Computer Science Graduate | Army National Guard Soldier | Cybersecurity-Focused Software Developer
I am a Computer Science graduate building toward a career in DoD cybersecurity, cleared contractor work, and defensive security engineering. My work focuses on practical security tooling, automation, SIEM detection, systems programming, and hands-on blue team labs.
I use this GitHub to document projects that show how I think, build, test, and improve technical systems. My current focus is strengthening my cybersecurity foundation through Security+, DoD 8140-aligned certifications, and homelab-based detection engineering.
- Cybersecurity tooling and automation
- SIEM detection engineering and log analysis
- Network scanning and threat surface assessment
- Systems programming with Rust and Python
- Linux, virtualization, and homelab infrastructure
- Software design, testing, and documentation
| Area | Tools & Technologies |
|---|---|
| Languages | Python, Java, C++, Rust, Bash, HTML, CSS, JavaScript |
| Security | Wazuh, Nmap, Wireshark, MITRE ATT&CK, file integrity monitoring, network scanning |
| Systems | Linux, Kali Linux, Ubuntu, Pop!_OS, macOS, Proxmox VE |
| Development | Git, GitHub, command-line tooling, documentation, testing, debugging |
| Cloud & Platforms | AWS Lambda, AWS SAM, GitHub Pages, Electron |
| Computer Science | Data structures, algorithms, object-oriented programming, databases, software engineering, operating systems, quality assurance |
| Project | Description | Stack |
|---|---|---|
| cloudtrail-anomaly-alerter | Serverless AWS security tool that monitors CloudTrail activity, detects suspicious API behavior across multiple rule categories, maps findings to MITRE ATT&CK, and sends SNS email alerts. | Python, AWS Lambda, AWS SAM |
| SniffSnorf | Async port scanner with a built-in threat surface analyst. Identifies exposed services, explains risk in plain English, and maps findings to MITRE ATT&CK techniques. | Rust, tokio |
| Fenrir | CPU-focused password cracking tool for memory-hard hash algorithms including Argon2, bcrypt, and scrypt. Uses parallel processing and rule-based candidate generation. | Rust, rayon |
| UCSAT | CLI assessment tool that helps unit leaders evaluate communications security across weighted categories and generate a local report. | Python |
| File Integrity Monitor | Detects unauthorized file additions, deletions, and modifications using SHA-256 hashing and a persistent baseline. | Python |
| Port Scanner | Multithreaded scanner for identifying open ports and exposed services across a target range. | Python |
| Password Strength Checker | CLI utility that evaluates password strength using length, composition, and entropy-based scoring. | Python |
| Project | Description | Stack |
|---|---|---|
| voice-civics-128 | Free web app for practicing the 2025 USCIS naturalization civics test by speaking answers out loud. Includes speech recognition, state-specific answers, and exam simulation mode. Live at mikelobocyber.github.io/voice-civics-128. | HTML, CSS, JavaScript |
| WolfTrack | Fully local iOS calorie tracking app that scans barcodes, retrieves nutrition data through the Open Food Facts API, and logs daily intake without a server or account. | Rust, SwiftUI, SwiftData |
| Shelf | Local-first EPUB and PDF reader for browser or desktop use. Includes bookmarks, reading progress, metadata editing, and optional library folder sync. | JavaScript, CSS, Electron |
Selected academic work from my B.S. Computer Science program strengthened my foundation in software engineering, algorithms, data structures, databases, operating systems, and quality assurance.
| Area | Example Work |
|---|---|
| Algorithms & Data Structures | Built route-planning and package-status logic using custom data structures and algorithmic analysis. |
| Software Engineering | Created design documentation, implementation plans, testing strategies, and maintainable project structures. |
| Java & Object-Oriented Programming | Developed Java-based applications using object-oriented design, validation, and structured testing. |
| Data & AI/ML | Worked with machine learning evaluation, model comparison, cross-validation, and technical reporting. |
| Quality Assurance | Created QA plans, test cases, acceptance criteria, and traceability-focused documentation. |
I maintain a Proxmox-based cybersecurity homelab on a dedicated mini PC with LUKS full-disk encryption. The lab is used for blue team practice, detection engineering, and controlled attack simulation.
| Component | Details |
|---|---|
| Hypervisor | Proxmox VE on bare metal |
| SIEM | Wazuh for log ingestion, custom rules, and MITRE ATT&CK-mapped alerts |
| Attacker VM | Kali Linux |
| Active Directory Lab | GOAD — vulnerable multi-domain environment for attack simulation and detection development |
| Self-Hosted Services | Nextcloud |
Current focus: writing and testing Wazuh detection rules for Active Directory-based attacks, including Kerberoasting, AS-REP roasting, and Pass-the-Hash.
Full documentation: lobo-homelab
| Certification | Issuer | Status |
|---|---|---|
| LPI Linux Essentials | Linux Professional Institute | Complete |
| ITIL 4 Foundation | PeopleCert | Complete |
| CompTIA Security+ | CompTIA | In Progress |
| AWS Cloud Practitioner | Amazon Web Services | Planned |
| CompTIA CySA+ | CompTIA | Planned |
Full roadmap aligned to DoD 8140: cybersecurity-certifications
| Degree / Area | Status |
|---|---|
| B.S. Computer Science | Complete |
| Artificial Intelligence and Machine Learning | Planned graduate study |
| Language | Proficiency |
|---|---|
| English | Native fluency |
| Spanish | Native / professional fluency |
| Catalan | Professional fluency |
| French | Conversational |
| Italian | Conversational |
My goal is to grow into defensive cybersecurity, cyber operations, or security engineering roles supporting DoD, government, or cleared contractor environments. I am especially interested in practical blue team work: detection logic, log analysis, threat-informed defense, and building tools that make security work easier to understand and act on.


