Hi, I'm Abraham Peñarubia
Cybersecurity Portfolio - September 2025
← My photo was taken at Fort Santiago, a historic landmark in Manila.Profiles
Summary
I’m an IT professional with a Bachelor of Science in Information Technology and currently working as an IT Administrator in the financial sector. Alongside my role, I’ve gained hands-on experience in cybersecurity, particularly in Incident Response using Microsoft Sentinel, Splunk, and ELK Stack. I have foundational skills in OSINT, DFIR, log analysis, proactive threat hunting, detection engineering, phishing email analysis, and security incident reporting. I’ve also worked with tools such as CrowdStrike, Rapid7 InsightIDR, FortiAnalyzer, and Mimecast in day-to-day operations.
Passionate about advancing my career in cybersecurity, I am actively seeking a full-time entry-level role in incident response, SOC analysis, or security engineering. I enjoy turning technical insights into actionable defenses and continuously sharpening my skills through real-world projects and continuous learning. Always open to connecting with peers and professionals in the field.
Tools
🛡️ Network Security
🖥️ Endpoint Security
📊 SIEM & Logging
Skills
I’m currently building hands-on projects around the following core skills. These will be added to my GitHub soon to showcase real-world scenarios, detection techniques, and automation capabilities. Thank you for your patience.
| 🛠️ Skill | 📁 Associated Project | ⏳ Status |
|---|---|---|
| Email Security & Phishing Triage | In progress | In progress |
| SIEM Implementation and Log Analysis | In progress | In progress |
| Network Traffic Monitoring & Attack Detection | In progress | In progress |
| Microsoft Security (Sentinel, Defender, etc.) | In progress | In progress |
| Scripting & Automation for Threat Mitigation | In progress | In progress |
Projects
| 🧪 Project | 🔍 Description | 🔗 Link |
|---|---|---|
| SOC Automation Lab | Simulated a SOC workflow with Shuffle SOAR, TheHive, and Cortex | In progress |
| Detection Lab | Setup SIEM tools (Splunk/ELK) and performed log analysis | In progress |
| Phishing Simulation | Simulated a phishing attack chain in Microsoft environment | In progress |
Work Experiences
| 🏢 Company | 🧑💻 Position | 📍 Location | 📅 Date | 🔗 Website |
|---|---|---|---|---|
| Lulu Financial Services (Phils.) Inc. | IT Administrator | Taguig, Philippines | November 2023 – Present | https://www.lulumoney.com.ph |
| R.A. Gapuz Review Center | IT Assistant | Manila, Philippines | September 2022 – March 2023 | https://www.raygapuzreviewsystem.com |
Certifications
| 🛡️ Certification | 📅 Validity | 🧠 Review / Thoughts |
|---|---|---|
| Microsoft Certified: Security Operations Analyst Associate (SC-200) | August 28, 2025 – August 29, 2026 | Passing SC-200 gave me great exposure to Microsoft’s powerful security products, which cover nearly every aspect of an organization. It made me realize how powerful Microsoft’s ecosystem is in defending against evolving threats. Big thumbs up to Microsoft for continuously raising the bar. My full review of SC-200 is available on my Medium Blog. 😊 |
| Hack The Box Certified Defensive Security Analyst (HTB CDSA) | January 24, 2025 – ∞ | One of the most challenging certifications I’ve earned. A 7-day practical, hands-on exam involving in-depth log analysis using ELK and Splunk SIEMs, usage of various DFIR tools, and the creation of two professionally written incident reports. My full review of HTB - CDSA is available on Medium Blog. 😊 |
| Cisco Certified Network Associate (CCNA) | August 19, 2024 – August 19, 2027 | So back in college, we had networking classes, but our professor rarely showed up. So, it ended up being more of a self-study journey for me. Looking back, I think that’s where I built my resiliency, teaching myself concepts and figuring things out on my own. That experience actually turned out great because I really got into networking: routing, switching, failover, optimization, and even automation. Preparing for the CCNA was much tougher than Network+, and I backed it up with study resources from Jeremy’s IT Lab and CCNA Ninja. |
| CompTIA Security+ | October 16, 2023 – October 16, 2026 | Security+ is an excellent vendor-neutral certification for anyone starting a career in cybersecurity. I primarily studied through Professor Messer’s course, and I’m grateful for his free study resources, which made preparation both structured and accessible. While Security+ is more theory-focused than hands-on, it still provides a strong foundation in modern security concepts and technologies. My prior experience with wireless penetration testing in college also helped me better grasp certain topics. Achieving this certification completed my CompTIA Trifecta and strengthened my drive to keep advancing my skills and knowledge in cybersecurity. |
| CompTIA Network+ | October 8, 2023 – October 16, 2026 | Network+ was the toughest certification in my CompTIA Trifecta. Networking wasn’t my strongest area in college since I was more focused on PHP web programming. Studying for this exam was a real grind, but it paid off in the end. I developed a deep understanding for concepts like redundancy, link aggregation, SSH, and network hardening. I also learned the Magic Subnetting from Practical Networking on YouTube, which made answering subnetting questions much easier. Professor Messer’s Network+ course was my primary study resource. This exam solidified my grasp of networking and showed me how essential they are in cybersecurity. |
| CompTIA A+ | September 25, 2023 – October 16, 2026 | With my first IT assistant job and a few certifications as a foundation, I felt ready to pursue CompTIA A+. I relied mainly on Professor Messer’s course, which covered everything I needed for the exam. The certification is split into two parts: Core 1 and Core 2. Core 1 deepened my knowledge of hardware, disk redundancy, and printer troubleshooting, while Core 2 challenged me with command-line tools, operating system permissions, software troubleshooting, and security concepts. Earning A+ provided me with a strong vendor-neutral foundation in IT support, maintenance, and deployment, an essential first step for anyone building an IT career. |
| CompTIA IT Fundamentals+ | September 12, 2023 – ∞ | ITF+ was my first-ever certification, taken at a Pearson VUE testing center. Taking it felt surreal, I was nervous but excited. The Google IT Support course on Coursera introduced me to the world of CompTIA certifications, and I decided to give ITF+ a try. At the time, I was rusty with IT concepts after college, so I booked the exam and studied resources on YouTube. It served as a great refresher, and most importantly, it set me on the path toward earning the CompTIA Trifecta. |