Cybersecurity Analyst · Security Architecture · Networking · Detection & AI Security Engineering

I am a cybersecurity, architecture, and networking professional, and I build security tools. I co-founded Phour Global Limited / GuardWraith, a cybersecurity tech-solutions firm, where I help architect AI-native security tooling alongside my analyst and engineering work.

Open to opportunities - SOC Analyst · Security Engineer · Detection Engineering · Threat Hunting · Incident Response.

Over the years, I have learned how systems actually work. I trace packets, analyse logs, harden infrastructure, study attack paths, and understand how one weak configuration can compromise an entire environment.

I secure systems against real-world threats, including cross-site scripting, privilege escalation, phishing, credential abuse, lateral movement, and DDoS. I monitor suspicious traffic, investigate abnormal behaviour, secure identities and access controls, and respond to incidents before they become disasters.

Massive volumes of data move every minute across networks, clouds, APIs, applications, authentication systems, and critical infrastructure. Every request, transaction, authentication, and packet depends on systems operating securely and reliably. That requires engineering, monitoring, precision, and constant vigilance from cybersecurity professionals like myself.

I make sure packets move securely, encrypted, and unsniffed across networks. I keep enterprise infrastructure available, systems protected, and data secured at rest and in transit against real threats. I make sure one bad configuration on a critical component does not disrupt or collapse an entire business, that threat actors do not move silently through networks unnoticed, and that incident response time stays low through tested Incident Response and Business Continuity plans.

I approach security from an offensive-informed defensive mindset. I perform legal penetration testing, vulnerability assessments, and attack simulations to identify and mitigate risks before attackers exploit them. I conduct threat hunting for advanced persistent threats (APTs) using industry-standard tools, threat intelligence, behavioural analytics, and MITRE ATT&CK-aligned methodologies, and I design AI-assisted security controls to detect indicators of compromise (IoCs), adversary TTPs, and emerging threats across enterprise environments.

My experience spans SOC operations, threat hunting, SIEM analysis, vulnerability management, network traffic analysis, incident response, and AI-assisted security automation across cloud, hybrid, and on-premises environments.

I design and build the products in the PhourGlobal security ecosystem (check them out):

• GuardWraith - Continuous-Monitoring SOC platform: SIEM, SOAR, XDR, threat intel, & a proprietary GhostAgent for events and logs telemetry and autonomous threat hunting and response.
• IdentityWraith - Identity Attack Surface Management (IASM): IGA, PAM, ITDR, and CIEM across human and machine identities.
• ControlOps - Continuous Governance, Risk, and Compliance: controls, evidence, drift, and audit readiness.

Alongside hands-on focus in:

• Cloud & infrastructure security - IAM hardening, secure baselines, and monitoring across AWS and hybrid estates.
• Threat detection & engineering - detection-as-code, behavioural analytics, and MITRE ATT&CK-aligned coverage.
• Offensive security & vulnerability management - penetration testing, attack simulation, and risk-based remediation.
• Human risk & forensics - phishing defence, email forensics, and malware analysis.
• AI-assisted SecOps - using AI to accelerate triage, investigation, and detection of emerging threats.

Detection, monitoring & SIEM

• Network Monitoring with Splunk - dashboards, searches, and alerting on suspicious traffic
• Security Monitoring & Log Analysis - detection in Security Onion and Splunk
• MITRE ATT&CK Threat Hunting - Navigator-driven hypotheses, queries, and detections

Identity, cloud & infrastructure hardening

• Active Directory Security Baseline - domain controller hardening with baseline GPOs
• AWS Cloud Security Baseline - IAM, S3 encryption, security groups, CloudTrail monitoring
• Linux Access Control & Permission Audit - misconfiguration and SUID review
• Cybersecurity Home Lab - multi-VM lab (Windows, Linux, pfSense, Security Onion)

Offensive security & simulations

• SQL Injection & DDoS Attack Simulation - controlled exploitation and detection (sqlmap, slowloris)
• ARP Spoofing & Packet Sniffing (Bettercap) - MITM attack execution and defence
• Phishing Campaign Simulation & Analysis - GoPhish metrics, awareness, and defence

Malware analysis & forensics

• Static Malware Analysis on a Suspicious File - PE headers, strings, dependencies (PEStudio, IDA)
• Malware Analysis - static and dynamic indicator extraction
• Email Security & Phishing Forensics - header analysis with SPF, DKIM, DMARC

Vulnerability & governance

• Vulnerability Assessment & Exposure Analysis - Nmap, Nessus, Nikto with CVSS-based risk treatment
• Information Security Policy Framework - acceptable-use, password, and access-control policies

SIEM & monitoring

Offensive & analysis

Platforms & code

Frameworks & methodology

📫 Reach me through phourglobal.com or LinkedIn.