Favour Raymond Joshua
SOC Analyst
Favour Raymond Joshua
SOC
Lagos, Nigeria — Cybersecurity Professional

Favour RaymondJoshua.

SOC Analyst  ·  Blue & Red Team  ·  SIEM Engineering

Building, breaking, and documenting enterprise-grade security labs. CompTIA CySA+ certified. Cisco certified × 6. Shipping real security work to GitHub — one lab at a time.

kali@cyberray007 ~ $
cat analyst.json
 
"name": "Favour Raymond Joshua",
"role": "SOC Analyst",
"location": "Lagos, NG",
"certs": ["CySA+","Cisco×6"],
"tools": ["Wazuh","Suricata",
         "JohnTheRipper","Nmap"],
"status": "open_to_work"
 
john --wordlist=skills.txt hashes
# 626,000 c/s · session complete
4 cracked / 13 loaded

About Me

Who I Am

I'm a SOC-focused Cybersecurity Analyst based in Lagos, Nigeria, with hands-on experience in threat detection, incident response, SIEM engineering, and both Blue and Red Team operations.

I build and document real-world security labs — from deploying Wazuh SIEM with Suricata IDS and rootkit detection, to cracking MD5 hashes with custom John the Ripper rule sets, to conducting full OSINT phishing investigations mapped to MITRE ATT&CK.

I hold CompTIA CySA+ and multiple Cisco certifications. As a full-stack developer, I don't just detect threats — I build the tooling to fight them.

Currently building my 30-Day Cybersecurity Lab Series in public, one project at a time. Open to relocation to the UK.

CySA+CompTIA Certified
Cisco Certs
30Day Lab Series
7+SOC Projects

Competencies

Core Skills

01
SOC Operations
Alert triage, threat hunting, incident response, escalation workflows
02
SIEM Engineering
Wazuh deployment, custom rule creation, log ingestion pipelines, dashboard tuning
03
Intrusion Detection
Suricata IDS, Emerging Threats ruleset, network traffic analysis
04
Threat Intelligence
IOC extraction, OSINT tools (VirusTotal, AbuseIPDB, Shodan, URLScan, MXToolbox), MITRE ATT&CK
05
Password Security
John the Ripper, custom wordlist engineering, leet speak rule authoring, MD5/hash cracking
06
Endpoint Security
File Integrity Monitoring (FIM), rootkit detection (Diamorphine LKM), EDR concepts
07
Network Security
pfSense, VLAN segmentation, packet analysis (Wireshark, Nmap), IDS/IPS
08
Penetration Testing
Burp Suite, Metasploit, Nmap, brute-force simulation, privilege escalation, lateral movement
09
Phishing & IR
Full OSINT phishing investigations, brand impersonation analysis, structured IR reports
11
Cloud Infrastructure
AWS EC2 provisioning, VPC, security groups, Ubuntu server admin, MySQL 8.4, Apache2, SSH (MobaXterm)
10
Cloud & Infrastructure
AWS EC2, two-tier architecture, Apache2, MySQL deployment, security group config, Ubuntu Server
11
Scripting & Dev
Python, JavaScript, TypeScript, Node.js — automation, tooling & API development

