Profile Security Networking Operations IT Lifecycles Continuous Improvement Coding Customer Service Safety Contact Resume

🔐 Security

Infrastructure & Security Highlights

  • TrueNAS + Zero Trust deployment Designed and deployed a TrueNAS SCALE storage platform secured with an NGINX reverse proxy and Cloudflare Zero Trust tunnels, enabling authenticated remote access to NAS services while masking internal network exposure and enforcing identity-based access controls.
  • Zero Trust architecture implementation Implemented a layered Zero Trust access model using Cloudflare WARP, device posture checks, and DNS-level filtering to protect internal and externally exposed services across the homelab environment.
  • Enterprise network transition support Supported production network infrastructure upgrades during fulfillment-center environment transitions, contributing to hardware lifecycle deployment and service continuity with zero operational downtime.
  • Cybersecurity CTF and incident response work Completed Capture-the-Flag cybersecurity exercises and developed structured incident response reports analyzing attack vectors, detection methods, and mitigation strategies as part of undergraduate cybersecurity training.

Skills

  • Network & Security
    VLANs, Routing, Firewalls
    Cloudflare Zero Trust, NGINX, Docker
    DNS Management, TCP/IP, VPN, DHCP
    Network Hardening, Encryption
    Threat Detection & Incident Response
    Vulnerability & Patch Management
    Access Control & Security Policies
  • Cloud PlatformsAWS Fundamentals (Compute, Networking, Storage)
    Cloud Security Concepts
    Cloud Operations Basics
  • Operating SystemsWindows, Linux, MacOS
    Mobile Platforms: iOS, Android
  • Software & ToolsActive Directory, SCCM, ServiceNow
    Bomgar Remote Support, AirWatch MDM
    HTML Documentation Platforms
  • Operations & DocumentationTechnical Writing
    Process Documentation
    Troubleshooting
    Project Coordination
    Stakeholder Communication

Certifications & Training

  • ACMT (Apple Certified Mac Technician)
  • CompTIA A+ (completed; credential expired)
  • ServiceNow Administrative Fundamentals
  • Switch/Router Essentials (CCNA coursework)
  • AWS Cloud Fundamentals Training
  • Ethical Hacking (coursework)
  • OSHA-10

🛡️ Infrastructure Security, Surveillance & Resilience

  • 📷 Camera System Upgrade for Facility Surveillance

    Collaborated with low-voltage vendors and project managers to replace over 600 security cameras across the Fulfillment Center. This upgrade significantly improved surveillance coverage, enhanced incident response capabilities, and strengthened physical security for the Loss Prevention and Safety teams.

    #PhysicalSecurity#VideoSurveillanceInfrastructure

  • 🚗 Parking Lot Camera Integration

    Secured outdoor areas by configuring access to law enforcement-monitored surveillance.

    #PerimeterMonitoring#SiteSecurityControls

  • 🖥️ Console Server Upgrade for Secure Infrastructure Access

    Upgraded the facility’s console server to the latest standard, ensuring secure, uninterrupted out-of-band access to internal networking equipment for use in high-severity incident response and troubleshooting.

    #OutOfBandManagement#SecureRemoteAccess

  • 🌐 Demarc Redundancy & Monitoring for Critical Network Security

    Identified single points of failure in WAN infrastructure and implemented UPS-based failover systems to ensure continuous connectivity. Integrated environmental and device-level monitoring to proactively detect outages, enhancing overall network resilience and availability of critical security systems.

    #WANRedundancy#HighAvailabilityNetworking

🚫 Cybersecurity & Zero Trust Initiatives

  • TrueNAS SCALE + Cloudflare Zero Trust Implementation

    Migrated NAS services to TrueNAS SCALE for improved containerization and automation. Deployed NGINX reverse proxy with Docker-managed Cloudflare Tunnel to secure services behind HTTPS without without exposing services to the public internet. Implemented Cloudflare Zero Trust Access with WARP device posture checks. Integrated AdGuard Home for DNS-level threat protection. Automated SSL management via Cloudflare API. Hardened firewall and reduced attack surface through port audits.

