status
Scanning perimeter nodes...

> initializing portfolio.exe

Joseph Tascona

Security Engineering & Detection · Cloud Defense Enthusiast

Security engineer with 1.5 years of co-op experience inside Azure-heavy environments. Builds detections, hardens identities, and automates repeatable response in Python and PowerShell. Fluent in English & French, focused on keeping cloud, Windows, and Linux estates resilient, well-instrumented, and compliant with least-privilege.

Barrie · ON English / Français Security Engineering & Detection
joseph@josephtascona.com (705) 737-7265 GitHub
Open Mission Brief

Incidents Triaged & Advisories

00

Lab Systems Hardened

00

Mean Time to Detect

00m

/dev/tty0 — status monitor
Cybersecurity avatar
scroll to deploy

/threat-intel

Mission Snapshot & Live Telemetry

Mission Snapshot

Security engineer blending hands-on help desk roots with cloud hardening, threat detection, and automation. 1.5 years of co-op inside Azure, SQL, and CI/CD-heavy environments with a focus on identity, observability, and safe-by-default releases.

  • Hardened Azure resources, storage, and pipelines with policy + scanning gates
  • Lab-first approach to detections, KQL hunts, and red/blue simulations
  • Comfortable briefing leadership en anglais ou en français with clear risk stories

Live Telemetry

Detection Engineering
Cloud Security & IAM
Network Security & Traffic Analysis
Incident Response & Forensics

Telemetry stream auto-syncs every 45 seconds.

/workflow

Model · Harden · Detect · Share

01 · Discover

Map assets, identities, and data flows. Review IAM, network segments, and existing detections before touching production.

02 · Build & Automate

Codify guardrails: least-privilege policies, hardened baselines, and CI checks that scan IaC, containers, and identities by default.

03 · Observe

Instrument logs, enrich events, and ship detections to SIEM dashboards. Hunt for anomalies with KQL and packet captures.

04 · Share & Improve

Write concise runbooks, retro on incidents, and translate red-team learnings into blue-team controls others can reuse.

/skills

Technical Arsenal

Languages

  • Python, JavaScript/TypeScript, Rust
  • PowerShell + Bash for automation and triage
  • SQL (PostgreSQL, KQL) for detection logic

Frameworks & APIs

  • Node.js/Express, Flask for quick defensive tooling
  • Secure web app auth, RBAC, and token scopes
  • API fuzzing & postman suites for misuse-case coverage

Cloud & DevOps

  • Azure & AWS governance, policy-as-code, GitHub Actions
  • Docker, Kubernetes basics, Terraform with security scanning
  • Linux/Windows hardening, backup/restore, CI/CD observability

Security & Tooling

  • Active Directory, Windows Server, VMware
  • Wireshark, Burp Suite, Nmap, Metasploit (intro)
  • SIEM operations (Splunk, Azure Sentinel) for log review and IR

Data & Analytics

  • Power BI, Tableau, Excel automation for exec visibility
  • Pandas, NumPy, log enrichment, anomaly hunting
  • Role-based dashboards with access-controlled visuals

/projects

Security Tooling & Research

Game Physics

2D Rocket Launch Simulator

Physics-driven browser sim that lets you tune thrust, burn fuel, and monitor telemetry while keeping a rocket upright through the launch window.

  • Canvas-based thrust, drag, and gravity calculations tied to dynamic fuel and mass changes
  • HUD for altitude, velocity, and crash/landing states so flights are replayable
GitHub Launch Demo
JavaScript · Canvas · Physics

TryHackMe Lab

Pyrat

Automated endpoint fuzzing and Python brute-force modules to surface a hidden admin panel, escalated to root, then drafted blue-team hardening notes for the same attack path.

  • Custom wordlists + timing analysis to avoid lockouts
  • Privilege escalation chain captured as mitigation guidance
Python · Hydra · Linux

TryHackMe Lab

Evil-GPT

Stress-tested an AI chatbot for prompt-injection, auth bypass, and rate-limit failures; produced a mitigation playbook featuring guardrails, request signing, and scoped tokens.

  • Crafted adversarial payloads & logging hooks
  • Documented proof-of-concepts for blue-team drills
JavaScript · Flask · GPT APIs

Detection Engineering

Transit Threat Surface

Role-based dashboards surfaced Azure DevOps security posture, pipeline drift, and access anomalies while enforcing least-privilege across transportation squads.