Labs & Projects

SOC Lab Series

FEATURED
2026 · 30-Day Lab Series
AWS Cloud Deployment — Two-Tier E-Commerce Architecture (MySQL + PrestaShop)
Provisioned two EC2 instances on AWS (eu-north-1): a dedicated MySQL 8.4.8 database server and a separate Apache/PHP app server. Deployed PrestaShop 8.1.7 across both instances with full DB separation, security group configuration, and live storefront confirmed. Identified post-deployment hardening requirements: install/ folder deletion, MySQL bind restriction, HTTPS/TLS, and admin path obfuscation.
AWS EC2MySQLApache2PrestaShopUbuntuDevSecOps
↗ View on GitHub
FEATURED
2026 · 30-Day Lab Series
AWS Cloud Deployment — 2-Tier E-Commerce Infrastructure on EC2
Provisioned two EC2 t3.micro instances on AWS (EU-North-1): a dedicated MySQL 8.4.8 database server and an Apache2/PrestaShop 8.1.7 application server. Configured VPC security groups, scoped DB user permissions, enabled mod_rewrite, and verified a fully working storefront + admin dashboard end to end.
AWS EC2MySQL 8.4Apache2PrestaShopUbuntuSSH
↗ View on GitHub
FEATURED
2026 · 30-Day Lab Series
Password Cracking — Custom Wordlist, Leet Speak Rules & MD5 Recovery
Cracked MD5 hashes using John the Ripper with a hand-authored 50-entry dinosaur wordlist and custom leet speak rule set. Recovered 4 of 13 hashes at ~626,000 c/s including multi-leet + year combos (Tyr@nn0s@urus1988).
John the RipperMD5Leet Speak RulesWordlistKali Linux
↗ View on GitHub
FEATURED
2026 · TSAcademy SOC Series
Phishing IR Investigation — OSINT & IOC Analysis
Full investigation of a real phishing email impersonating Microsoft Security Team. Analysed IOCs across 9 OSINT tools. Confirmed missing DMARC, malicious URL (VirusTotal 2/95), 95 AbuseIPDB reports. Mapped to MITRE ATT&CK.
OSINTMITRE ATT&CKVirusTotalIOC AnalysisIR Report
↗ View on GitHub
2026
Wazuh SIEM + Suricata IDS + Rootkit Detection Homelab
Three-component homelab: Wazuh full stack, Suricata with Emerging Threats ruleset, and Diamorphine LKM rootkit simulation. Wazuh rootcheck detected hidden rsyslogd process successfully.
WazuhSuricataRootkitEVE JSONFIM
↗ View on GitHub
2025 – Present
SOC Home Lab — Enterprise-Grade SOC Simulation
pfSense + VLAN segmentation + Active Directory + custom Wazuh rules. Detected 200+ brute-force attempts in 48 hours. Reduced false positives by ~35% through iterative rule tuning.
pfSenseActive DirectoryWazuhVirtualBox
↗ View on GitHub
2026 – Present
Threat Intelligence Aggregation Platform
Full-stack TI platform with Python IOC ingestion pipelines, Node.js RESTful API, and analyst dashboard with MITRE ATT&CK framework mappings for threat triage.
PythonNode.jsMITRE ATT&CKCTI Feeds
↗ View on GitHub
2025
Phishing Link Scanner
Python tool that evaluates URLs and warns users if a link is dangerous, suspicious, or safe. Built as an internship deliverable at Brainwave Matrix Solutions.
PythonURL AnalysisPhishing Detection
↗ View on GitHub

Experience

Work History

2026 – Present
Software App Tester
Boredom Limited
Functional, regression, and exploratory testing across web and mobile applications. Designed automated test scripts and collaborated with dev teams on bug documentation and tracking.
2024 – Present
Academic Head & Student Mentor
Aptech Learning
Mentoring IT students in programming, networking, and cybersecurity. Organising workshops on ethical hacking, network fundamentals, and secure coding. Achieving measurable improvements in certification pass rates.
2025 – Present
Project Manager
RentRight (Startup)
Led cross-functional Agile development teams through sprint cycles. Coordinated security reviews and data protection compliance measures across the product.
2025
Cybersecurity Analyst & Ethical Hacker Intern
Brainwave Matrix Solutions
Vulnerability assessments and penetration tests on simulated environments. Phishing simulations, social engineering exercises, SIEM log analysis, and detailed technical reporting with risk ratings.
2025
Cybersecurity Analyst Intern
Redynox
Network monitoring for suspicious activity. Assisted in configuring and tuning IDS systems to reduce false positives. Supported risk assessments and security policy documentation.
2025 – Present
Software Developer (Voluntary)
Elevation Church
Developed and maintained the church web platform using HTML, CSS, JavaScript, and Node.js. Implemented secure data handling practices and regular security reviews.
2023
Customer Care Agent
Access Bank PLC
High-volume customer inquiries with strict adherence to data protection and confidentiality protocols. Consistently achieved positive satisfaction scores.

Credentials

Certifications & Badges

🏆
CompTIA CySA+
CompTIA · Cybersecurity Analyst+
🌐
Networking Basics
Cisco Networking Academy
🌐
Networking Device & Initial Configuration
Cisco
🌐
Network Addressing & Troubleshooting
Cisco / Alison
🌐
Network Support & Security
Cisco Networking Academy
🌐
Network Technician Career Path
Cisco Networking Academy
🔒
Introduction to Cybersecurity
Cisco Networking Academy

Contact

Get In Touch

I'm open to SOC Analyst roles, cybersecurity opportunities, and security project collaboration. Open to relocation to the UK and familiar with Skilled Worker visa sponsorship requirements.

↓ Download My CV