About Skills Projects Certs Experience Contact
Available for internships & part-time roles · Sydney, AU

Defending Networks. Detecting Threats. Staying Ready.

Cybersecurity student with hands-on Blue Team experience — log analysis, threat detection, and incident response.
Building the skills that matter before day one on the job.

View Projects ↓ Contact Me
Degree B.ICT — Cyber Security
Focus SOC / Blue Team
Location Australia 🇦🇺
Status ● Open to hire
About

Not just studying security —
practising it.

I came into cybersecurity through a genuine obsession with how systems fail — and more importantly, how defenders catch the people exploiting those failures. While most students study the textbook, I've been building home labs, simulating real incidents, and working through structured learning paths on TryHackMe and Forage.

My Bachelor of ICT with a Cyber Security major gave me the theoretical foundation. Everything else — the SIEM queries, the packet captures, the log triage — came from choosing to go further than what was required.

I'm looking for a role where I can contribute from day one: monitoring alerts, triaging events, and supporting a team that takes defence seriously.

Education
Bachelor of ICT
Major: Cyber Security · In Progress
Primary Interest
Blue Team Operations
SOC Analyst · Incident Response · Threat Detection
Learning Platforms
TryHackMe · Forage
Google Cybersecurity Certificate
Location
Australia
Open to remote & hybrid roles
Technical Skills

What I bring to the table.

Networking
TCP/IP & OSI Model 85%
DNS / DHCP / HTTP(S) 80%
Packet Analysis (Wireshark) 75%
Firewall & ACL Concepts 70%
Security Tools
Splunk (SIEM) 72%
Nmap 80%
Wireshark 75%
Metasploit (lab context) 55%
Blue Team Skills
Log Analysis 78%
Incident Response Process 72%
Alert Triage & Escalation 70%
MITRE ATT&CK Framework 68%
Tools & Platforms
Kali Linux Ubuntu Server TryHackMe Forage VirtualBox Python (scripting) Bash GitHub Elastic / ELK Microsoft Sentinel OpenVAS Burp Suite (basics) pfSense Windows Event Logs Syslog
Projects

Real scenarios. Real decisions.

