cybershell@soc-lab:~$
cybershell@soc-lab:~$
cybershell@threat-intel:~$
cybershell@threat-intel:~$
cybershell@honeypot:~$
cybershell@honeypot:~$
Active Certifications:
Honeypot Attacks Captured:
Vulnerabilities Responsibly Disclosed:
Endpoints Secured:

Antonio Beltran-Miller

I identify vulnerabilities before they become breaches, respond to incidents when seconds matter, and build systems that scale security operations.

Security Expertise in Action

Incident Response

Led breach containment and recovery operations. Prevented data exfiltration and restored operations in under 3 hours.

Read Case Study →

Vulnerability Research

Active security researcher in the cybersecurity community. Discovered critical supply chain vulnerabilities affecting thousands.

Multiple Accepted Reports

Security Engineering

Build production security tools and automation. Created platforms actively monitoring enterprise infrastructure.

Security Projects & Research

Featured Research

AI-Powered SOC Automation Platform

End-to-end SOC automation using Splunk, N8N, and GPT-4 for intelligent threat detection and response with real-time enrichment

10 Detection Rules • 85% Faster Triage • AI-Powered Analysis • Real Attack Validation

SplunkN8NGPT-4MITRE ATT&CKThreat IntelligenceAutomation
View Details
AI-Powered SOC Automation Platform screenshot 1

T-Pot Threat Intelligence Platform

Deployed distributed honeypot infrastructure capturing 424,000+ attacks for comprehensive threat intelligence analysis

424K+ Attacks Captured • 15K+ Unique IPs • 200+ IOCs Extracted • 10+ CVE Signatures

Threat IntelligenceHoneypotT-PotAnalysis
View Details
T-Pot Threat Intelligence Platform screenshot 1
Featured Research

Supply Chain Vulnerability Discovery

Discovered critical NPM package vulnerability enabling RCE via dependency confusion

Multiple Accepted Bug Bounty Reports • Prevented potential supply chain attack

Security ResearchResponsible DisclosureSupply Chain
View Details
Supply Chain Vulnerability Discovery screenshot 1
Featured Research

Blind XSS Detection Platform & Setup Script

Custom XSS hunter platform with SSL-encrypted dashboard, payload generation, and real-time capture monitoring - deployed from a single bash script

Zero to Production in 60 seconds • Captures stored XSS in real-time

XSSWeb SecurityAutomationBash
View DetailsCode
Blind XSS Detection Platform & Setup Script screenshot 1

Technical Proficiency Matrix

Splunk SIEM

85%
SOC AutomationT-Pot Integration

Incident Response

90%
WordPress RecoveryBreach Containment

Threat Hunting

80%
T-Pot Analysis424K+ Attacks

Detection Engineering

85%
10 Custom RulesMITRE ATT&CK

AWS Security

80%
GuardDutySecurity HubIAM

Azure Security

70%
SentinelAzure AD

Network Security

85%
pfSenseFirewall Rules

Kubernetes

65%
Container SecurityPod Policies

Python

85%
Automation ScriptsAPI Integration

PowerShell

80%
AD ManagementIR Scripts

APIs & Integration

90%
N8N WorkflowsWebhooks

CI/CD Security

75%
GitHub ActionsSecurity Scanning

Vulnerability Assessment

85%
NPM DiscoveryBug Bounty

Penetration Testing

80%
OWASP Top 10Network Pentesting

Malware Analysis

70%
Sandbox AnalysisIOC Extraction

Threat Intelligence

80%
T-Pot200+ IOCs
Professional Credentials

Industry-Recognized Certifications

8 active certifications demonstrating hands-on security expertise across SOC operations, cloud security, and network defense

8 Completed
DoD 8140 Approved
CompTIA Security+ badge

CompTIA Security+

CompTIA

October 2025

Proves ability to detect security threats, implement network security controls, manage risk and vulnerabilities, and respond to incidents—meeting DoD 8140 requirements. The gold standard certification proving I have the hands-on skills employers need from day one.

Threat Detection & ResponseRisk AssessmentNetwork Security+3 more
View Certificate
Hands-On SOC Training
LetsDefend SOC Analyst Learning Path badge

LetsDefend SOC Analyst Learning Path

LetsDefend

February 2025

Demonstrates expertise through 50+ real-world security incident simulations. Gained practical experience analyzing SIEM alerts, triaging threats, performing malware analysis, and responding to live attacks—skills that prove I can hit the ground running in a SOC environment.

SIEM Analysis (Splunk/QRadar)EDR & Endpoint SecurityReal Incident Response+3 more
View Certificate
Industry Leader Training
Google Cybersecurity Professional Certificate badge

Google Cybersecurity Professional Certificate

Coursera

November 2024

170-hour program designed by Google covering Python automation, SIEM operations, and incident response. Connects graduates with 150+ hiring employers including Deloitte, Cognizant, and Walmart—proving I have foundational skills from an industry leader.

