I'm a cybersecurity professional and IT consultant transitioning into Cloud Security Engineering. I hold CompTIA Security+ and have spent the last several months building hands-on experience through homelab environments, security automation tools, and real-world client IT work across healthcare and transport industries.

Currently targeting Security Analyst and SOC Analyst roles while building toward Cloud Security Engineer and AI Security Specialist long term.

🔄 In progress: AWS Certified Cloud Practitioner (Target: July 2026)

18 production-ready security automation tools built across core cloud security domains 📁 [github.com/CodeBroKinty/python-automation-labs]

• S3 Security Auditor — Detects misconfigurations (public access, encryption, versioning, logging) with risk scoring (CRITICAL / HIGH / MEDIUM / LOW) — targets class of vulnerability behind the Capital One breach ($190M settlement)
• IAM Permission Analyzer — Flags missing MFA, excessive admin access, and unused credentials across AWS accounts
• EC2 Inventory Tool — Asset discovery with automated security analysis flagging public IP exposure and default security groups
• Cost Monitor — Service breakdown, trend analysis, and month-end forecasting to prevent unauthorized spend

• Port Scanner — 100 concurrent threads, scans 1,000 ports in under 10 seconds (100x speedup vs sequential)
• Service Detector — Banner grabbing with OS fingerprinting to identify vulnerable software versions
• Ping Sweep — CIDR notation network discovery and asset mapping
• Unified Scanner — Complete host discovery, port scanning, and service enumeration in a single workflow

• Brute-Force Detector — 3-layer detection: velocity attacks, distributed coordinated IPs, and account enumeration patterns
• Authentication Log Parser — Regex-based threat correlation and attack pattern identification
• File Integrity Monitor — Real-time SHA-256 cryptographic hashing to detect unauthorized file modifications
• Security Reporter — Multi-format exports (CSV, Markdown, JSON) for stakeholder communication

Deployed Splunk, ingested endpoint and authentication log data, and performed threat hunting using SPL queries. Identified simulated security incidents including failed login patterns, off-hours authentication, and privilege escalation attempts. Documented findings in incident report format.

Skills: Splunk, SIEM, SPL Queries, Log Analysis, Threat Hunting, Incident Documentation

Deployed Wazuh open-source EDR platform across a multi-OS homelab environment (Windows and Linux). Configured endpoint agents, triggered and analyzed security alerts including failed logins and file integrity changes, and documented findings using industry-standard incident reporting format.

Skills: EDR, Wazuh, Endpoint Monitoring, Alert Triage, Incident Reporting, Linux, Windows Server

Performed live packet capture, traffic baselining, and SOC-style forensic triage of a real-world NetSupport Manager RAT infection using Wireshark on Parrot OS. Identified all 5 IOCs from raw packet data including infected host IP, MAC, hostname, user account, and full name. Includes incident report, IOC documentation, and annotated screenshots.

Designed and administered a Windows Server Active Directory environment simulating a multi-department organization. Implemented joiner/mover/leaver (JML) lifecycle management, role-based access control (RBAC) via security groups, Group Policy configuration, and access auditing. Identified and documented accounts with excessive permissions as mock audit findings.

Skills: Active Directory, IAM, RBAC, GPO, JML Lifecycle, Access Auditing, Windows Server

VirtualBox environment running Kali Linux (attacker), Ubuntu (analyst), and Parrot OS alongside a Windows victim machine for penetration testing, log analysis, and defensive security practice.

Skills: Kali Linux, Parrot OS, Ubuntu, Windows, VirtualBox, Network Scanning, Threat Analysis

Languages: Python 3.10+, Bash, SQL (foundational), HTML, CSS

Cloud: AWS (EC2, S3, IAM, Cost Explorer), boto3 SDK

Security Tools: Splunk, Wazuh, Nessus, MITRE ATT&CK, Fail2Ban concepts, Tripwire concepts

IAM & Identity: Active Directory, RBAC, Group Policy, User Lifecycle Management (JML)

Networking: TCP/IP, DNS, DHCP, SSH, HTTP/HTTPS, MX Records, Port Scanning, Banner Grabbing, OS Fingerprinting, CIDR Notation

Operating Systems: Linux (Ubuntu, Kali, Parrot OS), Windows Server, Windows 10/11

Concepts: Threat Detection, Log Analysis, Incident Response, Vulnerability Management, NIST, HIPAA, Cloud Security, File Integrity Monitoring

Tools: Git, GitHub, VS Code, VirtualBox, Obsidian, Notion

• IT & Digital Systems Consultant — Infrastructure support, Google Workspace administration, and DNS/domain management for healthcare and transport clients in Arkansas and DFW
• Pharmacy Automation Specialist — Operated and troubleshot the Omnicell M5000 automated dispensing system alongside Omnicell engineering staff in a high-stakes, zero fault-tolerance environment
• 7 Years Trading Experience — SPY, IWM, QQQ including 0DTE options strategies with structured risk management

• ☁️ AWS Cloud Practitioner — in progress (Target: July 2026)
• 🔬 Expanding homelab with cloud-integrated security monitoring
• 📋 CompTIA SecAI+ (CY0-001) — roadmap target
• ☁️ AWS Security Specialty — roadmap target
• 🏗️ AWS Solutions Architect — roadmap target
• 🤖 AWS Machine Learning Specialty — roadmap target
• 🎯 Open to: Security Analyst · SOC Analyst · IT Support · Cloud Security Engineer

📍 DFW Area — Remote & Hybrid Open

💡 Building in public. Documenting the journey from trader to cloud security engineer.