    #ZeroTrustArchitecture#CloudflareAccess

  • 🚩 Centralia Technology - Capture The Flag

    Completed a CTF challenge focused on log analysis, analyzing datasets containing 180,000+ log entries across multiple log files. Applied pattern recognition and data filtering strategies to efficiently analyze large datasets. Demonstrated practical skills in log monitoring, tool use, and real-world troubleshooting relevant to IT and cybersecurity roles.

    #SIEMFundamentals#ThreatDetectionWorkflow

  • 🛡️ Sifers-Grayson Security Strategy

    Designed a defense-in-depth security architecture for Sifers-Grayson, including a DMZ with firewalls, IDPS, and NAT to protect R&D systems. Recommended enterprise tools like IAM, SIEM, ALM, and forensic imaging to enhance access control, threat detection, and compliance. Prioritized segmentation, centralized monitoring, and identity-driven access controls to strengthen protection of sensitive R&D environments.

    #DefenseInDepth#SecurityStackDesign

  • 🧯 Sifers-Grayson Incident Response Report

    Led end-to-end incident response reporting for a simulated breach at Sifers-Grayson, including malware, phishing, and insider threats. Assessed impact, proposed containment and recovery strategies, and developed post-incident plans including policy creation, firewall implementation, user training, and system hardening.

    #IncidentResponseLifecycle#ContainmentStrategy

  • 🧠 Sifers-Grayson Security Posture Enhancement: Research and Analysis Brief

    Prepared a technology briefing recommending five key security solutions for Sifers-Grayson: EDR/MDR, MFA, Zero Trust, SIEM, and Security Awareness Training. Aligned each solution with known vulnerabilities and outlined implementation strategies to enhance detection, response, and overall network resilience.

    #SecurityPostureAssessment#EDREvaluation

  • Forage Mastercard Cybersecurity Virtual Experience

    Simulated work as a Security Awareness Analyst identifying and reporting phishing threats. Assessed business units to determine training needs and implemented targeted security awareness programs.

    #SecurityAwarenessEngineering#PhishingInvestigation

  • Forage AIG Shields Up: Cybersecurity Virtual Experience

    Conducted vulnerability analysis for AIG’s Cyber Defense Unit based on CISA alerts. Authored remediation guidance and scripted an ethical hacking tool to prevent ransom payments via decryption key brute-forcing.

    #VulnerabilityPrioritization#SecurityAutomation

  • Forage Tata Cybersecurity Analyst Simulation

    Collaborated with a simulated cybersecurity consulting team to implement IAM strategies aligned with business goals. Delivered technical documentation and presentations demonstrating strong communication and IAM expertise.

    #IdentityGovernance#AccessControlDesign

  • Forage ANZ Cybersecurity Management Simulation

    Investigated suspicious emails and analyzed network traffic using packet capture tools to detect potential threats. Simulated threat triage and incident response procedures.

    #NetworkTrafficAnalysis#EmailThreatAnalysis

  • Forage Datacom Cybersecurity Simulation

    Simulated a real-world incident response by analyzing a client’s cyberattack, producing a detailed report, and conducting a comprehensive risk assessment with actionable recommendations.

    #CyberRiskAnalysis#SecurityReporting

  • Forage Deloitte Australia Cyber Simulation

    Analyzed web activity logs to identify suspicious behavior during a client breach scenario. Supported forensic investigation by answering targeted security questions and uncovering unusual user activity.

    #SecurityLogInvestigation#ThreatHuntingWorkflow

  • * Selected academic and personal security projects — work samples available upon request.

Contact Me

Open to Opportunities

Security Analyst & Infrastructure Security Roles

I’m a cybersecurity-focused IT professional with 7+ years of experience supporting infrastructure and systems in enterprise environments, with a growing specialization in Zero Trust and cloud security. I’m open to roles in Security Operations, Cloud Security, and advanced IT support.

  • 7+ years in IT infrastructure and support
  • B.S. in Cybersecurity & Technology
  • AWS, Cloudflare Zero Trust, Docker, NGINX, TrueNAS
  • Hands-on security and homelab project experience

Contact

📧 Email: lucas@backyardcloud.net

📞 Phone: 413-284-2086

🔗 LinkedIn: linkedin.com/in/mancinil

🌐 Location: Massachusetts/Connecticut, United States

🎯 Target: Security Analyst • SOC Analyst • Cloud Security • Infrastructure Security