gabrielmarquezcyber/gabrielmarquezcyber

# Gabriel Marquez — Cybersecurity Operations & Detection Engineering Recently completed an M.S. in Cybersecurity & Information Assurance and built public security projects focused on SIEM detection engineering, analyst workflows, vulnerability prioritization, and AI/tool-boundary security research. ## Core Strengths * Security operations and endpoint triage * SIEM-style alert analysis and detection workflow documentation * PowerShell automation for evidence collection * Analyst playbooks and repeatable investigation workflows * Vulnerability prioritization using EPSS, CISA KEV, NVD, and CVSS context * MITRE ATT&CK mapping * Bilingual Spanish/English technical communication ## Education & Certifications * M.S. Cybersecurity & Information Assurance * B.S. Network Operations & Security * CompTIA SecurityX * CompTIA CySA+ * CompTIA PenTest+ * ISC2 Certified in Cybersecurity * CompTIA Project+ # Featured Security Projects ## Elastic SIEM Detection Engineering & Vulnerability Risk Automation A cybersecurity portfolio project focused on SOC-style detection workflows, alert validation, analyst documentation, and risk-based vulnerability prioritization. This project demonstrates how security telemetry and vulnerability data can be turned into practical analyst workflows. ### Highlights * Built and validated Elastic SIEM detection rules * Created detection logic for Suspicious PowerShell Flags mapped to MITRE ATT&CK T1059.001 * Created Failed Logon Burst detection using Windows Event ID 4625 mapped to MITRE ATT&CK T1110 * Developed analyst-facing playbooks with investigation steps, evidence screenshots, and escalation context * Exported detection logic and validation artifacts for review * Built Python CVE prioritization automation using EPSS, CISA KEV, NVD, and CVSS data * Generated ranked CVE outputs and prioritization graphics for remediation planning ### Relevant Roles SOC Analyst, Security Analyst, MDR Analyst, SIEM Analyst, Detection Analyst, Vulnerability Analyst, Security Operations Analyst, and detection-engineering-adjacent roles. **Repository:** [Elastic SIEM Detection Engineering & Vulnerability Risk Automation](https://github.com/gabrielmarquezcyber/elastic-siem-detection-vuln-prioritization) ## Empire Breacher — AI/Web3 Wallet-Agent Security Research Harness A controlled AI/Web3 security research project focused on prompt-injection risk, authority-boundary failures, and safe behavior validation in wallet-enabled agent workflows. This project models how untrusted external content should be analyzed without allowing that content to authorize high-impact wallet behavior. ### Highlights * Built a controlled wallet-agent security research harness * Modeled prompt-injection and authority-boundary risk in lab conditions * Implemented deterministic PASS / REVIEW / FAIL evaluation * Created malicious, ambiguous, and benign test fixtures * Built a toy wallet-agent simulator * Mapped outcomes to safe behavior: * PASS -> summarize_safely * REVIEW -> request_human_review * FAIL -> refuse_wallet_action * Enforced the invariant that external content can be analyzed but cannot authorize wallet behavior * Added Python regression tests, JSON decision outputs, safety policy documentation, public-safe validation reports, and proof map ### Relevant Roles AI Security, AppSec, Product Security, Web3 Security, LLM/agent security, prompt injection, automation security, security research, and forward-looking security operations roles involving AI-assisted workflows. **Repository:** [Empire Breacher](https://github.com/gabrielmarquezcyber/empire-breacher) # Interview Topics I Can Discuss * Alert triage and false-positive review * Suspicious PowerShell behavior and dual-use tooling * Failed logon burst detection and brute-force / password-spray logic * MITRE ATT&CK mapping for analyst communication * Analyst playbook design and evidence documentation * PowerShell evidence collection * Python-based CVE prioritization * EPSS, CISA KEV, NVD, and CVSS-based remediation prioritization * AI/tool-boundary safety principles * Bilingual Spanish/English technical communication in support and security operations contexts # Links * LinkedIn: [linkedin.com/in/gabriel-marquez-cyber](https://www.linkedin.com/in/gabriel-marquez-cyber/) * Elastic SIEM Capstone: [github.com/gabrielmarquezcyber/elastic-siem-detection-vuln-prioritization](https://github.com/gabrielmarquezcyber/elastic-siem-detection-vuln-prioritization) * Empire Breacher: [github.com/gabrielmarquezcyber/empire-breacher](https://github.com/gabrielmarquezcyber/empire-breacher) * Public Resume: [Gabriel Marquez — Cybersecurity Resume](resume/Gabriel_Marquez_Public_Cybersecurity_Resume.md)