Security Analyst Portfolio
A collection of cybersecurity projects applying threat detection, network forensics, and SIEM operations skills hands-on. Each project is fully documented with a case study, tech stack, and live GitHub link.
Hybrid rule-based + ML classification engine with Claude API integration
Built an 8-module Python application integrating IMAP/SMTP, rule-based logic, and Naive Bayes ML classification to detect phishing emails — applying threat detection, alert triage, and security breach identification concepts in a hands-on engineering context.
Extended the detector with Claude API integration (Anthropic) to generate plain-language explanations of every verdict — so non-technical users understand exactly why an email was flagged and what action to take, mirroring how SOC analysts communicate findings to end users.
github.com/trevjacq/phishing-email-detector →Live packet capture with real-time dashboard — 2,800+ packets captured in testing
Built a fully functional 6-module Python tool that captures live network packets using Scapy, parses OSI Layer 3/4 headers (IP, TCP, UDP, ICMP), classifies traffic by protocol and port, and persists all data to a SQLite database — demonstrating hands-on packet inspection and network forensics skills.
Implemented a live terminal dashboard using the Rich library displaying real-time packet counts, total data transferred, top source IPs, and top services. Captured 2,800+ packets and 1.37 MB of traffic in initial testing on a live network interface.
github.com/trevjacq/network-traffic-analyzer →Elastic Stack SIEM with KQL detection rules mapped to MITRE ATT&CK
Built a home SIEM lab on Elastic Stack (Elasticsearch 9.3.3, Kibana, Winlogbeat) ingesting real-time Windows Security event logs from a live Windows 10 host — enabling continuous monitoring of authentication, privilege use, and process creation events across 383 indexed fields.
Developed KQL-based detection rules mapped to MITRE ATT&CK for brute force attempts (Event ID 4625), privilege escalation via group membership changes (4732), and process creation monitoring (4688) — simulated and validated each rule with live test activity generating real alerts in Kibana.
github.com/trevjacq/siem-home-lab →Next project in planning — check back soon
Next project in planning — check back soon