Skip to main content
Abram SirekAS
Open to opportunities

Abram Sirek

@abramsirek

GIAC-certified threat analyst building live adversary telemetry, detection workflows, and incident response skills.

United States
Message

What I'm looking for

I’m looking to work in fast-paced security operations, MDR, or incident handling—using alert triaging, packet analysis, and endpoint forensics to turn threat telemetry into actionable detections and defensible incident responses.

I’m a SANS Institute of Technology student and GIAC-certified analyst (GCIA, GCIH) focused on analyzing live adversary threat activity. I map host and network telemetry to the MITRE ATT&CK framework while sharpening my skills in alert triaging, packet analysis, and endpoint forensics for real security operations work.

In my SANS Internet Storm Center (ISC) 2026 Cybersecurity Research & Threat Analysis Internship, I monitored a production SSH honeypot under high-velocity brute-force activity. I reverse-engineered multi-stage post-exploitation execution chains averaging 13 seconds, isolating persistence mechanisms, defense evasion tactics, and payload distribution—then identified and extracted IOCs and mapped malicious behavior directly to ATT&CK.

I also strengthen my incident-handling instincts through hands-on simulation and training, including a multi-stage corporate network breach scenario where I used Nmap, Metasploit, Hashcat, Bash, and PowerShell to uncover vulnerabilities and verify attacker TTPs. I’m looking to leverage this practical, defensible approach in a fast-paced security operations, MDR, or incident handling environment.

Experience

Work history, roles, and key accomplishments

LS
Current

Para-Professional

Lily Lake Elementary School

Jan 2024 - Present (2 years 6 months)

Maintained student safety and de-escalated high-stress behavioral events using active crisis intervention techniques. Documented daily progress data and worked with educational teams to execute individualized student support plans.

SANS Internet Storm Center logoSC

Cybersecurity Threat Analysis Intern

SANS Internet Storm Center

Jan 2026 - Present (6 months)

Monitored a production SSH honeypot for high-velocity brute-force attempts and analyzed rapid post-exploitation execution chains to identify persistence, evasion, and payload behavior. Extracted indicators of compromise (IoCs) and mapped malicious session behavior to the MITRE ATT&CK framework, authoring an ISC-style technical threat report with defensive recommendations.

SANS Institute logoSI

Incident Response Simulation

SANS Institute

Jan 2025 - Present (1 year 6 months)

Investigated a multi-stage corporate network breach simulation using incident-handling lifecycles and used Nmap, Metasploit, Hashcat, Bash, and PowerShell to identify vulnerabilities and audit attacker TTPs. Completed challenges by locating indicators of attack (IOAs) and verifying explicit exploits.

Education

Degrees, certifications, and relevant coursework

SANS Institute of Technology logoST

SANS Institute of Technology

Bachelor of Science in Applied Cybersecurity, Applied Cybersecurity

Grade: 3.26

Pursuing a Bachelor of Science in Applied Cybersecurity with an expected graduation year of 2026. Maintained a 3.26 GPA.

Regent University logoRU

Regent University

Bachelor of Science in Cybersecurity, Cybersecurity

2022 - 2024

Grade: 3.56

Activities and societies: Minor in Digital Forensics; 70 transfer credits completed.

Completed coursework toward a B.S. in Cybersecurity with a minor in Digital Forensics. Earned a 3.56 GPA and completed 70 transfer credits.

Get matched with your dream remote job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan