Certifications
Comptia Security+
Cyber Defense and Threat Hunting
AWS Certified Cloud Practitioner
✅ AWS Cloud Concepts & Architecture
✅ Security & IAM (Identity & Access Management)
✅ Core AWS Services (EC2, S3, RDS, VPC, Lambda, etc.)
✅ AWS Pricing, Billing, & Cost Management
✅ AWS Support Plans & Best Practices
✅ Monitoring & Deployment Tools (CloudWatch, CloudFormation, Trusted Advisor)
✅ Introduction to Blue Team
✅ Incident Handling and Response
✅ Intrusion Analysis and Investigation
✅ Threat Hunting and Detection Engineering
✅ Cybersecurity Fundamentals (CIA Triad, Threat Intelligence, Risk Management)
✅ Network Security (Firewalls, VPNs, IDS/IPS, Secure Protocols)
✅ Identity & Access Management (IAM, MFA, SSO, RBAC)
✅ Cryptography & PKI (AES, RSA, TLS, Hashing, Digital Certificates)
✅ Security Frameworks & Compliance (NIST, GDPR, HIPAA, PCI-DSS)
✅ Incident Response & Forensics (SIEM, Log Analysis, Threat Hunting)
✅ Secure Software Development (OWASP Top 10, DevSecOps, Pen Testing)
Trainings
CCNA 200-301 Masterclass
TechAcademy
Python Fundamentals
Mnet IT Solutions
Linux System Administration
Mnet IT Solutions
✅ Networking Fundamentals (TCP/IP, IPv4/IPv6, Subnetting, ARP)
✅ LAN Switching & VLANs (STP, EtherChannel, Inter-VLAN Routing)
✅ Routing Protocols (OSPF, EIGRP, Static & Default Routing)
✅ Network Security (ACLs, VPNs, Port Security, AAA)
✅ Wireless & WAN Technologies (802.11, QoS, MPLS, Metro Ethernet)
✅ Automation & Programmability (Cisco DNA, REST APIs, Python)
✅ Core Concepts: Print function, comments, Python IDEs
✅ Variables & Data Types: Strings, integers, floats, booleans, lists, tuples, sets, dictionaries
✅ Operators & Logic: Arithmetic, comparison, logical operators, if-else statements
✅ Loops & Comprehensions: for and while loops, list comprehensions
✅ Functions & OOP: Defining functions, classes, methods, inheritance, encapsulation
✅ String Manipulation: Formatting, slicing, built-in string methods
✅ Basic Linux: Command-line navigation, file management
✅ User & Group Management: Creating, modifying, and deleting users/groups
✅ Permissions & Ownership: chmod, chown, special permissions
✅ Sudoers & Access Control: Managing privileged access with sudo
✅ File Systems & Storage: Partitioning, RAID, logical volumes (LVM), filesystem types (ext4, XFS)
✅ Disk Management: Mounting, unmounting, and monitoring disk usage
SOC Analyst L1 Path
TryHackMe
✅ Cyber Defence and Frameworks
✅ Cyber Threat Intelligence
✅ Network Security and Traffic Analysis
✅ Endpoint Security Monitoring
✅ Security Information and Event Management
✅ Digital Forensics and Incident Response
✅ Phishing
(Full walkthrough and Study notes in the Blog section)
Soft Skills
Analytical Thinking
Demonstrates the ability to identify patterns and relationships among events, data, and behaviors to draw logical conclusions about what occurred and why. For example, when troubleshooting issues in a Point of Sale (POS) system, gathers and analyzes relevant data, such as timestamps, user actions, and item records, to pinpoint root causes and recommend effective solutions.
Communication Skills
Effectively asks targeted, relevant questions to gather critical information during incident investigations. For instance, when concerns arise about a payment record, instead of immediately accessing the POS backend reports, I first engage in a thoughtful inquiry to understand the context, what happened, when, and how. Often, clear communication and the right questions lead to resolving the issue without needing to interact with the system at all.
Problem Solving
Demonstrates the ability to quickly develop effective solutions in high-pressure situations without disrupting users or system availability. For example, when a critical legacy system went down due to a server crash, I promptly set up a virtualized environment compatible with its 32-bit OS requirements. To maintain security, I restricted access by disabling unnecessary ports and enabling only Remote Desktop Protocol (RDP) with specific limitations. This allowed users to continue accessing the system while we developed a long-term resolution plan.
Adaptability
Quickly adapts to new technologies introduced within the organization through self-directed learning and curiosity. Most of the deployed systems were mastered independently, demonstrating a strong ability to study unfamiliar tools efficiently and apply them effectively in day-to-day operations.
Time Management
Strategically separates and organizes tasks to ensure efficient use of time and resources. Plans and deploys tasks in a way that avoids disruption to critical areas, especially production, by scheduling appropriately, minimizing downtime, and maintaining focus on high-priority items.
Carefully maintains user-level security by applying the principle of least privilege across all systems, including legacy platforms. Ensures that data remains secure yet accessible when needed, balancing protection with usability through precise access configurations and thoughtful system management.
Attention to Detail
Work Experience
I am an IT professional with 9 years of progressive experience across IT support, systems and network administration, and departmental supervision. I specialize in managing and maintaining secure, efficient IT infrastructures that support business continuity and growth. My skill set spans Microsoft 365 administration, cybersecurity, system optimization, and technical support from frontline troubleshooting to enterprise-level solutions.
