DerFiSiker
Junior SOC Analyst | System Integration Specialist (IHK 2026)
I build practical cybersecurity detection skills through hands-on SOC simulations, homelab environments and documented attack analysis.
SOC Analyst Activity Dashboard
Training Progress
Continuous Blue Team & Detection Engineering Training
Detection Use Cases
Active Directory Lateral Movement Detection
2025-11
Network Discovery Monitoring
2025-10
Brute Force Detection
2025-09
// about
About Me
I am a certified System Integration Specialist (IHK) transitioning into cybersecurity with a clear focus on Blue Team and SOC operations. My background in IT infrastructure gives me a strong foundation for understanding enterprise environments, network architecture, and system administration.
I am building my cybersecurity skill set through structured learning paths, hands-on homelab environments, and documented SOC use case analysis. My approach is practical: I simulate real attack scenarios, detect them using SIEM tools, and document my findings methodically.
I am passionate about detection engineering, log analysis, and incident response. Every use case in my portfolio represents a real detection scenario I built, tested, and analyzed from scratch.
Blue Team Focus
Dedicated to defensive security operations, threat detection, and incident response.
Detection & Monitoring
Hands-on experience building SIEM rules, analyzing logs, and identifying attack patterns.
SOC Operations
Alert triage, threat investigation, and documented analysis of security events.
System Integration
IHK-certified System Integration Specialist with strong infrastructure fundamentals.
// portfolio
SOC Portfolio
Documented SOC use cases built from scratch in my homelab. Each project includes attack simulation, detection, log analysis, and lessons learned.
Active Directory Lateral Movement Detection
Detect and analyze lateral movement techniques within an Active Directory environment using Wazuh SIEM and Windows Event Logs.
Network Discovery Monitoring
Detect unauthorized network scanning and reconnaissance activity within the internal network using Wazuh and Suricata IDS.
Brute Force Detection
Detect and respond to SSH and RDP brute force attacks using Wazuh active response and Windows Event Log monitoring.
Suspicious PowerShell Activity
Detect malicious PowerShell execution patterns including encoded commands, download cradles, and AMSI bypass attempts using Wazuh and Sysmon.
// homelab
Lab Environment
A purpose-built homelab environment for simulating enterprise attack and detection scenarios.
Windows Server 2022
Domain Controller
Active Directory, DNS, Group Policy, Event Logging
Windows 10 Clients
Endpoints
Sysmon, Wazuh Agent, PowerShell Logging enabled
Kali Linux
Attacker Machine
Nmap, Hydra, Mimikatz, Metasploit, custom scripts
Wazuh SIEM
Detection Platform
Manager + Agents, custom rules, active response
Suricata IDS
Network Detection
Inline IDS/IPS, custom signatures, pcap analysis
ELK Stack
Log Management
Elasticsearch, Logstash, Kibana for advanced analysis
Network Architecture Diagram
AD Domain -> Windows Clients -> Kali Linux -> Wazuh SIEM -> Suricata/ELK
// journey
Learning Journey
Structured learning path from IT fundamentals to SOC operations.
IHK Graduation
System Integration Specialist
Completing certified IT specialist training with focus on system integration and network infrastructure.
TryHackMe Pre-SOC Path
Completed
Finished the Pre-Security and SOC Level 1 preparation learning paths covering networking fundamentals, Linux, and web security basics.
SOC Level 1 Training
In Progress
Working through hands-on SOC analyst training including SIEM operations, log analysis, threat intelligence, and incident handling.
CompTIA Network+
Preparation
Preparing for Network+ certification to validate networking knowledge including troubleshooting, configuration, and management.
// contact
Get in Touch
Interested in working together or have questions about my work? I am always open to discussing SOC operations and cybersecurity.