licensed accounts, privileged access changes, and compliance controls mapped to CIS, NIST CSF, and ISO 27001.
GITHUB + BLOG
Identity Lifecycle Automation
HR-driven onboarding and offboarding automation across Active Directory and Microsoft 365. PowerShell provisions AD users, syncs to Entra ID, assigns M365 licenses, and notifies managers via Graph API. Offboarding disables accounts, revokes sessions, and reclaims licenses with a full audit trail.
BLOG POST
Identity & Access Management Lab
Provisioning, deprovisioning, quarterly access reviews, and GPO enforcement. Scripted in PowerShell with timestamped audit logs and manager-ready CSV output.
GITHUB + BLOG
AI-Assisted SOC Triage Tool
Python tool combining Splunk REST API and Anthropic API. Detected four attack patterns including T1110.001 brute force and T1087 account enumeration automatically from real lab data.
BLOG POST
Splunk SIEM Engineering Lab
3-part series: Universal Forwarder deployment, SPL correlation searches, CIM normalization, and MITRE ATT&CK detection rules with Security Essentials.
BLOG POST
NIST CSF 2.0 Compliance Lab
Full compliance lifecycle on Proxmox: pfSense VLAN segmentation, Wazuh SIEM, OpenSCAP remediation, GPO hardening, and live attack simulation.
GITHUB + BLOG
Azure SOC Operations Center
Microsoft Sentinel with custom KQL detection queries and automated incident response. Honeypot captured 6,000+ live attack attempts mapped to MITRE ATT&CK.
BLOG POST
Wazuh SIEM Homelab
Deployed Wazuh on Ubuntu with agents on Windows and Linux endpoints. Configured custom detection rules, active response, and GPO hardening on the slytech.us domain.
GITHUB
Vulnerability Management Platform
Tenable Nessus Professional on Azure with automated scheduling, CVSS risk scoring, and NIST and CIS framework mapping with full remediation workflow.
All projects documented with build notes, troubleshooting, and real lab data at blog.slytech.us
💫 Who I Am
🛠️ Arsenal
🏅 Professional Certifications
Open to New Opportunities
Open to infrastructure, security, cloud, and identity roles. I build production-grade labs, automate workflows, and document everything publicly at blog.slytech.us.