SOC Analyst · Cybersecurity Portfolio · 2026

Nelson Silva
Valderas

Security professional with 10+ years in physical security operations, building a cybersecurity career through real-world projects and self-directed learning. TryHackMe Top 5% globally.

SOC Operations MITRE ATT&CK Threat Detection Python SIEM Log Analysis AI Tooling Splunk Sentinel
📍 Vilanova i la Geltrú, Spain ✉ nelsonsilvavalderas@gmail.com 🔗 LinkedIn ⌥ GitHub 🎯 TryHackMe
Status
Open to Remote
EU / UK / US
Available immediately
Junior SOC / Blue Team
Security+ · SAL1
In progress
🏆 TryHackMe Top 5%
68 rooms · SOC Level 1
About
SOC Analyst candidate with 10+ years in security operations, transitioning into cybersecurity through disciplined self-training and a hands-on public portfolio. Built a functional SIEM with MITRE ATT&CK detection, a multi-agent AI triage system, and a zero-trust Chrome extension — all while self-funding the transition working as a bus driver. Practiced Splunk (SPL, dashboards) and Microsoft Sentinel (KQL, analytics rules) via TryHackMe labs and local VMs. TryHackMe Top 5% globally with 68 rooms completed. Fluent in English, Spanish, and Catalan. Seeking junior SOC / Blue Team Analyst roles, remote preferred, open internationally.
Featured Project
⬤ LATEST
🛡️ SIEM-Lite — Log Analysis & Threat Detection Dashboard
github.com/NSVEXL/siem-lite ↗

Fully functional SIEM built in Python. Ingests and parses real Linux auth.log and UFW firewall logs, applies 5 rule-based detection algorithms with time-window correlation, maps every alert to MITRE ATT&CK, and renders a real-time Flask dashboard with Chart.js. Includes live VirusTotal IP enrichment: test run confirmed 185.220.101.5 as MALICIOUS — Tor exit node, flagged by 11 engines, reputation −16.

Detection Rule MITRE ID Tactic Severity
SSH Brute ForceT1110Credential AccessHIGH
Port ScanT1046DiscoveryMEDIUM
Privilege EscalationT1548Privilege EscalationCRITICAL
Credential DumpingT1003Credential AccessCRITICAL
Off-Hours LoginT1078Initial AccessMEDIUM
Python Flask Pandas Chart.js VirusTotal API v3 MITRE ATT&CK Linux auth.log UFW Firewall logs
Projects
🤖 ai-soc-analyst
github.com/NSVEXL/ai-soc-analyst ↗

Multi-agent AI system automating IP reputation triage via VirusTotal API. Delivers structured, analyst-ready threat summaries with a CrewAI + Gemini 2.5 Flash architecture. Significantly reduces manual lookup overhead.

Python CrewAI Gemini 2.5 Flash VirusTotal API
🔒 AI-Guard
github.com/NSVEXL/ai-guard ↗

Zero-trust Chrome extension with real-time AI threat analysis. DOM scraping + VirusTotal + Gemini 2.5 to detect and block zero-day phishing attacks before page load completes — no signature database required.

Python FastAPI Chrome Extension API Gemini 2.5
Experience
Cybersecurity Portfolio Development
Independent / Self-directed · Remote 2025 – Present
  • Built 4 public security projects: SIEM dashboard, AI SOC triage agent, AI-powered web filter, system hardening utility.
  • Completed Google Cybersecurity Certificate (Coursera, 2025) + TryHackMe Cyber Security 101 (45+ hrs). Top 5% global ranking, 68 rooms completed.
  • Hands-on Splunk: log ingestion, SPL queries, alert dashboards (TryHackMe labs + local install).
  • Hands-on Microsoft Sentinel: KQL queries, analytics rules, workbooks (TryHackMe labs + local VM).
  • CompTIA Security+ (SY0-701) and SAL1 certification in active progress.
Physical Security — Inspector / Coordinator · Team Lead · Officer
Prosegur · Ilunion Security · Spain 2013 – 2024
  • 10+ years managing physical access control, threat assessment, and incident response in high-stakes environments.
  • Career progression: Security Officer → Team Lead → Service Inspector/Coordinator (Prosegur).
  • Led resolution of physical security breaches and coordinated emergency protocols; supervised access control and identity systems (Physical IAM).
  • Drafted detailed incident reports; enforced strict SLA compliance and security policy adherence.
  • Operational mindset — risk identification, protocol enforcement, incident escalation — directly transferable to SOC operations.
★ Prosegur National Excellence Award — 2014 ★ Prosegur Regional Excellence Award — 2013 ★ Police Directorate Honorable Mention, Cat. B — 2014
Professional Driver
Dotor Bus / Transportist 2024 – Present
  • Current role financing full-time cybersecurity self-training and portfolio development.
  • Demonstrates reliability under pressure, rotating shifts, and fast decision-making — aligned with SOC 24/7 operational environment.
Technical Skills
Core Stack
Python / Automation85%
Linux / Bash80%
SIEM / Log Analysis75%
MITRE ATT&CK70%
Flask / FastAPI70%
Tools & Platforms
AI / CrewAI / Gemini75%
VirusTotal / Threat Intel75%
Wireshark / Nmap65%
Splunk (SPL)60%
Microsoft Sentinel (KQL)55%
Certifications
TryHackMe — Cyber Security 101
TryHackMe · March 2026 · ID: THM-2XLH3NVGSD
✓ COMPLETED
Google Cybersecurity Certificate
Google / Coursera · 2025
✓ COMPLETED
CompTIA Security+ (SY0-701)
CompTIA · Exam scheduled 2026
⟳ IN PROGRESS
SOC Level 1 — SAL1
TryHackMe
⟳ IN PROGRESS
Languages & Platforms
TryHackMe
Global RankingTop 5%
Rooms Completed68
Active PathSOC Level 1
Profiletryhackme.com/p/NSVEXL
Education
IT Systems Administrator
Technical Vocational Training (FP)
Languages
SpanishNATIVE
CatalanNATIVE
EnglishADVANCED B2+