Nimish Sood Security Engineering Portfolio

IT Support Specialist at AKA Energy Systems · UPEI computer science · Co-op track · Expected 2027

Nimish Sood

IT Support Specialist at AKA Energy Systems with hands-on work across identity, endpoint, virtualization, and internal security operations. Public work includes a documented SIEM HomeLab with Wazuh Indexer, Wazuh Dashboard, Graylog Server, Wazuh Manager, Debian and Windows agents, Sysmon, Packetbeat, and Fluent Bit forwarding on a VMware Workstation lab network, plus a malicious URL classification benchmark with saved metrics and a deployed Next.js product build.

Resume Email GitHub TryHackMe LinkedIn

Professional experience

Current role

Current employer work summarized here with public-safe detail.

Professional experience

IT Support Specialist · AKA Energy Systems

Contract full-time · Jul 2025 - Present · Prince Edward Island, Canada · On-site

Supports infrastructure and security operations across virtualization, identity, endpoint, server, and network environments.

  • Implemented Microsoft Entra ID Conditional Access policies to reduce exposure to token theft and unauthorized session persistence.
  • Built and configured internal phishing simulation campaigns with GoPhish for awareness testing and internal readiness exercises.
  • Provisioned and managed Windows and Ubuntu virtual machines in Proxmox, including static IP assignment and VLAN-aware configuration.
  • Improved endpoint operations with ManageEngine Desktop Central for patching, software deployment, inventory, and remote administration.
  • Contributed to early planning for a Wazuh-based SIEM deployment for centralized logging and future detection coverage.

Areas: Microsoft Entra ID, GoPhish, Proxmox VE, ManageEngine Desktop Central, Windows, Ubuntu, endpoint operations, network support.

Selected work

Public projects

Independent and school work with public repos, deployment notes, saved outputs, or live deployments.

Security infrastructure

SIEM HomeLab: Wazuh + Graylog

Case study GitHub

Task

Build a staged SIEM HomeLab that documents the Wazuh stack, Graylog, manager forwarding, and endpoint telemetry collection.

Built

VMware Workstation lab with Wazuh Indexer, Dashboard, Graylog Server, Wazuh Manager at 192.168.71.102, and Debian/Windows endpoint agents.

Artifacts

Public guides covering TLS setup, Graylog 7.0.5, MongoDB 8.0, Java 21, Fluent Bit forwarding to Graylog TCP 5555, Sysmon, and Packetbeat.

Status

Parts 1-5 are documented as complete: Indexer, Dashboard, Graylog Server, Wazuh Manager, Debian 12 agent, Windows Server 2025 agent, Sysmon, and Packetbeat.

Next work

Build Graylog parsing and routing for raw Wazuh, Sysmon, and Packetbeat messages, then add dashboards, alerting, retention policy, and finalized pipeline artifacts.

Security data analysis

Malicious URL Classification

Case study GitHub

Task

Measure what lexical URL features can separate before adding DNS, WHOIS, content, or temporal signals.

Built

Cleaning, feature engineering, binary and multiclass modeling, and saved evaluation outputs from a public Kaggle dataset.

Artifacts

651,191 rows loaded, 640,792 kept after cleaning, an 80,000-row modeling sample, and CSV outputs for binary and multiclass runs.

Status

Baseline, logistic regression, and k-NN results are saved with run metadata and class-level evaluation.

Next work

Add richer signals and rerun the benchmark with a broader feature set.

Shipped software

CropGuard

Live demo GitHub

Task

Build a usable workflow for reporting and verifying crop disease alerts during a hackathon timeline.

Built

Worked with a teammate on a Next.js 15, TypeScript, Firebase, and Leaflet application with farmer and authority flows.

Artifacts

Public GitHub repo and live Vercel deployment.

Status

Farmer reporting, authority review, authentication, map state changes, and deployment are in the live build.

Next work

Document individual contributions more clearly if the project stays in the portfolio.

Security training

TryHackMe

Hands-on training that complements the infrastructure and security work shown above.

Supporting evidence

Profile and learning path progress

Profile Certificate
Platform
TryHackMe profile with hands-on labs and public progress.
Completed
Pre Security learning path completed, certificate dated February 17, 2026.
In progress
Working toward TryHackMe Cyber Security 101 (SEC1), target May 2026.

Contact

Contact and links

Resume, email, GitHub, and LinkedIn.

Resume PDF Nimish-Sood-Resume.pdf One-page summary with experience, projects, and contact details Email vasusood889@gmail.com Direct contact GitHub github.com/NimishSood Public repos, READMEs, and result files LinkedIn linkedin.com/in/nimishsood Professional profile