Caleb Espinoza
Cybersecurity Analyst specializing in threat hunting, vulnerability management, and SIEM-driven security operations across cloud and enterprise environments.
Security Stack & Certs
SIEM: Sentinel | Splunk
Vulnerability: Nessus | Qualys
Endpoint Security: Defender & Purview
Cloud: Azure Security | AWS
Tools: Wireshark | Nmap | Burp SuiteCertifications:
Security+ | CySA+ | Pentest+ | Network+
ISC² SSCP | LPI Linux Essential | ITIL 4
Digital Forensics using Autopsy Lab
Conducted a digital forensic investigation using Autopsy to analyze a suspect disk image. Recovered deleted proprietary documents, performed keyword searches, examined metadata artifacts, and built a timeline of user activity indicating potential data exfiltration.
Security Capabilities
Hands-on experience investigating threats and analyzing security telemetry in cloud-based SOC environments. Focused on detection, investigation, and response using modern security tools.• SIEM monitoring with Microsoft Sentinel
• Data Loss Prevention (DLP) policy creation, tuning, and monitoring using Microsoft Purview
• Threat hunting and log analysis using KQL
• Digital forensics using Autopsy
• Cloud security monitoring in Microsoft Azure
Azure Sentinel SOC Honeypot Lab
Deployed an internet-facing Azure honeypot to capture real attack traffic and investigate threats using Microsoft Sentinel SIEM and custom KQL queries.
Internet-exposed Azure VM honeypot
Attack telemetry ingested into Sentinel SIEM
Custom KQL queries for brute-force detection
Geolocation mapping of attacker IP activity
Threat Remediation & Hardening Lab
Analyzed real-world attack activity collected from an Azure honeypot and implemented security controls to detect, investigate, and remediate threats using Microsoft Sentinel.
Investigated brute-force attacks using KQL queries
Created Sentinel analytics rule for threat detection
Performed incident investigation and response
Blocked malicious IPs using Azure NSG rules
Implemented network hardening to reduce attack surface