// Cybersecurity and GRC professional with hands-on experience in governance, risk, compliance, security operations, and practical security projects across technical and business-facing environments.
Building secure systems through governance, risk, and compliance. Combining hands-on security projects with real-world experience in protecting data, systems, and organisations.
Things I've built and created
Developed a structured cybersecurity risk register aligned with ISO 27001 and UK GDPR, applying risk scoring, prioritisation, and treatment strategies across data protection, vendor risk, and regulatory compliance areas.
Designed and analyzed intrusion detection systems for a university project. Investigated real packet captures using Wireshark to identify attack lifecycles โ from reconnaissance to data exfiltration. Applied signature-based, anomaly-based, and stateful protocol analysis aligned with NIST IDPS guidance.
A lightweight Bash-based security tool that detects duplicate SSIDs with different BSSIDs โ a common indicator of potential Evil Twin attacks used in rogue access point and man-in-the-middle scenarios.
A Linux-based cybersecurity wargame inspired by OverTheWire, designed to teach Identity and Access Management through hands-on challenges. Players move through multiple levels by exploiting misconfigurations related to permissions, groups, capabilities, SSH keys, backups, and privilege escalation.
A web security scanner that detects technologies (like Wappalyzer) and checks them against CVE databases (OSV & NVD) to find vulnerabilities. Calculates risk scores and displays results in a clean dark-themed interface.
Documenting challenges and solutions
Breaking XOR encryption using known plaintext attacks. Learn why repeating-key XOR fails when attackers know part of the message.
A beginner-friendly walkthrough covering Nmap scanning, Gobuster enumeration, CVE exploitation, and privilege escalation via vim.
Subdomain enumeration using ffuf and SSL certificate inspection to discover hidden services and capture the flag.
More TryHackMe rooms, HackTheBox machines, and CTF competition writeups coming soon!
I'm a cybersecurity and GRC professional currently pursuing an MSc in Applied Cyber Security at Queenโs University Belfast, with prior hands-on experience across governance, risk, compliance, and security operations.
My background includes supporting ISO 27001-aligned initiatives, Microsoft Purview DLP, audit readiness, incident analysis, and stakeholder reporting across multi-regional environments.
I enjoy combining technical security knowledge with business risk thinking through practical projects, security tooling, writeups, and hands-on labs.