Cybersecurity Portfolio — Melbourne, AU

Mohamed Fadhih Security & Cloud Engineer · Full Stack Developer

Master of Cybersecurity (Monash, Group of Eight) · SOC operations · Cloud security · Secure development. Full Australian work rights (485 Visa, valid Feb 2028).

SOC Operations Azure Sentinel Wazuh · Splunk KQL MITRE ATT&CK AWS Security NIST IR ASD Essential Eight Python React · Node.js
$ whoami
mohamed_fadhih # security analyst · full-stack dev · Melbourne
 
$ cat certifications.txt
✓ Master of Cybersecurity — Monash University (Group of Eight)
✓ AWS Certified Cloud Practitioner
✓ Google Cybersecurity Professional Certificate
 
$ cat impact.txt
500+ alerts triaged · 0 missed critical events · 20% false positive reduction
1,195 Wazuh alerts · Level 12 Critical detected · 3 projects live on GitHub
$
500+
alerts triaged/month
1,195
Wazuh alerts generated
23
IAM misconfigs found
3
projects on GitHub

Security Projects

Three Projects

01 / CLOUD SIEM
◉ Azure Sentinel Lab

Centralised Log Monitoring & Threat Detection

Cloud-based SOC detection lab on Microsoft Azure. Deployed Windows Server 2022 as attack target, simulated 5 MITRE ATT&CK techniques, wrote 8 custom KQL detection rules in Sentinel, and documented 3 NIST IR incident reports.

KEY DETECTIONS

Brute force (T1110) · Scheduled task persistence (T1053) · PowerShell execution (T1059.001) · Account enumeration (T1087) · After-hours login (T1078)

Azure Sentinel KQL Log Analytics MITRE ATT&CK NIST IR Windows Server AMA Agent
02 / HOME SOC LAB
◎ Wazuh + Splunk

Home SOC Lab — Attack Simulation & Detection

Full home SOC lab on VirtualBox with 3 VMs — Ubuntu (Wazuh SIEM), Windows Server 2022 (target), Kali Linux (attacker). Ran 5 real attacks, generated 1,195 Wazuh alerts including Level 12 Critical. Built 3 Splunk dashboards.

KEY STATS

1,195 total alerts · Level 12 Critical (T1484) · 112 auth failures · nmap + Hydra + Metasploit from Kali

Wazuh 4.7 Splunk 9.2 Kali Linux VirtualBox Metasploit Hydra Sysmon NIST IR
03 / APPSEC TOOL
◈ Python + Docker

Python Vulnerability Scanner — OWASP Top 10

Custom Python web vulnerability scanner with 5 OWASP checks — SQL injection, XSS, open ports, missing security headers, and directory traversal. Generates HTML reports with severity ratings and remediation. Docker + GitHub Actions CI.

OWASP COVERAGE

A01 Directory Traversal · A03 SQL Injection + XSS · A05 Security Headers + Open Ports

Python 3.11 OWASP Top 10 Docker GitHub Actions DVWA requests pytest

Technical Skills

Security Expertise

SOC & Monitoring

Azure Sentinel / KQL
Pro
Wazuh SIEM
Pro
Splunk
Mid
Alert Triage
Pro
MITRE ATT&CK
Pro

Cloud Security

AWS IAM
Pro
CloudTrail / GuardDuty
Mid
Azure Defender
Mid
S3 Security
Pro
ASD Essential Eight
Mid

Frameworks

NIST IR Framework
Pro
ISO 27001
Mid
OWASP Top 10
Pro
Incident Response
Pro
Vulnerability Mgmt
Mid

Secure Development

Python
Pro
React / TypeScript
Pro
Node.js / NestJS
Pro
Docker / CI/CD
Mid
JWT / OAuth2
Mid

Credentials

Certifications & Education

🎓
Master of Cybersecurity
Monash University (Group of Eight) · Melbourne
✓ Completed
☁️
AWS Certified Cloud Practitioner
Amazon Web Services · 2025
↗ Verify Certificate
🔐
Google Cybersecurity Professional
Google / Coursera · 2025
↗ Verify Certificate
🎯
CompTIA Security+
CompTIA · In progress
→ Studying now

Work History

Security Experience

Sep 2025 – Dec 2025 · Singapore (Remote)
Cloud & Security Operations Intern
Digillium Pte Ltd
Monitored 500+ monthly production alerts via Azure Sentinel and Splunk — achieving zero missed critical events. Investigated 40+ high-severity incidents using NIST IR Framework, reducing MTTR by 25%. Cut alert false positive rate by 20% by refining Sentinel correlation rules.
Azure SentinelSplunkKQLNIST IR24/7 SOC
Jan 2025 – Jul 2025 · Singapore (Remote)
AWS Cloud & Infrastructure Intern
Whizzstar Pte Ltd
Audited 200+ AWS IAM policies — identifying 23 critical misconfigurations. Improved cloud compliance by 30% through ISO 27001 and ASD Essential Eight remediation. Maintained 100% alert coverage across AWS and Azure environments.
AWS IAMCloudTrailGuardDutyISO 27001ASD E8
Jul 2023 – Jun 2024 · Melbourne · Hybrid
Software Developer
Monash University
Built full-stack Next.js production application serving 5,000+ monthly users. Lifted Lighthouse score from 62 to 97. Cut API response time by 75% through query optimisation. Established CI/CD with GitHub Actions and Docker.
ReactNext.jsNode.jsAWSDocker

[ OPEN TO OPPORTUNITIES ]

Ready for Day One

Full Australian work rights (485 Visa, valid Feb 2028) · Melbourne-based · Available immediately
Targeting: SOC Analyst · Security Analyst · Cloud Security Engineer · AppSec roles in Australia