Azure Sentinel β’ Wazuh β’ Splunk β’ KQL β’ Python β’ React β’ Node.js β’ TypeScript β’ Melbourne, Australia
Master of Cybersecurity (Monash, Group of Eight) | AWS Certified | Full Work Rights (485 Visa)
π Cybersecurity Portfolio: https://cybersecurity-portfolio-drab.vercel.app | π Dev Portfolio: https://my-portfolio-seven-tawny-79.vercel.app
πΌ LinkedIn: https://www.linkedin.com/in/fadhih | π» GitHub: https://github.com/mdfadhih
Security & Cloud Engineer and Full Stack Developer with 3+ years building production applications and hands-on SOC operations experience across Azure Sentinel, Wazuh, and Splunk.
- π Built 3 cybersecurity projects β Azure Sentinel SOC lab, Wazuh+Splunk home lab (1,195 alerts), Python OWASP scanner
- π‘οΈ SOC internship at Digillium β 500+ monthly alerts triaged, zero missed critical events, 20% false positive reduction
- βοΈ AWS CCP certified | Master of Cybersecurity β Monash University (Group of Eight)
- π€ Built DocuChat β full-stack RAG app with Gemini AI, vector embeddings and streaming responses
- β‘ 8+ production applications serving 10,000+ daily users
- π Based in Melbourne, Australia with full work rights (485 Visa)
I combine security operations, cloud engineering, and full stack development β meaning I don't just detect threats, I understand how systems are built and where they break.
- β SOC operations β real internship experience triaging 500+ monthly alerts in 24/7 production
- β Hands-on lab work β 1,195 Wazuh alerts, Azure Sentinel KQL rules, Kali Linux attack simulations
- β Secure development β OWASP Top 10, JWT/OAuth 2.0, IAM least-privilege built into every project
- β AI engineering β RAG pipelines, vector search, LLM integration, streaming responses
Tech: Azure Sentinel Β· KQL Β· AWS CloudTrail Β· GuardDuty Β· Windows Server 2022 Β· NIST IR
Cloud SOC detection lab on Microsoft Azure β simulated 5 MITRE ATT&CK techniques, wrote 8 custom KQL detection rules, documented 3 NIST IR incident reports.
- π― 5 attack simulations: T1110 brute force Β· T1053 persistence Β· T1059.001 PowerShell Β· T1087 enumeration Β· T1078 valid accounts
- π 8 custom KQL Sentinel Analytics rules with MITRE mapping and tuning notes
- π 3 full NIST IR incident reports with evidence chains and remediation
- βοΈ AWS CloudTrail + GuardDuty layer for cloud threat detection
Tech: Wazuh 4.7 Β· Splunk 9.2 Β· Kali Linux Β· VirtualBox Β· Metasploit Β· Hydra Β· Sysmon
3-VM home SOC lab β Ubuntu (Wazuh SIEM), Windows Server 2022 (target), Kali Linux (attacker). Real attacks, real detections.
- π¨ 1,195 total Wazuh alerts Β· Level 12 Critical detection (T1484 β Administrators group changed)
- βοΈ nmap Β· Hydra Β· Metasploit EternalBlue from Kali Linux attacker VM
- π 3 Splunk dashboards: Failed Login Monitor Β· Process Creation Β· Security Events Overview
- π 3 NIST IR incident reports covering reconnaissance, brute force, privilege escalation
Tech: Python 3.11 Β· Docker Β· GitHub Actions Β· OWASP Β· DVWA Β· pytest
Custom Python web vulnerability scanner with 5 OWASP checks and HTML report generation.
- π 5 checks: SQL injection (A03) Β· XSS (A03) Β· Open ports (A05) Β· Security headers (A05) Β· Directory traversal (A01)
- π Generates HTML reports with severity ratings, OWASP reference and remediation guidance
- π³ Dockerised + GitHub Actions CI β spins up DVWA, runs pytest, executes full scan on every push
- β Confirmed detections across all 5 OWASP checks against DVWA
Tech: React Β· TypeScript Β· Node.js Β· Gemini AI Β· Supabase pgvector Β· Vercel Β· Render
Full-stack RAG application β upload any PDF and chat with it using natural language.
- π§ Complete RAG pipeline: PDF parsing β chunking β vector embeddings β cosine similarity β streaming LLM response
- β‘ Streaming responses token by token using Server-Sent Events
- π― Dynamic question suggestions generated from document content using Gemini AI
- ποΈ Vector storage with Supabase pgvector (768-dim Gemini embeddings)
Tech: React Β· TypeScript Β· AWS Lambda Β· S3 Β· API Gateway Β· IAM
- Serverless architecture with secure S3 upload using presigned URLs and IAM least-privilege access control
- Reduced image processing time by 30% with optimised Lambda functions
- Sub-second response times across all endpoints
π Job Search Platform
Tech: React Β· TypeScript Β· Python (Flask) Β· PostgreSQL Β· Mapbox
- Full-stack application with dynamic filtering and map visualisation
- Optimised PostgreSQL queries achieving sub-200ms response times
- Increased user engagement by 35% through geospatial interface
- π Actively seeking SOC Analyst / Security Analyst roles in Melbourne
- π‘οΈ Studying CompTIA Security+ SY0-701 (expected Aug 2026)
- π€ Building AI-powered applications with RAG pipelines and LLM integration
- βοΈ Expanding AWS and Azure security expertise
- π Building production-ready applications with Next.js and TypeScript
π Melbourne, Australia | πΌ Open to: SOC Analyst Β· Security Analyst Β· Cloud Security Β· Full Stack Engineer
β‘ I combine security operations, cloud engineering, and full stack development β building things that are fast, secure, and production-ready.