🚀 Career Pivot in Action: From Banking & Finance to SOC Analyst
This repository contains artifacts from a hands-on cybersecurity capstone project aimed at simulating and detecting network threats in a controlled environment. The project showcases a complete detection and defense workflow using industry-standard tools.
Goal: Build a realistic SOC (Security Operations Center) lab to detect and respond to brute-force SSH attacks, enhancing cybersecurity skills in threat detection, network security, and incident response.
- Wireshark – for network traffic capture and analysis 📊
- Hydra – for controlled SSH brute-force attack simulations 🛠️
- Wazuh SIEM (v4.11.1) – for real-time security monitoring and threat detection ⚡
- pfSense – for firewall protection and network segmentation 🔐
- VirtualBox – for lab virtualization and network isolation 🖥️
- Capture baseline traffic using Wireshark.
- Simulate brute-force attack on SSH with Hydra.
- Detect and alert on suspicious activity with Wazuh.
- Implement network hardening with pfSense.
- Analyze network events and translate findings into business risk language.
- Risk-Management Mindset + Security Tooling = Stronger Defenses.
- Logs are the New Ledgers – turn network data into actionable insight.
- Growth Happens Outside Comfort Zones – curiosity fuels continuous learning.
Performing a brute-force attack captured in the lab:
Traffic Capture with Wireshark:
.png)
Wazuh SIEM Detection and Correlation:
.png)
This project honed my skills in:
- Network architecture and segmentation.
- Traffic analysis and security event correlation.
- Translating technical findings into business risk language.
- Real-world incident detection and response simulation.
"Logs are the new ledgers—turn them into actionable insight."