Python Security AutomationLinux & SQLSIEM Tools (Splunk)+3 more
View Certificate
Enterprise Firewall Expertise
Fortinet Certified Associate Cybersecurity badge

Fortinet Certified Associate Cybersecurity

Fortinet

August 2025

Validates proven ability to configure and operate FortiGate security appliances used by 70% of Fortune 500 companies. Demonstrates hands-on expertise in firewall policies, VPN deployment, and threat prevention—enterprise firewall skills that translate directly to network security roles.

FortiGate ConfigurationVPN Deployment (IPsec/SSL)IPS/IDS Implementation+3 more
View Certificate
IAM Strategy Focus
SailPoint Identity Security Leader badge

SailPoint Identity Security Leader

SailPoint

2025

Vendor-agnostic credential demonstrating understanding of identity governance strategy and access management frameworks. Shows ability to implement IAM programs that balance security with business needs—critical for organizations managing complex identity ecosystems.

Identity Governance & AdministrationAccess Management StrategyIAM Program Implementation+2 more
View Certificate
Cloud Security Skills
AWS Security Best Practices Specialization badge

AWS Security Best Practices Specialization

Amazon Web Services

August - October 2025

4-course specialization proving ability to secure AWS environments using native security tools. Demonstrates expertise in monitoring (CloudWatch/GuardDuty), network controls (VPC), and IAM policies—skills needed to protect cloud infrastructure used by 32% of enterprises.

CloudWatch & GuardDutyVPC Security ArchitectureIAM Best Practices+3 more
View Certificate
Latest Version Expertise
Fortinet FortiGate 7.6 Operator badge

Fortinet FortiGate 7.6 Operator

Fortinet

August 2025

Validates hands-on proficiency with FortiGate 7.6, the latest version. Proves ability to operate and monitor enterprise firewalls with current features—showing commitment to staying updated with the latest security technologies.

FortiGate 7.6 FeaturesFirewall OperationsSystem Monitoring+1 more
View Certificate
CISSP Pathway
ISC2 Candidate badge

ISC2 Candidate

ISC2

Active until August 2026

Demonstrates commitment to achieving CISSP or SSCP—the most respected certifications in cybersecurity. Grants access to ISC2 resources and professional community, showing ambition to reach senior-level credentials recognized by employers worldwide.

CISSP PathwayProfessional DevelopmentIndustry Networking+1 more
View Certificate

Certification Highlights

8

Active Certifications

DoD

8140 Approved

Multi

Vendor Expertise

2025

Latest Achievement

Career Journey

Professional Experience

From IT support to security operations, building expertise through hands-on experience and continuous learning

Security Operations Center (SOC) Ready

Professional Development

Jan 2025 - Present
  • CompTIA Security+ certified (DoD 8140 approved)
  • Completed 100+ real-world incident simulations via LetsDefend
  • Proficient in Splunk, QRadar, and CloudWatch SIEM platforms
  • Experience with FortiGate, AWS Security Hub, and GuardDuty
  • Active threat hunting and malware analysis skills
Impact:

Ready for L1/L2 SOC Analyst role with proven hands-on experience

IT Support & Security Specialist

ALM Freight

Sep 2021 - May 2024
  • Secured 150+ endpoint fleet with 95% patch compliance
  • Reduced security incidents by 40% through proactive monitoring
  • Implemented Zero Trust network access controls
  • Managed Active Directory security and group policies
Impact:

Transformed reactive IT support into proactive security operations

Security Researcher & Vulnerability Analyst

Self-Directed

Jan 2023 – Present
  • Reported 6+ confirmed vulnerabilities (Bugcrowd/Cantina), incl. npm registry MITM → RCE (P4→P2)
  • Deployed T-Pot honeypots (8 profiles); analyzed 424,000+ attacks; published IOCs & coordinated takedowns
  • Built SOC automation: Splunk + n8n + GPT-4 for enrichment, ATT&CK mapping, and Slack alerting (10 high-fidelity rules)
  • Conducted malware analysis in FlareVM; documented persistence/IOCs and authored detections
  • Shipped Blind XSS detection platform with SSL dashboard & automated payload generation
Impact:

Combined offensive research with production-grade automation to improve detection, response, and intel coverage

Education & Certifications

Western Governors University

2021 – Present
  • B.S. in Cybersecurity & Information Assurance — Expected late 2026
  • CompTIA Security+ (Certified Oct 2025)
  • Fortinet Certified Associate + FortiGate 7.6 Operator
  • Google Cybersecurity Professional; AWS Security Best Practices (4 certs)
  • LetsDefend SOC Analyst Path; ongoing CTFs (HTB, TryHackMe, PicoCTF) & PortSwigger labs
Impact:

Sustained, hands-on upskilling aligned to SOC and detection engineering roles