04 featured projects
01
SIEM Log Analysis & Threat Triage
"How do you detect a brute force attack buried inside 40,000 log lines?"
View on GitHub →
Splunk Windows Event Logs MITRE ATT&CK SPL Queries VirtualBox
What I did
01. Ingested 40,000+ Windows Event Logs into a local Splunk instance via a simulated network environment.
02. Wrote SPL queries to identify repeated Event ID 4625 (failed logins) from a single source within a 5-minute window.
03. Correlated the brute force activity with subsequent Event ID 4624 (successful login), confirming account compromise.
04. Mapped findings to MITRE ATT&CK T1110 (Brute Force) and documented an incident report with timeline and recommended remediation.
Outcome & Learning
Result
Successfully identified the intrusion vector, isolated the compromised account, and produced a structured incident timeline — completed under a self-imposed 2-hour triage window.
Key Takeaway
Learned that attackers rarely set off a single alarm — correlation across multiple log sources is what reveals intent, not individual events.
02
Network Packet Analysis — Malware C2 Detection
"Identifying command-and-control beaconing hidden inside normal-looking HTTP traffic."
View Write-up →
Wireshark PCAP Files TryHackMe Lab VirusTotal Zeek
What I did
01. Loaded a provided PCAP file in Wireshark and applied protocol hierarchy filters to identify anomalous HTTP traffic volume.
02. Noticed regular 60-second intervals in outbound HTTP requests — classic beaconing pattern. Filtered by destination IP and extracted User-Agent strings.
03. Extracted suspicious payload bytes and submitted the destination domain to VirusTotal — confirmed as known C2 infrastructure.
04. Wrote IOC report: offending IP, domain, User-Agent string, and beacon interval — documented for hypothetical SOC handoff.
Outcome & Learning
Result
Detected the C2 communication, identified two affected internal hosts, and produced an IOC list ready for firewall block rules.
Key Takeaway
Traffic volume alone is misleading. Timing regularity and User-Agent anomalies matter more than packet size when hunting for beacons.
03
Vulnerability Assessment — Home Lab Network
"Running a structured vulnerability scan against a segmented home lab and documenting findings in a professional report format."
View Report →
Nmap OpenVAS Kali Linux CVSS Scoring VirtualBox
What I did
01. Set up a segmented lab environment with two VMs: a deliberately vulnerable Metasploitable instance and an attacker Kali machine.
02. Ran Nmap service enumeration (SV, -O flags) to map open ports and OS fingerprints before touching any exploitation tools.
03. Ran OpenVAS scan, reviewed 23 flagged vulnerabilities, and scored each with CVSS to prioritise by actual risk — not just severity label.
04. Produced a structured vulnerability report: executive summary, technical findings table, and remediation priority matrix.
Outcome & Learning
Result
Documented 5 critical, 9 high, and 9 medium vulnerabilities — with specific remediation steps for the top 3 critical findings.
Key Takeaway
CVSS scores are a starting point, not a verdict. Business context and exploitability must inform how findings are prioritised in a real environment.
04
Incident Response Simulation — Ransomware Scenario
"Walking through a full IR lifecycle: detection, containment, eradication, and recovery — under simulated time pressure."
View Playbook →
Forage Simulation Splunk NIST IR Framework MITRE ATT&CK Threat Intel
What I did
01. Received simulated IR ticket: multiple endpoints reporting encrypted files and a ransom note. Used Splunk to correlate initial access with phishing email logs.
02. Identified patient zero and lateral movement path using authentication logs and SMB traffic anomalies across three internal hosts.
03. Drafted containment steps: network isolation, credential resets, and firewall block rules for the identified C2 IP range.
04. Completed post-incident report using NIST SP 800-61 framework — including a lessons-learned section and detection gap analysis.
Outcome & Learning
Result
Completed the full IR cycle within the simulation window. Post-incident report received positive feedback from the Forage assessment rubric.
Key Takeaway
Speed matters in IR — but so does documentation. Every action taken during containment needs to be logged for legal and forensic purposes.
Certifications & Learning

Verified. Hands-on. Ongoing.

Google Cybersecurity Certificate
Google / Coursera
Completed
CompTIA Security+
CompTIA
In Progress
Networking Fundamentals
Cisco Networking Academy
Completed
TryHackMe Progress
Top
5%
Global Rank
40+
Rooms Done
3
Paths Active
Learning Paths
SOC Level 1
85%
Pre-Security
100%
Cyber Defence
65%
Experience

Work that counts — even before the job title.

2024
Forage Virtual Experience
Cybersecurity Analyst Simulation — ANZ Bank
Completed a structured simulation of a real SOC workflow within ANZ's virtual experience program. Investigated phishing emails, performed open-source intelligence (OSINT) lookups, and assessed whether attachments warranted escalation. Delivered a structured findings report at the end of the simulation.
Forage Phishing Analysis OSINT Email Header Analysis Incident Reporting
2023–Present
Self-Directed Lab Work
Independent Security Research & Lab Projects
Built and maintained a personal virtualised lab environment for hands-on security practice. Activities include configuring firewall rules, simulating attack/defend scenarios, running SIEM queries on generated log data, and documenting all findings in structured write-ups — treating every exercise like a real professional deliverable.
VirtualBox Kali Linux Splunk Metasploitable pfSense GitHub Documentation
2024
Forage Virtual Experience
IT Security Risk Simulation — Mastercard
Worked through a simulated risk identification exercise for Mastercard's security team. Identified phishing email indicators, interpreted security awareness training gaps, and recommended targeted controls based on identified risk surface — all presented in a format aligned with real business reporting standards.
Forage Risk Assessment Security Awareness Phishing Detection
Contact

Let's talk
Blue Team.

If you're looking for a detail-oriented, hands-on candidate for a SOC or Blue Team role — I'd like to hear from you. Open to internships, part-time positions, and cadet programs across Australia.

Email
[email protected]
LinkedIn
www.linkedin.com/in/unik-parajuli
GitHub
github.com/unik6929
TryHackMe
tryhackme.com/p/yourusername