Rodney Hall
SOC Analyst · Incident Triage · Threat Detection · Security Operations
⬇ Download ResumeI investigate threats, analyze logs, and build security controls across enterprise IT, cloud, and OT environments. Targeting SOC Analyst Tier 1–2, Cybersecurity Analyst, and Information Security Analyst roles.
- CompTIA Security+
- CompTIA Network+
- AWS Cloud Practitioner
- Microsoft AZ-900
- ICS-300 — CISA / DHS
- Google Cybersecurity Certificate
SOC Operations & Incident Triage
SIEM alert investigation, multi-source log correlation, IOC extraction, and end-to-end incident reporting mapped to MITRE ATT&CK and NIST CSF.
View Project →Active Directory Home Lab — Windows Server 2022
Built a domain controller from scratch, designed a multi-region OU structure across USA / Europe / Asia, and implemented least-privilege access controls at enterprise scale.
View Project →Azure Cloud Security — RBAC & Least Privilege
Configured Azure RBAC and Entra ID, scoped Reader role assignments to a resource group, and validated least-privilege enforcement through documented access denial.
View Project →Network Traffic Analysis — Wireshark / PCAP
Decoded BACnet and Modbus/TCP protocol traffic, correlated request-response sequences, and documented behavioral baselines for use in threat detection rule development.
View Project →OT Network Threat Detection & Incident Analysis
Identified unauthorized Modbus write commands and BACnet reconnaissance patterns in captured traffic. Documented IOCs and produced escalation recommendations for ICS environments.
View Project →OT/ICS Foundations — Purdue Model & IT/OT Segmentation
Designed IT/OT segmentation architecture with an OT DMZ, mapped all five Purdue Model levels, and produced an analyst triage checklist for industrial environments.
View Project →Linux System Baseline — OT Environment
Passive baseline audit of an OT-adjacent Linux system: enumerated services, listening ports, and network interfaces without impacting system availability.
View Project →BAS Security Playbook In Progress
Incident response playbook for Building Automation Systems — 6 attack scenarios with IOCs, detection rules, SIEM integration, and response procedures for critical infrastructure.
View Playbook →