Cyber Security Professional

Senior SOC Analyst and Cyber Security Consultant

I help Melbourne teams uplift their SOC maturity with practical detection engineering, streamlined processes, and measurable security outcomes.

Detection engineering • SOAR & automation • Incident response • Microsoft Sentinel • SOC reporting

Delivered a 60% reduction in false positives while embedded with a major Victorian government department.

Detection & Engineering: KQL-based rule design, watchlist enrichment, alert templates, detection tuning.
SOAR & Automation: Logic Apps, Sentinel playbooks, triage automation, data enrichment pipelines.
Platforms: Microsoft Sentinel, Microsoft Defender suite, Entra ID, AlienVault / LevelBlue.
Governance & Professional: Essential Eight uplift, ISO 27001 familiarity, stakeholder comms, documentation, mentoring.

July 2025 – Present

Deliver day-to-day incident response and SOC uplift for government, enterprise, and healthcare customers.

Investigate, triage, and resolve incidents across Microsoft Sentinel, Defender, and LevelBlue SIEM.
Reduce noise and improve fidelity via tuned analytics, watchlists, and playbooks (Logic Apps + automation rules).
Embedded within a Victorian government department to support Sentinel implementation, monitoring, and maturity uplift.
Produce actionable reporting (KQL dashboards and statistical analysis) to support policy and sign-in control changes.
Mentor analysts and act as 2IC to strengthen team capability, handovers, and on-call readiness.

* * *

January 2024 – June 2025

SOCaaS analyst supporting 15+ customers across state/local government, mining, enterprise, and healthcare.

Triaged and managed incidents end to end, recommending containment/remediation and coordinating escalations with customers.
Investigated threats using Microsoft Sentinel/Defender, LevelBlue SIEM, Mimecast, and firewall telemetry (Palo Alto, Check Point).
Led a false-positive reduction initiative through rule tuning and suppression logic, improving detection fidelity.
Presented monthly service reports, explaining trends and recommending changes to reduce noise and improve coverage.
Delivered an Essential Eight–aligned audit response with minimal support, leading to a successful customer outcome.

* * *

January 2023 – January 2024

Seconded to the service desk of a major national retailer, working with the SOC on investigations and frontline response.

Investigated and contained incidents with Mimecast, Exchange Online, and sandbox testing; gathered user evidence to validate impact.
Executed containment/remediation (account isolation, password resets, MFA re-enrolment) to restore secure access quickly.
Supported P1/major incidents using severity matrices to triage impact and coordinate with IT ops, network, and leadership.
Authored 100+ internal KB articles, improving response consistency and accelerating onboarding.
Strengthened stakeholder communication through regular liaison with technical teams and business users during recovery.

* * *

October 2022 – January 2023

Early hands-on exposure across managed services IT and cyber security.

Supported the IT service desk, developing troubleshooting, customer engagement, and documentation skills.
Contributed to an Essential Eight–aligned audit response by gathering, validating, and documenting evidence.
Took ownership of the second evidence round after a lead’s departure, ensuring a complete, on-time submission.
Built a foundation in governance and security maturity that informed later SOC work.

Loading latest posts…

I'm always open to connecting with new people in the industry. You can reach me via email or connect with me on LinkedIn.