Emsly S. | IT & Security Professional

🚀 Featured Projects

OU placement and group assignment in Active Directory

Identity & Access Management Lab

Provisioning, deprovisioning, quarterly access reviews, and GPO enforcement. Scripted in PowerShell with timestamped audit logs and manager-ready CSV output.

Active Directory PowerShell GPO Identity Lifecycle

Terminal output showing AI triage report with CRITICAL brute force finding and MITRE ATT&CK T1110.001 mapping

GITHUB + BLOG

AI-Assisted SOC Triage Tool

Python tool combining Splunk REST API and Anthropic API. Detected four attack patterns including T1110.001 brute force and T1087 account enumeration from real lab data.

Python Splunk API Anthropic API MITRE ATT&CK

Microsoft Sentinel dashboard showing incident map with attack origins and KQL detection query results

GITHUB

Azure SOC Operations Center

Microsoft Sentinel with custom KQL detection queries and automated incident response. Honeypot captured 6,000+ live attack attempts mapped to MITRE ATT&CK.

Azure Sentinel KQL Log Analytics SIEM

Splunk web UI showing correlation search results with Windows Security events from dc01

BLOG POST

Splunk SIEM Engineering Lab

3-part series: Universal Forwarder deployment, SPL correlation searches, CIM normalization, and MITRE ATT&CK detection rules with Security Essentials.

Splunk SPL Detection Engineering Proxmox

OpenSCAP compliance scan results showing remediation progress from 70.9% to 78.12% on RHEL baseline

BLOG POST

NIST CSF 2.0 Compliance Lab

Full compliance lifecycle on Proxmox: pfSense VLAN segmentation, Wazuh SIEM, OpenSCAP remediation, GPO hardening, and live attack simulation.

NIST CSF 2.0 Wazuh OpenSCAP pfSense

Tenable Nessus Professional dashboard showing vulnerability scan results with CVSS risk scoring

GITHUB

Vulnerability Management Platform

Tenable Nessus Professional on Azure with automated scheduling, CVSS risk scoring, and NIST and CIS framework mapping with full remediation workflow.

Nessus Azure VM CVSS NIST / CIS

Wazuh Dashboard showing agent alerts and active response events

BLOG POST

Wazuh SIEM Homelab

Deployed Wazuh on Ubuntu with agents on Windows and Linux endpoints. Configured custom detection rules, active response, and GPO hardening on the slytech.us domain.

Wazuh Proxmox Active Directory SIEM

pfSense firewall rules dashboard showing VLAN segmentation policies

GITHUB

pfSense Firewall Configuration Lab

Multi-VLAN network segmentation with enforced firewall policies, traffic filtering, and access control rules across management, server, workstation, and DMZ zones.

pfSense 2.7.2 VLAN Segmentation Firewall Rules

All projects documented with build notes, troubleshooting, and real lab data at blog.slytech.us

GitHub Repos → Blog Documentation →

💫 Who I Am

emsly@slytech:~$ whoami

Three years in IT. Started on the help desk, grew into a systems administrator role managing infrastructure, security, and IAM across hybrid Windows and Linux estates.

emsly@slytech:~$ cat mission.txt

Documenting the build in public — homelabs, detection engineering, and compliance work at blog.slytech.us

emsly@slytech:~$ ls skills/

incident-response/ detection-engineering/ siem-operations/ cloud-security/ compliance/ identity-access/

emsly@slytech:~$ cat focus.md

# Current Objectives

- Infrastructure, Cloud, Security, and Identity roles

- Multilingual: English, Spanish, French

🛠️ Arsenal

Linux

Bash

PowerShell

Python

Splunk

Wazuh

Azure

Proxmox

Active Directory

Entra ID

pfSense

Docker

Kali Linux

MITRE ATT&CK

Nessus

KQL

SIEM

Detection Engineering

🏅 Professional Certifications

CompTIA Security+

Certified — September 2024

CompTIA Network+

Certified — July 2024

Splunk Core Certified User

Certified — November 2024

Microsoft Azure Fundamentals (AZ-900)

Certified — 2025

Microsoft Azure Administrator (AZ-104)

Certified — 2026

Open to New Opportunities

Open to infrastructure, security, cloud, and identity roles. I build production-grade labs, automate workflows, and document everything publicly at blog.slytech.us.

Start the Conversation View My Work Read the Blog