SIEM Detection Pipeline for a Mid-Market SaaS Company
A planned learning exercise that models how a growing SaaS could detect credential abuse and lateral movement without adding analyst headcount.
I build customer-focused cybersecurity projects, architecture designs, and executive-ready presentations that turn technical work into business outcomes.
Open to Systems Engineering, Solutions Engineering & Associate Sales Engineering roles
U.S. Marine Corps Veteran
USC Business Administration Graduate
Digital Forensics & Cybersecurity
Systems Engineering Candidate
Raytheon Technologies
Systems / Solutions / Associate SE roles
Technologies used across projects and labs
I'm Antonio Acosta — a United States Marine Corps veteran and USC graduate building toward a career in Systems Engineering. My background combines business analytics, cybersecurity education, stakeholder support, technical presentations, and leadership under pressure.
I am most effective when I can understand a difficult problem, structure the relevant information, and explain a practical solution clearly to both technical and nontechnical audiences.
United States
Systems Engineering
Digital Forensics · Cybersecurity
SE · Solutions · Associate SE
Each project starts with a customer problem and ends with an executive-ready recommendation.
A planned learning exercise that models how a growing SaaS could detect credential abuse and lateral movement without adding analyst headcount.
A fictional customer scenario: discovery, architecture recommendation, and a rollout plan sized for a 40-person clinical operations team.
A planned assessment exercise covering authentication testing, injection, broken access control, and an executive-ready remediation roadmap.
A planned Python toolkit that lets a small security team run repeatable data-collection and triage tasks across a lab environment.
Small experiments that keep me sharp between larger projects.
Learn to identify the traffic signature of admin-share and named-pipe abuse.
Build a repeatable hardening checklist a solo operator can actually run.
Turn raw Nmap output into a clear picture of what an attacker sees.
Write and tune a small set of host-based rules that reduce noise, not create it.
Practice the highest-impact web app checks against a controlled target.
Write a small script that collects and normalizes security-relevant data from a host.
The three questions every executive audience asks — and how to answer them in the language they use.
It is less about products and more about earning the right to recommend one.
The habits that transfer, the ones that do not, and what I wish I had known earlier.
I'm actively pursuing Systems Engineering and Solutions Engineering roles. If your team is building something worth defending, I'd love to hear about it.