Cybersecurity builder focused on designing Zero Trust, identity-aware defensive systems that improve how users and organizations make security decisions.

Builds practical security projects that simulate real-world access control decisions, threat detection scenarios, and user-focused defensive tooling.

Portfolio work emphasizes:

• least privilege access control and policy enforcement
• contextual authentication and risk-based decision logic
• security telemetry and structured logging concepts
• user-centered security tools with explainable outputs
• transparent, accountable, and ethical security design

Academic concentration in AI-driven cybersecurity, combined with a minor in AI Ethics & Philosophy, informs a design approach that prioritizes security effectiveness, accountability, and human impact.

I build security systems that think before they trust.

Interested in contributing to:

Security Operations (SOC) • Identity Security (IAM) • Threat Detection • Security Engineering

🧠 Core Mission

To design and build an AI Guardian Assistant — a system that protects users in real time by combining:

AI-driven decision support cybersecurity defense privacy protection identity-aware access control

The goal is to create technology that not only detects threats but also helps users understand and respond to them safely.

Designed to simulate how modern organizations make real-time access decisions under uncertainty, using Zero Trust principles and contextual risk signals.

Demonstrates how security systems can move beyond static rules to dynamic, behavior-aware decision-making.

Zero Trust security simulation platform designed to model how modern systems evaluate access requests using identity, behavior, and contextual risk signals.

Simulates SOC-style alert generation based on anomalous access activity and decision outcomes.

This project demonstrates how organizations apply Zero Trust principles to enforce access control, detect suspicious behavior, and support security decision-making in real-world environments.

🧠 Tech Stack: Next.js • React • Tailwind • SQLite

🔗 Repository:
https://github.com/AL91Cole/ai-guardian-assistant-project-labyrinth

• dynamic allow/deny / route decision logic
• identity-aware access evaluation using contextual risk signals (device trust, anomaly score)
• least privilege policy modeling and enforcement
• anomaly-aware decision factors for adaptive access control
• private vault with strict access boundaries
• structured audit logging simulating SOC-style event visibility
• deception routing (Labyrinth) for suspicious or high-risk sessions

Zero Trust Architecture
Policy-based access control
Behavior-aware decision logic
Security logging and event visibility
Threat-aware defensive design

Insights from hands-on lab training are applied in Project Labyrinth to simulate:

• security monitoring and alert generation
• identity-aware access decisions
• anomaly-based threat detection

Privacy-first browser security assistant designed to help users identify risky websites, suspicious links, and potential phishing threats in real time through clear, explainable security insights.

🛡️ Live Chrome Extension (Install & Test):
https://chromewebstore.google.com/detail/ipledehmklfhhdpobeogfdhmhdhmnden

💻 Repository:
https://github.com/AL91Cole/ai-guardian-web-shield

• contextual site risk evaluation based on page behavior and patterns
• suspicious link and phishing indicator detection
• download risk awareness and signaling
• explanation-first security messaging for non-technical users
• privacy-conscious, local-first analysis approach

Browser security awareness
Phishing detection principles
User-focused defensive tooling
Security communication design
Risk visibility and decision support

👉 Install the extension and visit any website to see real-time risk insights

Focuses on bridging the gap between technical security detection and real user understanding, making cybersecurity more accessible and actionable.

University at Albany (SUNY)
Bachelor of Science — Cybersecurity

Concentration: AI-Driven Cybersecurity & Ethical Hacking
Minor: AI Ethics & Philosophy

Relevant Focus Areas

• Identity and access management (IAM)
• Access control architecture and policy design
• Threat detection and security monitoring concepts
• Secure system design and defensive architecture
• Responsible and ethical AI systems

Focused on applying Zero Trust principles and identity-aware security design to real-world systems.

Applied skills developed through hands-on projects, simulations, and lab-based learning.

• Zero Trust architecture and identity-aware access design
• Identity & Access Management (IAM) and RBAC enforcement
• Least privilege implementation and policy design
• Authentication and authorization workflows
• Threat detection concepts and behavioral analysis
• Incident response fundamentals and triage thinking
• Security logging and event visibility concepts
• Defense-in-depth strategy
• Risk-based decision logic

• Security Operations Center (SOC) workflows
• Threat analysis and security event interpretation
• Log review and anomaly identification
• Attack surface awareness and basic threat modeling
• Vulnerability awareness and risk prioritization
• Phishing detection and user risk indicators
• Endpoint risk awareness

• Windows and Linux environments
• TCP/IP networking fundamentals
• DNS, DHCP, and VPN concepts
• Endpoint troubleshooting
• Operating system fundamentals
• System hardening concepts

• JavaScript, React, Next.js
• Tailwind CSS
• SQLite and SQL fundamentals
• Python fundamentals
• PowerShell fundamentals

• Technical documentation
• Analytical reasoning
• Troubleshooting methodology
• Clear, structured communication
• Pattern recognition and problem solving
• Security-focused thinking
• Attention to detail

• Log analysis using simulated audit logs (Project Labyrinth)
• Hands-on labs via TryHackMe (networking, Linux, web security)
• Security event interpretation and basic investigation workflows

🧪 TryHackMe (Hands-On Cybersecurity Labs)
https://tryhackme.com/p/Alan91Cole

Actively completing guided cybersecurity pathways and real-world simulation labs.

Certifications
• Cyber Security 101 (SEC1)
• Pre Security (SEC0)

Hands-on lab experience across networking, Linux systems, web security, and foundational threat detection, reinforcing practical skills in security analysis, system behavior, and attack surface awareness.

Directly supports development of SOC workflows, threat detection, and system-level security analysis.

Applies lab-based learning to simulate real-world security scenarios, including monitoring, detection, and access control decision-making.

Key focus areas:
• Network traffic analysis
• Web application security
• Security operations fundamentals
• Credential and password attack concepts

Hands-on lab progression indicates strongest development in:

• Security Operations and monitoring workflows
• Identity Security and access control
• Threat detection and behavioral analysis

Currently expanding skills in:

• Incident response workflows
• Advanced attack techniques and exploitation

Expanding portfolio depth through hands-on projects and simulations in:

• identity-aware system design and access control workflows
• defensive decision modeling using contextual risk signals
• practical Zero Trust architecture implementation
• security telemetry and event visibility concepts
• user-protective security tooling and UX design
• ethical and explainable security system design • simulated threat detection and anomaly-based alerting workflows

Actively developing capabilities to contribute in:

Primary: Security Operations (SOC) and Threat Detection
Secondary: Identity & Access Management (IAM)

Focused on applying Zero Trust principles, behavioral analysis, and identity-aware security design to real-world defensive systems.

🔗 LinkedIn
https://www.linkedin.com/in/alan91cole

💻 GitHub
https://github.com/AL91Cole

Security should be technically strong, ethically grounded, and designed with real users in mind.

Building systems that balance protection, transparency, and human impact.

— Alan Cole