  • DirectQuery views hardened with row-level security
  • Alert hooks back into Jira / Azure Boards for tracking
Power BI · SQL · Azure DevOps

Cloud Defense

Azure Defense Kit

Hardened Azure DevOps pipelines with GitHub Actions checks, container image scanning, and Terraform plan reviews so releases stayed compliant and auditable.

  • Monitored pipelines + resolved CI/CD blockers
  • Documented runbooks for secure branching & approvals
Azure · Terraform · GitHub Actions

Detection

Log Anomaly Patrol

Built SQL/Python checks to validate ingestion pipelines, flag anomalies, and pipe summaries into Power BI visuals so incident responders saw trustworthy signals.

  • Automated integrity checks + parameterized queries
  • Shared bilingual summaries for exec briefings
SQL · Python · Power BI

/highlights

Security & Lab Highlights

2025-04

TryHackMe — Pyrat & Evil-GPT

Personal Labs

Automated fuzzing and adversarial prompts to root lab targets, then turned the same steps into blue-team detections and mitigation drills.

2024-03

Power BI Governance & RLS

Ontario Ministry of Transportation

Built dashboards with row-level security so program managers only saw data relevant to their roles, reducing exposure of sensitive transportation data.

2023-11

Azure DevOps Defense-in-Depth

Ontario Ministry of Transportation

Monitored pipelines, resolved CI/CD incidents, and enforced config standards so deployments stayed stable, signed, and policy compliant.

2023-05

Data Anomaly Investigations

Ontario Ministry of Transportation

Used SQL + Python to scan datasets, identify anomalies, and feed QA teams with validation evidence for transportation initiatives.

/certifications

Clearance & Credentials

CompTIA Security+

Scheduled · Dec 2025

B.Sc. Computer Science

Lakehead University · Orillia, ON

Expected Apr 2027

Dipl. (Hons.) Computer Programming

Georgian College · Barrie, ON

Graduated Aug 2023

/experience

Security Timeline

Ontario Ministry of Transportation

Jan 2023 — Apr 2024

Junior Security / Technical Analyst (Co-op)

  • Boosted backend + frontend performance while aligning changes to security policies
  • Led 20+ sprint ceremonies to integrate risk reviews and secure releases
  • Maintained a 98% user-story success rate with documented security controls
  • Monitored pipelines, resolved CI/CD incidents, and tuned configuration drift

Data & Insight Pods

2022 — Present

Security Analytics Collaborator

  • Designed Power BI dashboards with role-based gating, anomaly alerts, and auditability
  • Performed SQL-driven data validation and log triage for mission data
  • Built automation scripts (Python, Rust) to harden cloud storage flows

Offensive Security Labs

2021 — Present

Lab-Based Security Practitioner

  • Completed 20+ TryHackMe/HTB labs simulating real-world endpoints and services
  • Used Python, Rust, and tools like Nmap/Burp to better understand how to secure hosts and networks
  • Turned lab notes into practical guidance for troubleshooting, hardening, and incident response

Community & Mentorship

Ongoing

Security Collaborator

  • Runs bilingual study groups for cloud security certifications
  • Helps peers set up GitHub Actions + secure Terraform scaffolding

/toolkit

Loadout: Favorite Implants & Utilities

Directory Forge

Active Directory + Windows Server lab with scripted forest builds, Kerberos monitoring, and GPO hardening playbooks for rapid onboarding of identity experiments.

Stack: AD · Windows Server · PowerShell

Azure DevOps Mesh

CI/CD pipelines secured with branch protections, GitHub Actions, Terraform linting, and container scanning to keep infrastructure deployments predictable.

Stack: Azure · Terraform · Docker

SIEM Jumpseat

Splunk + Azure Sentinel workspace for log enrichment, KQL hunt notebooks, and quick detections that align with TryHackMe purple-team drills.

Stack: KQL · Splunk · Sentinel

Data Shield Vault

Power BI and Tableau dashboards with row-level security, encrypted gateways, and automated validation so sensitive transportation metrics stay trusted.

Stack: Power BI · SQL · Tableau