I'm Thong,
a cybersecurity enthusiast
exploring Linux, cloud, &
everything IT
About Me
After being in the agriculture industry for 10 years, I've decided to shift gears into navigating the vastness of IT and cybersecurity. My journey is all about constant learning and humble adaptation. Let's protect our digital landscapes and cultivate security together!
View ResumeCertifications
Reflects an understanding of computer hardware and software, emphasizing troubleshooting, problem-solving, and technical support skills
Focuses on foundational cybersecurity knowledge and skills, highlighting the principles of risk management, incident response, threat identification and data protection
Working knowledge to perform incident detection, prevention and response through continuous security monitoring which includes threat hunting and vulnerability management
Validates the skills and knowledge required to perform core system administration tasks in Red Hat Enterprise Linux environments.
Demonstrates skills in automating Red Hat Enterprise Linux environments and focuses on managing multiple systems using Ansible for automation, streamlining tasks such as configuration, deployment, and security management in a DevOps environment​.
Provides a solid understanding of IT service management best practices, aligning IT services with business needs through the ITIL framework
Provides foundational knowledge in cloud services, specifically through Microsoft Azure, covering core cloud concepts, services, solutions, management, and security principles
Ability to manange cloud services that cover storage, security, networking, and compute capabilities within the Microsoft Azure cloud environment
Proficiency in securing cloud services that span identity and access management, advanced threat protection, and security operations within the Microsoft Azure environment
Comprehensive understanding of AWS services and technologies. Skilled in building secure, scalable, and resilient solutions. Expertise in designing efficient, fault-tolerant distributed systems using architectural best practices
Projects
Here are some of my favorite projects I have done lately. Feel free to check them out.
-
Malware AnalysisSecurity Onion Workshop -
Cloud SecurityAzure Honeynet -
Email AnalysisProject Fishy Phisshing -
Vulnerability Management CycleQualys Quest Analysis -
OSINT Web AppThe Cyber Streetracker -
System MonitoringHA-WebTrack -
Elastic SIEMElastic_Labs -
High Performance ComputingHPC_CryptoCluster -
Automated STIG ComplianceSTIG-Hardened -
Automated Breach IntelligenceBreach-Tracker -
Automated CVE IntelligenceCVEDataLake -
Cloud Weather AlertsWeather-Dashboard-Automation
Security Onion Workshop
Setting up a virtual SOC environment using Security Onion, OSINT, and tools like Wireshark for malware analysis, case management and incident response
- SIEM
- Pcap Analysis
- Incident Report
Azure SOC & Honeynet
Developed an Azure-based honeynet with integrated log analysis and Microsoft Sentinel, employing NIST guidelines to enhance security monitoring and incident response.
- SIEM
- Live Traffic
- Network Security Group
- Hardening
Project Fishy Phisshing
This project leverages automation and analysis tools to dissect phishing emails, aiming to enhance cybersecurity awareness through detailed reports.
- Python
- Email Analysis
- Phishing Report
Qualys Quest Analysis
Utilizing Qualys, this project implements the vulnerability management cycle, and compiles findings with pivot tables into a report to illustrate efficient vulnerability management practices.
- Vulnerability Management
- MITRE CVE
- Remediation
- Pivot Tables
The Cyber Streetracker
A web app delivering real-time cybersecurity news and vulnerability search with OAuth 2.0, Azure Functions, and a Web Application Firewall for secure, responsive performance
- OSINT
- CVE
- CI/CD
- Web Development
- Oauth2
HA-WebTrack
A high-availability web server setup using Ansible, featuring automated deployment, HAProxy load balancing, real-time monitoring with Prometheus/Grafana/Loki, high-load stress testing and failover scenarios.
- High Availability
- Ansible Automation
- Red Hat Linux
- Infrastructure as Code
Elastic_Labs
Automated deployment of a Elastic SIEM on RHEL VMs, with Elasticsearch, Kibana, and Zeek for real-time network and endpoint security monitoring. The setup emphasizes Ansible automation and policy management through Fleet and live security alert testing.
- SIEM
- Ansible Automation
- Red Hat Linux
- Infrastructure as Code
HPC_CryptoCluster
Automated deployment of a high-performance computing (HPC) cluster featuring stateless compute nodes with Warewulf, Slurm for job scheduling, and John the Ripper for distributed password cracking.
- HPC Infrastructure
- Ansible Automation
- Distributed Computing
- Containerization
STIG-Hardened
Automated workflow to scan, remediate, and validate RHEL 9 systems for DISA STIG compliance using Ansible and SCC. Achieves over 80% compliance with repeatable, scalable methods for system hardening and security baselines.
- System Hardening
- STIG Compliance
- Ansible Automation
- Security Baselines
Breach-Tracker
AWS-based system that automates breach data retrieval using a Flask app on ECS Fargate. Integrates API Gateway, ALB, and ECS for secure and scalable data delivery. Built with Terraform and Ansible for streamlined infrastructure deployment and management.
- Cloud Security
- AWS Infrastructure
- Terraform & Ansible
- Automation
CVEDataLake
Automates CVE data ingestion, storage, and querying using AWS S3, Glue, and Athena. Integrates public data sources with structured querying to enable security teams to analyze vulnerabilities efficiently. Uses Ansible for deployment automation and generates JSON reports for audits, dashboards, and security workflows.
- Security Automation
- AWS Data Lake
- Ansible Deployment
- Vulnerability Intelligence
Weather-Dashboard-Automation
Fully automated solution using AWS and Ansible to fetch daily weather data, store it in S3, trigger a Lambda function via EventBridge, and send aggregated weather reports via SNS. Built with Infrastructure as Code (IaC) principles.
- AWS Automation
- Serverless Architecture
- Ansible & IaC
- Cloud Workflows
Get In Touch
I'd love to hear from you. Whether you have a question about my projects or just want to chat — shoot me a message.