Gareth Sheldon

_

Cybersecurity Professional | IT Systems Engineer

[ Cape Town, Western Cape, South Africa ]

Threat Detection
Incident Response
Security Architecture
Establish Connection
[ SCROLL TO EXPLORE ]

Personnel File

Security Clearance: Active

[SUBJECT] Gareth Sheldon — Lead Technical Engineer specializing in Cybersecurity and Infrastructure. Bridging rigid infrastructure engineering with adaptive security strategy, orchestrating secure, high-availability environments within the FinTech sector.

[EXPERTISE] Core competencies include SecOps & Incident Response (Microsoft Sentinel, KQL, SIEM/SOAR), Identity & Access Management (Entra ID, Zero Trust, Conditional Access), and Network Engineering (Cisco, FortiGate, Sophos XG). Proven compliance expertise with GDPR, PCI-DSS, ISO 27001, and Cyber Essentials.

>>

"Proactive defense and continuous monitoring are the foundations that protect digital assets from ever-evolving threats. Building security into every layer."

Classification: Standard|Status: Available|Region: ZA

S.P.E.C.I.A.L. Skills

Security Operations

Microsoft Sentinel (SIEM/SOAR)95%
SentinelOne EDR92%
Wazuh SIEM88%
KQL Detection Engineering90%
Incident Response & RCA92%

Network & Infrastructure

Cisco Routing & Switching88%
Firewall (Sophos, FortiGate, OPNsense)95%
VPN Architecture (IPsec, SSL)90%
VoIP (SIP/QoS)85%

Cloud & Identity

Microsoft Entra ID (Azure AD)94%
Microsoft Intune90%
Zero Trust & Conditional Access92%
Google Kubernetes Engine (GKE)85%
Calico & Cilium82%

Compliance & Frameworks

ISO 2700195%
GDPR, PCI-DSS, HIPAA90%
CIS Benchmarks92%
Cyber Essentials88%
IEC 62443 (Industrial)80%

DevSecOps & Automation

PowerShell Scripting92%
Python Automation85%
Docker & Kubernetes85%
Power Automate & Graph API88%
Active Directory & GPO92%

Vulnerability & Forensics

Tenable, Nessus, Qualys90%
Digital Forensics (Autopsy, FTK)88%
YARA Rules & IOC Analysis85%
MITRE ATT&CK Mapping88%

Service Record

July 2025 - Present

Lead Technical Engineer / Senior Service Desk Engineer

@ Advania UK
  • Optimized Microsoft Sentinel for advanced threat detection and KQL-based alert correlation for FinTech compliance
  • Primary escalation point for complex security incidents with EDR telemetry analysis and Root Cause Analysis (RCA)
  • Managed identity platforms using Entra ID (Azure AD Hybrid) and Intune with Zero Trust and SAML SSO
  • Engineered sophisticated Cisco infrastructure including routing, switching, and active-passive firewalls
  • Delivered strategic cloud modernization and security hardening projects under high-pressure SLA compliance
  • Provided mentorship and developed technical troubleshooting guides for internal teams
July 2022 - July 2025

Senior Technical Engineer & Cybersecurity Analyst

@ Gavotech IT Solutions
  • Led incident response efforts across cloud and on-premises environments
  • Deployed SentinelOne EDR with behavioral AI, reducing malware incidents by 35% and response times by 30%
  • Configured Sophos XG and FortiGate firewalls, reducing network breaches by 30%
  • Conducted digital forensics using Autopsy, FTK, and SANS SIFT to analyze TTPs
  • Managed 1,000+ devices across Windows, macOS, and Linux using Datto RMM
  • Architected CI/CD pipelines with Kubernetes and Docker Swarm for security tool deployment
February 2022 - April 2022

Product Tester / Game Tester

@ Testlio / Lionbridge Games
  • Executed exploratory and regression testing for mobile and web applications
  • Validated complex onboarding flows for crypto-banking platforms
  • Systematic bug documentation and technical reporting for rapid issue resolution
  • Contributed to successful enterprise-grade application launches
February 2021 - March 2022

