SOC Analyst Portfolio

Luke Thompson

Blue-team focused cybersecurity analyst specializing in detection engineering, investigation, and evidence-driven reporting.

Detection & Response SIEM Tuning OSINT Enrichment Threat Hunting
Review an investigation View resume Email Luke
Luke Thompson avatar
  • Focus: SOC Analyst (Blue Team)
  • Strengths: Investigation workflow, MITRE mapping, log analysis
  • Tools: Splunk, Sigma/YARA, OSINT pipelines, EDR triage
  • Goal: Deliver clear, defensible decisions rooted in evidence

Evidence-driven

Incident writeups

Full investigations with log analysis, ATT&CK mapping, and response actions.

Authentication

Brute Force Detection

Windows log review, anomalous patterns, TP determination, and alert tuning recommendations.

Alert ID: SEC-2025-0847 · MITRE: TA0006, T1110

Read investigation →

Network

Beaconing Investigation

Network flow and OSINT correlation to isolate C2 traffic, contain hosts, and recommend controls.

Alert ID: NET-2025-1423 · MITRE: TA0011, T1071

Read investigation →

Endpoint

Malware & EDR Triage

Process lineage review, persistence checks, threat intel enrichment, and remediation actions.

Alert ID: MAL-2025-0921 · MITRE: TA0002, T1059

Read investigation →

Hands-on practice

Labs & training

Documented exercises showing applied skills and takeaways for SOC operations.

TryHackMe

Cyber Defense Pathway

50+ rooms completed with SOC workflows, log parsing, Sigma/YARA, and VirusTotal enrichment.

View training log →

DetectionLab

Windows Event Log Analysis

20+ hours of baselining, lateral movement traces, malware execution review, and KQL/PowerShell queries.

View exercises →

SIEM

Log Parsing & Correlation

Splunk correlation scenarios, alert rule tuning, dashboarding, and performance metrics.

View SIEM notes →

Automation & OSINT

Tools & scripts

Operational helpers built for enrichment, reconnaissance, and log analysis.

Python

IP Reputation Enrichment

Automates AbuseIPDB, VirusTotal, OTX, Shodan, and GeoIP lookups with investigation-ready output.

Read documentation →

Recon

Domain Intelligence Aggregator

DNS, WHOIS, SSL, subdomain discovery, tech fingerprinting, and phishing domain risk scoring.

Read documentation →

Analytics

Log Pattern Analyzer

Z-score and behavioral baselines to surface brute-force, unusual access, and exfiltration anomalies.

Read documentation →

Education

Certifications

  • CompTIA A+ — completed (self-study)
  • CompTIA Network+ — completed (self-study)
  • CompTIA Security+ — in progress (target Q1 2026)

Continued learning

Focus areas

  • Threat hunting & hypothesis building
  • Malware analysis & memory triage
  • Network forensics and packet analysis
  • Cloud security fundamentals
View certification notes → View learning plan →

Open source

Recent GitHub projects

Automatically pulled from public repositories.

Loading projects…

Resume & contact

SOC Analyst (Tier 1) ATS Resume

Career-pivot resume focused on SOC Analyst (Tier 1) / Junior Cybersecurity Analyst roles with a Purple Team mindset.

View resume Email Luke

Need a PDF? Export this resume page to PDF and add it as resume.pdf in the repository root for a direct download.