Identity & Access Microsoft 365 Endpoint Support SIEM & Detection Labs

Cybersecurity-Focused IT Analyst

Identity & Access | Microsoft 365 | Active Directory / Entra ID | Endpoint Support | SIEM Labs

Oshawa / GTA, Ontario Targeting Cybersecurity, IAM, IT Security, and Security Operations roles

Production IT support foundation | IAM-adjacent support | Project-backed security depth

I support identity and access, Windows endpoints, and Microsoft 365 in production environments, and I build SOC-style labs focused on log analysis, alert triage, vulnerability checks, and security reporting. My portfolio separates real production IT work from lab and capstone security projects so recruiters can quickly see what I can defend in an interview.

security-lab — evidence
analyst@portfolio-lab:~$
Honest scope. Clear evidence. Strong documentation.
Production
Microsoft 365, access support, MFA, Windows endpoints
Identity
Active Directory, Entra ID, groups, account updates
Security Labs
Splunk, Wazuh, Sysmon, Wireshark, Nmap, OpenVAS

About

A concise overview of my real production IT work and project-backed cybersecurity experience.

Professional summary

I am a cybersecurity-focused IT Analyst based in Oshawa / GTA with hands-on experience supporting Microsoft 365 accounts, user access, MFA, Windows endpoints, troubleshooting, and technical documentation in production environments.

My current work is centered on day-to-day IT operations and identity-related support across Microsoft 365, Active Directory, and Microsoft Entra ID environments. My cybersecurity depth comes from hands-on labs and capstone projects where I practiced log analysis, alert triage, vulnerability assessment, attack simulation, honeypot monitoring, and security reporting.

What I bring

  • Identity and access support: account support, password resets, MFA assistance, group membership checks, and permission review under guidance.
  • Endpoint and user support: Windows troubleshooting, software setup, security hygiene checks, and clear issue documentation.
  • Security lab depth: Splunk, Wazuh, Sysmon, Windows Event Logs, Wireshark, Nmap, OpenVAS, Python, and Streamlit.
  • Documentation discipline: incidents, troubleshooting steps, findings, likely causes, and repeatable resolution notes.

Current focus

I am targeting Cybersecurity Analyst, IAM Analyst, IT Security Analyst, Security Operations Analyst, and Junior SOC Analyst roles where my IT support foundation and project-backed security skills are directly useful.

Experience Snapshot

The public portfolio keeps current production work accurate and does not claim full production SOC ownership.

KMP Innovations Inc. — IT Analyst

Jan 2026 – Present | Canada

  • Support day-to-day IT operations for users, including Microsoft 365 account support, password resets, MFA assistance, endpoint troubleshooting, software setup, and access-related requests.
  • Assist with user access administration in Microsoft 365, Active Directory, and Microsoft Entra ID environments, including account updates, group membership changes, and basic permission checks under guidance.
  • Review basic system, authentication, and endpoint logs during troubleshooting to document findings and escalate unusual activity or policy concerns when required.
  • Perform basic security hygiene checks such as patch status review, antivirus / security setting verification, software configuration checks, and remediation follow-up.
  • Document incidents, troubleshooting steps, likely causes, and resolutions to support repeatable IT operations.

Project-backed security operations

  • Operation Hydra: attack-and-defense capstone covering credential access, lateral movement, detection, and hardening validation.
  • Honeypot Deployment: monitoring and reporting project focused on brute-force attempts and attacker behavior patterns.
  • Personal Cyber Risk Scanner: Python, Nmap, and Streamlit tool for open-port checks and repeatable reporting.

Additional background

  • Customer-facing Canadian work experience supporting communication, reliability, multitasking, and issue handling.
  • Academic and independent technical builds across cybersecurity, AI, backend development, and automation.
  • Leadership experience coordinating teams, projects, and student activities.

Security Lab Snapshot

A recruiter-friendly view of the lab evidence behind my security claims.

