Raoul Borg Cyber Security Professional

Designing and operating security systems in production and in the lab, making sure detections actually fire and people have the right visibility.

• Implementing and tuning SIEM deployments for meaningful alerts instead of noise.
• Rolling out and maintaining security tooling (endpoint protection, Defender, Intune policies, logging agents).
• Using CTI platforms and dashboards to enrich alerts and guide monitoring and IR decisions.

Blue-team focused projects across my role and lab work, using real tools rather than just theory.

• Building and integrating SOAR-style workflows around SIEM, CTI and Defender to reduce response time.
• Hardening and monitoring endpoints at work, driven by detections and real incidents.
• Applying techniques practiced on Hack The Box (HTB) to improve detection coverage and response playbooks.

Offense-informed defense: structured testing through HTB labs and real-world security assessments in my day job.

• Hack The Box challenges to sharpen enumeration, exploitation and privilege escalation.
• Internal security assessments to map attack paths and validate that controls work as expected.
• Feeding findings back into detections, hardening and incident response processes.

A lot of my work is about removing manual steps: scripting repetitive security tasks and documenting the useful pieces.

• PowerShell to manage endpoints, enforce security baselines, and pull the right data out of systems.
• Python for parsing logs, triaging alerts and automating small pieces of the IR workflow.
• GitHub as the place for scripts, lab notes, HTB write-ups, and security tooling experiments.