IT Technician / Data Capturer

@ Pragmatic Accounting
  • Troubleshot network and production issues with root-cause analysis
  • Assisted in migrating critical infrastructure to cloud-based solutions
  • Proactively monitored systems to reduce downtime
  • Provided remote technical support and hardware/software installation

Mission Log

Jan 2026 - Present

IoT & OT Security Auditor Suite

PowerShell-based security assessment toolkit for IoT/OT environments

  • >Dual-version: v2.0 Enhanced (IT/ITAM, COBIT/ITIL/NIST) and v3.0 Enterprise (M365 E5, Defender for Endpoint/IoT)
  • >Automated risk scoring engine: 100+ controls, quantitative scores (0-100), qualitative classifications
  • >Compliance: GDPR, HIPAA, PCI-DSS, ISO 27001, IEC 62443
GitHub: IoT-Security-Audit-Tool
Jan 2026 - Present

The MSP Toolkit

Automated IT Diagnostic & Repair Suite with 60+ functions

  • >GUI-based PowerShell toolkit: one-click repairs (Teams, Outlook, OneDrive)
  • >System health: SFC/CHKDSK, battery health, SMART disk, large file detection
  • >Real-time network monitoring, AD secure channel verification, timestamped reports
GitHub: TheMSPToolkit
Dec 2025 - Present

CVE Detection Engineering Initiative

KQL and YARA-based detection content for emerging CVEs

  • >KQL queries for Microsoft Sentinel/Defender exploitation detection
  • >YARA rules for payload artifacts and malicious patterns
  • >MITRE ATT&CK mapping and reproducible lab environments
GitHub: CVE-Detection
Feb 2026

Cilium Platform Engineer Discovery Lab

Kubernetes networking with Cilium and eBPF

  • >Gateway API, Ingress, L4/L7 traffic management
  • >Hubble and Grafana monitoring integration
  • >LB IPAM, L2 announcements, TLS termination
Dec 2025

Azure Monitor Architecture

Enterprise-Scale AMA & Log Analytics Implementation

  • >Log Analytics Workspace with retention policies and health alerting
  • >Azure Monitor Agent (AMA) via Data Collection Rules (DCRs)
  • >Application Insights, Network Watcher, Action Groups
Dec 2025

Tirreno Open Source Security Analytics

Self-hosted security analytics engine (PHP/PostgreSQL)

  • >Detects account takeovers, bot attacks, insider threats
  • >Analyzes application behavior patterns
  • >Open-source deployment and configuration
May 2025

AD DS Administration Lab

Microsoft VPS VM hands-on assessment

  • >Domain controller deployment and AD topology management
  • >Sites, subnets, replication, OUs, GPOs
  • >NTLM restrictions, fine-grained password policies, audit policies
Dec 2024

SOC Threat Intelligence Pipeline

Honeypot, MISP, and Microsoft Sentinel Integration

  • >Automated threat intelligence ingestion via Azure Function Apps
  • >KQL analytics rules for threat correlation
  • >Real-time attacker detection on honeypot infrastructure
Dec 2024

AWS S3 & DynamoDB Integration

Web application with cloud storage integration

  • >S3 for image storage, DynamoDB for employee directory
  • >Bucket policies, IAM roles, table creation
  • >End-to-end application testing
Aug - Dec 2024

Digital Forensics: Autopsy Recovery

Recovering deleted files from disk images

  • >Data carving, keyword search, timeline analysis
  • >Evidence validation through artifact examination
  • >Detailed forensic report generation
Sep 2024

DNS Record Checker (Python GUI)

Email security verification tool

  • >Python/tkinter GUI for SPF, DMARC, DKIM checks
  • >dnspython integration for DNS queries
  • >System administrator utility
Oct - Dec 2023

SOC Automation: Wazuh, TheHive, Shuffle

Automated SOC incident response pipeline

  • >Wazuh agent events to Shuffle for enrichment
  • >TheHive integration for response coordination
  • >Windows 10 VM to cloud manager workflow
Dec 2023

