I build practical security projects that demonstrate security monitoring, alert triage, incident response, vulnerability management, and secure system hardening. My portfolio focuses on hands-on Security Operations Center (SOC) workflows with clear documentation and repeatable lab setups.

• Security monitoring + incident response with Wazuh (open source Extended Detection and Response and Security Information and Event Management)
• Active Directory (centralized identity and authentication) attack and defense hardening
• Vulnerability management (scan → prioritize → remediate → re-scan)
• Cloud Security Information and Event Management detections using Microsoft Sentinel (Azure)

• Mini Security Operations Center Lab (Wazuh)

  • Endpoint telemetry, alerting, and incident report write-up
    Repo: https://github.com/amangmab/mini-soc-wazuh

• Active Directory Attack & Defense Lab

  • Domain build, identity attack simulations (lab-only), and defensive controls with evidence
    Repo: https://github.com/amangmab/active-directory-attack-defense

• Vulnerability Management Program

  • Baseline scans, risk-based prioritization, remediation, and validation via re-scans
    Repo: https://github.com/amangmab/vulnerability-management-program/

• Azure Microsoft Sentinel Detection Lab

  • Log ingestion, Kusto Query Language detections, and incident investigation case study
    Repo: https://github.com/amangmab/azure-sentinel-detection-lab

• Security monitoring, alert triage, and incident reporting
• Windows and Linux logging (Windows Security logs, Sysmon System Monitor)
• Vulnerability scanning and remediation validation
• Active Directory fundamentals and identity hardening
• Cloud logging and Security Information and Event Management detections
• Documentation: diagrams, evidence screenshots, executive summaries

• LinkedIn: https://www.linkedin.com/in/aman-abraha/
• Location: Maryland, USA