Hi, I'm Abraham Peñarubia
Cybersecurity Portfolio - March 2026
← My photo was taken at Fort Santiago, a historic landmark in Manila. Profiles
Summary
I’m an IT professional with a Bachelor of Science in Information Technology and currently working as an Network Engineer in the financial sector. Alongside my role, I’ve gained hands-on experience in cybersecurity, particularly in Incident Response using Microsoft Sentinel, Splunk, and ELK Stack. I have foundational skills in OSINT, DFIR, log analysis, proactive threat hunting, detection engineering, phishing email analysis, and security incident reporting. I’ve also worked with tools such as CrowdStrike, Rapid7 InsightIDR, FortiAnalyzer, and Mimecast in day-to-day operations.
Passionate about advancing my career in cybersecurity, I am actively seeking a full-time entry-level role in incident response, SOC analysis, or security engineering. I enjoy turning technical insights into actionable defenses and continuously sharpening my skills through real-world projects and continuous learning. Always open to connecting with peers and professionals in the field.
Tools
🛡️ Network Security
🖥️ Endpoint Security
📊 SIEM & Logging
Projects
| 🧪 Project | 🔍 Description | 🔗 Link |
|---|---|---|
| IPSec Site-to-Site VPN (Cisco & Fortinet) | Designed and implemented encrypted Site-to-Site VPN Tunnels with routing and troubleshooting for secure enterprise connectivity. | https://drive.google.com/file/d/1BFP5ua… |
| SD-WAN ISP Failover (Fortinet) | Configured dual-ISP SD-WAN policies with automated failover, SLA monitoring, and load balancing to ensure high availability. | https://drive.google.com/file/d/1rF0I7y… |
| Building a Custom PC (2026) | Planned and assembled a high-performance custom desktop PC, focusing on component compatibility and cost efficiency. | https://drive.google.com/file/d/18heh_4… |
| Captive Portal Wi-Fi Management (MikroTik) | Deployed a Wi-Fi captive portal with authentication, bandwidth control, and logging for network security. | https://drive.google.com/file/d/1c0pjCv… |
| Active Directory Lab | Automated users, OU, permissions with PowerShell scripts. | In Progress |
| AD Security Monitoring – Splunk & ELK | Windows logs → dashboards + alerts for suspicious activity. | In Progress |
Work Experiences
| 🏢 Company | 🧑💻 Position | 📍 Location | 📅 Date | 🔗 Website |
|---|---|---|---|---|
| Lulu Financial Services (Phils.) Inc. | Network Engineer | Taguig, Philippines | November 2023 – May 2026 | https://www.lulumoney.com.ph |
| R.A. Gapuz Review Center | IT Assistant | Manila, Philippines | September 2022 – March 2023 | https://www.raygapuzreviewsystem.com |
Certifications
| 🛡️ Certification | 📅 Validity | 🧠 Review / Thoughts |
|---|---|---|
| Microsoft Certified: Security Operations Analyst Associate (SC-200) | August 28, 2025 – August 29, 2027 | Passing SC-200 gave me great exposure to Microsoft’s powerful security products, which cover nearly every aspect of an organization. It made me realize how powerful Microsoft’s ecosystem is in defending against evolving threats. Big thumbs up to Microsoft for continuously raising the bar. My full review of SC-200 is available on my Medium Blog. 😊 |
| Hack The Box Certified Defensive Security Analyst (HTB CDSA) | January 24, 2025 – ∞ | This is my most challenging certification I’ve earned. A 7-day practical, hands-on exam involving in-depth log analysis using ELK and Splunk SIEMs, usage of various DFIR tools, and the creation of two professionally written incident reports. My full review of HTB - CDSA is available on Medium Blog. 😊 |
| Cisco Certified Network Associate (CCNA) | August 19, 2024 – August 19, 2027 | The CCNA is a requirement in my current job, but I actually got hired first because of my CompTIA Trifecta. Still, I knew I had to earn this certification. Back in college, we had networking classes, but our professor rarely showed up to teach—though he always reminded us to pursue the CCNA. That pushed me to take it as a self-study journey. Looking back, that’s where I built my resiliency: teaching myself concepts, troubleshooting on my own, and learning to figure things out without much guidance. In the process, I developed a real passion for networking—routing, switching, failover, optimization, and even automation. I used applications like Packet Tracer and GNS3 for hands-on lab practice. Another source of motivation was seeing some of my former classmates succeed in earning the certification. The CCNA was definitely tougher than the Network+, but I got through it with the help of study resources from Jeremy’s IT Lab and CCNA Ninja. I’m grateful for those free resources, which made a big difference in my preparation. |
| CompTIA Security+ | October 16, 2023 – October 16, 2026 | Security+ is an excellent vendor-neutral certification for anyone starting a career in cybersecurity. I primarily studied through Professor Messer’s course, and I’m grateful for his free study resources, which made preparation both structured and accessible. While Security+ is more theory-focused than hands-on, it still provides a strong foundation in modern security concepts and technologies. My prior experience with wireless penetration testing in college also helped me better grasp certain topics. Achieving this certification completed my CompTIA Trifecta and strengthened my drive to keep advancing my skills and knowledge in cybersecurity. |
| CompTIA Network+ | October 8, 2023 – October 16, 2026 | Network+ was the toughest certification in my CompTIA Trifecta. Networking wasn’t my strongest area in college since I was more focused on PHP web programming. Studying for this exam was a real grind, but it paid off in the end. I developed a deep understanding for concepts like redundancy, link aggregation, SSH, and network hardening. I also learned the Magic Subnetting from Practical Networking on YouTube, which made answering subnetting questions much easier. Professor Messer’s Network+ course was my primary study resource. This exam solidified my grasp of networking and showed me how essential they are in cybersecurity. |
| CompTIA A+ | September 25, 2023 – October 16, 2026 | With my first IT assistant job and a few certifications as a foundation, I felt ready to pursue CompTIA A+. I relied mainly on Professor Messer’s course, which covered everything I needed for the exam. The certification is split into two parts: Core 1 and Core 2. Core 1 deepened my knowledge of hardware, disk redundancy, and printer troubleshooting, while Core 2 challenged me with command-line tools, operating system permissions, software troubleshooting, and security concepts. Earning A+ provided me with a strong vendor-neutral foundation in IT support, maintenance, and deployment, an essential first step for anyone building an IT career. |
| CompTIA IT Fundamentals+ | September 12, 2023 – ∞ | ITF+ was my first-ever certification, taken at a Pearson VUE testing center. Taking it felt surreal, I was nervous but excited. The Google IT Support course on Coursera introduced me to the world of CompTIA certifications, and I decided to give ITF+ a try. At the time, I was rusty with IT concepts after college, so I booked the exam and studied resources on YouTube. It served as a great refresher, and most importantly, it set me on the path toward earning the CompTIA Trifecta. |