Wazuh & Greenbone Vulnerability Lab

Integrated vulnerability detection and remediation

  • >GVM + Wazuh enhanced vulnerability detection
  • >Automated remediation workflows
  • >Centralized security posture dashboard
Jun 2023 - Jan 2024

OSINT Investigation Project

Open Source Intelligence methodologies

  • >Reverse image search, email OSINT, phone OSINT
  • >Tools: Epieos, HIBP, Phonebook.cz, Hunter.io
  • >PhoneInfoga, Yandex image search

Certifications

45+ Professional Certifications

Fortinet

4 certifications

Fortinet Certified Associate CybersecurityFeb 2026
NSE 3 Network Security AssociateAug 2023
NSE 2 Network Security AssociateJun 2023
NSE 1 Network Security AssociateNov 2022
[ Click to expand ]

Microsoft

3 certifications

Deploy and configure Azure MonitorDec 2025
Administer Active Directory Domain ServicesMay 2025
MS-900 Microsoft 365 FundamentalsAug 2022
[ Click to expand ]

AWS

5 certifications

Cloud Technology Consultant SpecializationDec 2024
AWS Cloud Technical EssentialsDec 2024
Automation in the AWS CloudDec 2024
Developing Applications in Python on AWSDec 2024
AWS Cloud Practitioner EssentialsJun 2024
[ Click to expand ]

Kaseya

4 certifications

Certified Technician - BullPhish IDMay 2025
Remote IT & Security Management FoundationsMay 2025
Certified Technician - Datto CybersecurityOct 2024
Certified Administrator - Datto RMMMar 2024
[ Click to expand ]

Sophos

3 certifications

Firewall Certified Engineer v20.0Nov 2024
Firewall v20.0 to v21.0 DeltaNov 2024
MSP Connect - Sales ConsultantAug 2024
[ Click to expand ]

Google

3 certifications

IT Support Professional CertificateApr 2024
IT Security: Defense against digital dark artsApr 2024
Foundations of CybersecurityMar 2024
[ Click to expand ]

Security Blue Team

5 certifications

Blue Team Junior AnalystMar 2024
Introduction to OSINTApr 2023
Introduction to Digital ForensicsApr 2023
Introduction to Vulnerability ManagementApr 2023
Introduction to Threat HuntingMar 2023
[ Click to expand ]

Cisco

4 certifications

Endpoint SecurityJun 2023
Networking Devices and Initial ConfigurationJun 2023
Networking BasicsJan 2023
Introduction to CybersecurityJan 2023
[ Click to expand ]

EC-Council

3 certifications

Android Bug Bounty HuntingApr 2024
Network Defense Essentials (NDE)Mar 2024
Dark Web, Anonymity, and CryptocurrencyJan 2024
[ Click to expand ]

IBM

2 certifications

Cybersecurity FundamentalsAug 2024
Artificial Intelligence FundamentalsMay 2024

Other

9 certifications

ISO/IEC 27001:2022 Lead Auditor (Mastermind)Apr 2025
Certified Calico Operator Level 1 (Tigera)May 2024
Tenable Vulnerability Management SpecialistDec 2024
MITRE ATT&CK v13 Foundations (AttackIQ)Sep 2024
API Security Fundamentals (APIsec)May 2024
Intro to Monitoring Kubernetes (Datadog)Mar 2024
Foundation Threat Intel Analyst (arcX)Feb 2024
Python (Basic) - HackerRankApr 2025
Scientific Computing with Python (freeCodeCamp)May 2025
[ Click to expand ]

Education

Bachelor of Science in Cybersecurity

IU International University of Applied Sciences

January 2025 - December 2029

CybersecurityData ProtectionEthical HackingDigital ForensicsPython

Establish Contact

Signal Active - Ready to Connect

Whether you need to strengthen your security posture, require a seasoned engineer for your cybersecurity initiatives, or want to discuss threat defense strategies—I'm ready to connect.

Connect on LinkedIn
"Securing systems. Defending data. Building resilience."
Built with v0