Security Analyst with 4 years of cybersecurity experience supporting government sector operations. Specialized in threat hunting, alert triage, incident response, and cloud security engineering. Currently transitioning from SOC operations to Cloud Security Engineer roles through hands-on multi-cloud implementations, purple team operations, and Infrastructure as Code automation.

Current Role: SOC Analyst
Education: M.S. Cybersecurity Technology - UMGC
Certifications: Security+ CE
Location: DMV Area

• Cloud Security: AWS IAM, Azure AD/RBAC, CloudTrail, Activity Logs, IAM Access Analyzer
• Infrastructure as Code: Terraform (AWS & Azure)
• Security Operations: Threat Hunting, Incident Response, Alert Triage, Detection Engineering
• SIEM/Logging: Wazuh, Graylog, OpenSearch, Splunk
• Cloud Platforms: AWS, Azure, Unraid, Docker
• Security Tools: Kali Linux, Metasploit, Nmap, Wireshark, CrowdStrike, Tenable, Zscaler
• Compliance & Frameworks: ISO27001:2022, NIST CSF, CIS Benchmarks

Multi-cloud security engineering portfolio demonstrating IAM, monitoring, and purple team implementations

A comprehensive portfolio of production-quality cloud security implementations across AWS and Azure, built with Infrastructure as Code.

Completed Labs:

• ✅ AWS & Azure Account Baselines: CloudTrail/Activity Log configuration, MFA enforcement, budget monitoring
• ✅ Custom IAM Implementations: Least-privilege security auditor policies with Terraform automation
• ✅ IAM Access Analyzer: Privilege detection and external access monitoring
• ✅ MFA-Enforced Roles: Tested role assumption with temporary credentials
• ✅ AWS vs Azure Comparison: Comprehensive architectural and implementation analysis

In Progress:

• 🚧 GuardDuty & Microsoft Sentinel SIEM deployment
• 🚧 Network security architectures (VPC/VNet)
• 🚧 Purple team cloud attack/defense scenarios

Tech Stack: Terraform, AWS IAM, Azure AD/RBAC, CloudTrail, Activity Logs, Python

View Portfolio → | AWS vs Azure IAM Comparison →

Comprehensive cybersecurity testing environment for offensive and defensive security skill development

A production-grade purple team infrastructure built on Unraid, demonstrating attack simulation and detection engineering capabilities.

• Attack Platform: Kali Linux (Raspberry Pi 4), Metasploitable 2
• Detection Stack: Wazuh SIEM, Graylog, OpenSearch, MongoDB
• Methodology: MITRE ATT&CK technique documentation with attack/defense correlation
• Focus: Vulnerability assessment, detection rule development, incident response

View Documentation | Read Blog Post

Enterprise-grade procedures and playbooks for common security scenarios

Professional incident response documentation demonstrating operational security capabilities.

• Structured decision trees for rapid response
• Cloud-specific detection and containment strategies
• Compliance-aligned procedures (ISO27001, NIST)

View Documentation

Production-grade network security implementation with defense-in-depth principles

Demonstrates network security engineering and secure infrastructure design.

• Tailscale VPN for zero-trust remote access
• Network segmentation and IoT isolation
• Nextcloud deployment with security hardening
• Docker container security best practices

View Documentation | Blog Post

SOC Analyst - Federal Contractor (DMV Area)

• Threat hunting and incident response in AWS cloud environments
• Enterprise security tool operations: Splunk, CrowdStrike, Tenable, Zscaler
• ISO27001:2022 compliance program leadership
• Security alert triage and investigation
• Cloud security configuration and monitoring

Previous Roles: Security Analyst, Jr. Security Analyst, Help Desk Analyst

Technical content at gregqlewis.com covering:

• Cloud security engineering
• Purple team methodologies
• Career transition insights
• Faith and technology integration

🎯 Career Goal: Transition to Cloud Security Engineer role in DMV federal market

Active Projects:

• Building multi-cloud security implementations with IaC
• Developing cloud-native detection and response capabilities
• Documenting purple team methodologies in cloud environments
• Contributing to cybersecurity knowledge sharing

• LinkedIn: linkedin.com/in/gregqlewis
• Blog: gregqlewis.com
• Email: greg@gregqlewis.com
• GitHub: Cloud Security Labs

Building in public - documenting my journey from SOC operations to Cloud Security Engineering