Evidence Overview

Project-backed
Core Security Projects
0
SIEM Tools Practiced
0
Primary Lab Focus Areas
0
Current Production Role
0

Lab Evidence

Sanitized
LAB
Wazuh and Sysmon detection notes Operation Hydra • Windows telemetry • Evidence review
LAB
Honeypot attacker behavior summary Cowrie • brute-force patterns • defensive reporting
TOOL
Python and Nmap scanner workflow Streamlit UI • open-port checks • repeatable report

Scope Clarity

Defendable
Production IT support Current role
Identity and access support Current role
SIEM and detection practice Labs
Attack simulation Capstone
Vulnerability checks Projects

Featured Projects

Three focused case studies showing methodology, tools, findings, outcomes, and lessons learned.

Honeypot deployment and threat monitoring thumbnail

Honeypot Deployment & Early Threat Monitoring

Cowrie Linux ELK Reporting

Capstone project focused on deploying a honeypot, capturing brute-force and unauthorized access attempts, analyzing repeated behavior, and translating findings into defensive recommendations.

  • Evidence: dashboard-style telemetry, attacker pattern summaries, and sanitized reporting.
  • Outcome: clearer understanding of repeated probing behavior and practical monitoring value.
Personal Cyber Risk Scanner interface thumbnail

Personal Cyber Risk Scanner

Python Nmap Streamlit Reporting

Independent project using Python, Nmap, and Streamlit to identify open ports and weak configurations on test systems, then generate repeatable security review reports.

  • Evidence: simple UI, scan workflow, and sample sanitized report format.
  • Outcome: practical tooling that connects basic vulnerability review with documentation.

Skills & Tools

Ordered around the overlap between my current IT Analyst work, identity/access support, and project-backed cybersecurity depth.

Identity & Access

Production-aligned
Microsoft 365 Active Directory Microsoft Entra ID Identity and Access Management Multi-Factor Authentication Access Requests User Administration Permission Checks

Systems & Support

Operations
Windows 10/11 Endpoint Troubleshooting Remote Support Software Setup Patch Review Security Hygiene Checks Technical Documentation

Security Operations Labs

Project-backed
SIEM Splunk Wazuh Sysmon Windows Event Logs Log Analysis Alert Triage Incident Documentation Security Reporting

Vulnerability & Network

Assessment
Nmap OpenVAS Wireshark TCP/IP DNS VLANs pfSense Segmentation

Scripting & Tools

Build
Python PowerShell Bash Streamlit Git Jira Confluence

Additional Technical Range

Secondary
Linux FastAPI MongoDB MySQL YOLOv8 Computer Vision AI App Development

Education & Certifications

Education and certifications are shown conservatively; in-progress credentials are not presented as completed.

Postgraduate Certificate in Cybersecurity

Durham College, Canada

  • Focused on ethical hacking, digital forensics, incident handling, auditing, access control, and security operations labs.
  • Tools and labs included Kali, Splunk, Wazuh, pfSense, Zabbix, FTK Imager, and Autopsy.

Postgraduate Certificate in Artificial Intelligence

Durham College, Canada

  • Studied machine learning, deep learning, NLP, computer vision, Python, and AI application development.
  • Built practical projects involving APIs, dashboards, computer vision, and reporting workflows.

Bachelor of Technology in Information Technology

CHARUSAT University, India

  • Core foundation across programming, networking, databases, web development, operating systems, and information security.
  • Leadership and team coordination experience through student activities and project work.

Certifications in Progress

  • CompTIA Security+ (SY0-701) — currently preparing
  • Splunk Core Certified User — currently preparing
  • Official credential links will be added after completion.

Languages

English French (learning) Gujarati Hindi

Career direction

Near-term: Cybersecurity Analyst, IAM Analyst, IT Security Analyst, Security Operations Analyst, or Junior SOC Analyst. Long-term: deeper detection, threat intelligence, and security operations growth.

Contact

Public contact is limited to role-relevant channels only.

Send a message