About sudoRunner
sudoRunner is my professional cybersecurity portfolio.
I built this site because a resume by itself does not show enough. A resume can list tools, courses, and projects, but it does not show how someone thinks through a workflow, writes about technical work, handles sensitive material, or organizes evidence for a reviewer.
This portfolio is meant to show that layer.
Purpose: Show real evidence of my cybersecurity, ServiceNow SecOps, incident response, forensics, malware analysis, GRC, HCI, and application development work without publishing raw submissions, private data, malware samples, forensic evidence, credentials, or sensitive implementation details.
Who I Am#
I am a U.S. citizen and Penn State Cybersecurity Analytics & Operations graduate focused on ServiceNow SecOps, Vulnerability Response, cybersecurity operations, vulnerability management, and OT/ICS security.
Professionally, my strongest direction is ServiceNow SecOps and Vulnerability Response. I care about how security work actually moves: who owns the issue, what evidence supports the decision, how remediation is tracked, when exceptions make sense, how validation happens, and how the work gets closed cleanly.
Academically, my work spans incident response, malware analysis, reverse engineering, digital forensics, GRC, cloud security, network traffic analysis, user-centered design, Java application development, and security foundations.
Education#
The Pennsylvania State University#
B.S. Cybersecurity Analytics & Operations
Graduated Cum Laude
GPA: 3.88
Focus Area: Application Development
Academic Honors: The Honor Society of Phi Kappa Phi · Alpha Sigma Lambda Honor Society
What I’m Building Toward#
ServiceNow SecOps#
This is the center of gravity for my career path. I want to keep building around Vulnerability Response, SecOps workflow, assignment ownership, remediation tracking, validation, and security process design.
Primary Focus
Security Operations#
I have hands-on academic evidence in malware analysis, forensics, network traffic analysis, SIEM-style investigation, incident response, and endpoint/security lab work.
Analyst Foundation
GRC and Risk#
I am interested in the bridge between technical evidence and risk decisions: policy, privacy, cyber law, decision theory, analytic confidence, and security management.
Risk-Aware
OT/ICS Security#
OT/ICS security is a developing specialty interest. I am especially interested in cyber-physical risk, operational disruption, availability, safety, and recovery validation.
Specialty Interest
How to Read This Portfolio#
This site is organized around evidence, not just categories.
Work I Would Point to First#
ServiceNow SecOps Lab Hub#
The most career-aligned part of the site. It shows how I think about Vulnerability Response workflow, ownership, remediation, validation, exceptions, and closure.
CYBER 440: Cybersecurity Capstone Incident Response & Forensics#
A capstone investigation where the value was connecting different evidence sources into one incident story: phishing, malware activity, forensic images, memory artifacts, logs, impact, and remediation.
CYBER 366: Malware Analytics & Reverse Engineering#
The strongest malware-analysis lab collection in the portfolio. It includes static analysis, dynamic analysis, unpacking, FLOSS, ProcMon, RegShot, IDA Pro, Ghidra, Binary Ninja, and anti-debugging awareness.
IST 454: Computer & Cyber Forensics#
Selected forensic evidence covering image creation, image mounting, hash verification, registry analysis, data carving, deleted file recovery, and AI/IoT forensics research.
IST 456: Security & Risk Management#
A useful bridge between SOC-style investigation and GRC: ransomware, compromised credentials, data exfiltration, ISO 27000 concepts, policy, compliance, and contingency planning.
IST 331: User-Centered Design#
The HCI evidence behind why I care about usability. It covers user research, low/high-fidelity prototypes, Figma collaboration, usability testing, and iterative redesign.
What I Care About in Security Work#
Clear Ownership#
Security work breaks down when nobody owns the next step. I care about assignment, responsibility, escalation, and closure.
Ownership
Evidence Before Claims#
I prefer showing evidence over listing buzzwords. A claim is stronger when it connects to a lab, project, workflow, or report.
Evidence
Usable Workflows#
A workflow can be technically correct and still fail if people cannot follow it. HCI matters in security tools, dashboards, forms, and process design.
HCI
Careful Publishing#
A lot of cybersecurity work should not be dumped publicly. I try to show what I learned without exposing raw evidence, full solutions, credentials, or sensitive details.
Security First
Professional Direction#
The roles I am most interested in are the ones that combine security workflows, technical analysis, risk thinking, and communication.
Best-fit areas include:
- ServiceNow SecOps consulting
- Vulnerability Response implementation support
- vulnerability management
- cybersecurity analyst work
- security operations
- incident response support
- GRC-aware security work
- OT/ICS security-focused roles