Experience
IT Supervisor
Boracay Entertainment Resources Inc.
August 2019 - Present
User Training & Awareness – Conducting training sessions on Microsoft 365 apps, POS system usage, and IT security awareness to ensure user readiness, operational effectiveness, and compliance with organizational policies.
IT Infrastructure Oversight – Actively monitoring the entire IT ecosystem and leading the IT department to ensure smooth operations, prompt issue resolution, and strategic infrastructure improvements.
Server & Active Directory Management – Creating and managing Active Directory users, configuring file servers for secure data sharing, and managing access permissions based on departmental needs.
Data Reporting & Querying – Writing and optimizing SQL queries in MS SQL Server for finance and departmental reporting, ensuring accurate and efficient data retrieval.
Network Configuration – Creating and managing VLANs on managed switches, configuring routing for optimized internal traffic flow, and applying security rules to restrict and manage incoming and outgoing network traffic.
Hardware & Peripheral Troubleshooting – Diagnosing and resolving hardware issues related to PCs, laptops, printers, and POS systems to maintain operational continuity.
Microsoft 365 Administration – Creating and managing user accounts, configuring OneDrive sharing policies, building and maintaining SharePoint sites, and administering Microsoft Teams to streamline internal collaboration and communication.
Virtualization – Creating and managing virtual servers using VirtualBox and VMware for legacy system support, including setting up and configuring RDP connections for specific users to access virtualized environments securely and efficiently.
IT Staff
Boracay Entertainment Resources Inc.
May 2016 - August 2019
Monitor concerns and respond if feasible. If not, escalate them to our supplier’s support team.
Communicate with our operations staff to explain the incident, and how to mitigate or prevent it from happening again.
Education
Bachelor of Science in Information Technology
Garcia College of Technology
Kalibo, Aklan
Graduated: 2015
My Story
I’ve spent a lot of time exploring different areas in tech, including Networking, Data Analytics, Cybersecurity, and Cloud. My approach has been to study the fundamentals of each field and determine whether it aligns with the type of work I truly want to do.
With nearly nine years of experience in IT, primarily in IT support, I wanted to expand my skills beyond troubleshooting and maintenance. My learning journey began in 2020 with networking, but at the time, I struggled with motivation and often found myself procrastinating. It took me two years and three rounds of studying CCNA materials before I finally grasped the concepts.
That experience made me pause and reflect—I realized the issue wasn’t just about the content but my approach to learning itself. That’s when I decided to first focus on "learning how to learn."
In the first quarter of 2023, I began my journey into Data Analytics. However, by mid-year, I discovered a growing interest in cybersecurity. After reading numerous blogs and watching various YouTube videos, I realized that I was more drawn to the defensive side rather than the offensive aspects of security.
With that in mind, I set my sights on earning the CompTIA Security+ certification. I invested in paid courses and practice exams to prepare thoroughly, and in February 2024, I successfully passed the exam.
But I didn’t stop there. To gain hands-on experience, I enrolled in GuideM’s Cyber Defense and Threat Hunting live course, where I’ve been exploring real-world scenarios and strengthening my skills as a cybersecurity analyst.
By the end of 2024, I committed to learning cloud computing, recognizing its vital role in cybersecurity. With limited prior experience in cloud technology, I set a goal to build a strong foundational understanding by early 2025, ensuring I could integrate cloud security principles into my skill set effectively.
I chose AWS as my cloud platform of focus and set my sights on earning the AWS Certified Cloud Practitioner (CLF-C02) certification. Through dedicated learning and hands-on practice, I deepened my understanding of AWS services, cloud security, and best practices. In February 2025, I successfully earned the certification, and I’m happy to have gained a solid foundational knowledge of cloud computing.
After building a foundational understanding of cloud computing, I resumed the SOC Analyst Level 1 course on TryHackMe, which I had originally started in the last quarter of 2024 but temporarily paused to prioritize my cloud studies. In the first quarter of 2025, I was assigned to deepen my knowledge of Microsoft technologies, specifically the Microsoft 365 product suite, as our organization began fully integrating its features across departments.
This led me to divide my focus, dedicating work hours to learning M365 and evenings to advancing through the SOC Level 1 course. Despite the challenge of managing both simultaneously, I maintained steady progress by setting clear goals, breaking tasks into manageable segments, and leveraging the Pomodoro technique to sustain energy and focus throughout the day. This structured approach helped me stay productive and avoid burnout. I'm proud to share that I completed the SOC Analyst Level 1 path of TryHackMe on June 11, 2025.
After completing the SOC Analyst Path on TryHackMe, I enrolled in the MyDFIR SOC Analyst Course by Steven, the creator behind the MyDFIR YouTube channel. I had been saving for several months to invest in this course, and it has proven to be a worthwhile decision. The course has significantly improved my investigative skills, an area I previously struggled with.
Before taking the course, I often felt lost when facing challenges on platforms like TryHackMe or LetsDefend. I wasn’t sure where to start, what questions to ask, or how to approach a scenario. More often than not, I found myself relying heavily on write-ups just to get through exercises.
This course helped shift that mindset. It taught me to see the bigger picture, ask more meaningful questions, and adopt a structured approach to incident response and investigation. I now feel more confident and methodical when tackling security incidents. My goal is to complete the course by August 2025, dedicating three focused months to this study.