Prince Kwesi Lassey

I am a  

Specializing in security monitoring, log analysis, threat intelligence, and translating detections into incident response actions.

Professional Design Banner

About Me

Portrait of Prince Kwesi Lassey

Prince Kwesi Lassey

Cybersecurity Analyst

SOC Operations Purple Team

My path into cybersecurity has been shaped by a few unexpected turns. I originally planned for a more traditional technology-focused route, but my journey took me through a different academic background that taught me something valuable: adaptability, resilience, and the ability to learn beyond my comfort zone. That experience showed me that growth does not always follow a perfect roadmap, but the curiosity to take the first step is what matters. I am someone who doesn't quit but sees obstacles as opportunities to understand something new.

What I bring to cybersecurity is a pattern-recognition mindset strengthened and sharpened through security practice. I investigate threats like I'm hunting down one last opponent. I bring the same focus to every engagement: patient, persistent, and determined until the threat is contained.

On the defensive side, I've built security environments, analyzed logs, hunted malware and phishing campaigns, developed detection rules, and automated SOC workflows. On the offensive side, I run purple team exercises and vulnerability assessments to understand how attacks happen, which in turn helps build stronger defences.

But here's what matters most to me: I help people get it. Whether it's simplifying why they shouldn't trust an email or walking someone through their first Splunk query, I believe security is strongest when it's shared knowledge.

I thrive in environments where I can contribute depth while learning from experienced teammates, and where my work genuinely makes systems and people safer.

My Mission

Now

Next 2–3 Years

I'm intentional about where I'm going. In the next 2–3 years, I'm deepening my expertise in SOC analysis, threat detection and incident response, while adapting to how emerging technologies, especially AI, transform the way we understand and respond to threats.

Medium-term

5–7 Year Vision

Within 5–7 years, I see myself as a Senior Analyst, leading detection strategy, mentoring junior analysts, and shaping how organizations approach threat hunting.

Long-term

The Bigger Picture

There's something bigger I'm working toward: blending cybersecurity with my background in meteorology. Satellite and space security, to me, is an untapped intersection of both fields, where the protection of weather systems and other critical infrastructure becomes essential. As my experience deepens, I want to pioneer that space.

Always

Driven by Impact

Most attacks exploit psychology, not code. If I can help one person recognize a phishing email or understand why 2FA matters, I've done something meaningful. Impact is the metric that matters most to me.

Capabilities

Tap any card to explore

SOC Operations & SIEM

Security alerts are noise until you understand them. I monitor and triage alerts across network, endpoint, and identity layers to separate real threats from false positives.

Tap to reveal

Core Capabilities

  • Analyzing security events using Splunk
  • Triaging alerts, validating suspicious activity, and escalating findings with full investigation context
  • Correlating logs and telemetry to identify attack patterns and improve detection

Impact

Helping analysts move from raw alerts to informed decisions faster through good triage.

Threat Detection & Incident Response

Every security alert is a story. I investigate by connecting evidence, attacker behavior, and telemetry to understand what happened and support faster response.

Tap to reveal

Core Capabilities

  • Analyzing phishing campaigns, malware activity, and extracting indicators of compromise
  • Performing malware analysis in sandbox environments to understand attacker intent
  • Reconstructing attack timelines and documenting findings that matter
  • Applying MITRE ATT&CK and NIST aligned processes to understand threats and support response

Impact

Transforming security alerts into actionable intelligence that improves detection, investigation, and remediation.

Network & Endpoint Security

Attackers leave traces. I analyze traffic, endpoint activity, and security controls to reconstruct how they moved and what they accessed.

Tap to reveal

Core Capabilities

  • Analyzing PCAPs to uncover suspicious activity
  • Investigating endpoint telemetry through EDR platforms and host logs
  • Detecting C2 beaconing, lateral movement, and data exfiltration patterns
  • Correlating network and endpoint signals to build a clearer security picture

Impact

Improving visibility across environments by connecting network and endpoint signals into a clearer security picture.

Security Automation & SOAR

SOC analysts are overwhelmed with repetitive work. I build workflows that automate the routine and free analysts to focus on what actually matters.

Tap to reveal

Core Capabilities

  • Automating alert enrichment and investigation workflows to reduce manual effort
  • Integrating APIs, threat intelligence platforms, and security tools
  • Augmenting analyst decisions with AI assisted analysis and natural language queries
  • Supporting faster triage and more consistent response

Impact

Helping understaffed teams do more with less by removing the tedious parts so they can focus on the hunt.

Offensive Security & Vulnerability Assessment

You can't defend what you don't understand. I think like attackers, testing, exploiting, and analyzing weaknesses, so teams can fix them before threats do.

Tap to reveal

Core Capabilities

  • Performing reconnaissance, enumeration, and vulnerability assessments
  • Testing web applications against OWASP Top 10 risks and validating real risk
  • Simulating attacker techniques in controlled environments
  • Identifying and prioritizing weaknesses that matter using Nmap, Burp Suite, Metasploit, and SQLmap

Impact

Using adversary perspectives to find vulnerabilities before they become security incidents.

Writeups

Security is a craft that sharpens with practice. These writeups are a record of that practice, each one documents my thinking, methodology, and tooling as I work through hands-on labs across offensive and defensive security disciplines. Writing clearly about what I find is as much part of the work as finding it.

107 Completed
17 In Progress
Completed In Progress Hover to pause

Certifications & Credentials

CompTIA Security+ CompTIA
CompTIA Security+ Issued by CompTIA Completed
Google Cybersecurity Professional Certificate Google
Google Cybersecurity Professional Certificate Issued by Google Completed
ISC2 CC ISC2
ISC2 Certified in Cybersecurity Issued by ISC2 Completed
Cisco CyberOps Associate Cisco
Cisco CyberOps Associate Issued by Cisco Completed
Ethical Hacker Cisco
Ethical Hacker Issued by Cisco Completed
Junior Cybersecurity Analyst Career Path Cisco
Junior Cybersecurity Analyst Career Path Issued by Cisco Completed
Certified Cybersecurity Educator Professional Red Team Leaders
Certified Cybersecurity Educator Professional Issued by Red Team Leaders Completed

Tooling

SOC Operations & SIEM
Splunk Splunk
Splunk SIEM Platform Core platform for log search, correlation, and alert triage.
Security Onion Security Onion
Security Onion SIEM / IDS Open-source platform for intrusion detection and log management.
ELK Stack ELK Stack
ELK Stack Log Analysis Elasticsearch, Logstash, and Kibana for centralized log analysis.
Suricata Suricata
Suricata IDS / IPS Network detection engine for real-time intrusion alerts.
OPNsense OPNsense
OPNsense Firewall / Network Security Open-source firewall and routing platform.
Threat Intelligence & Hunting
VirusTotal VirusTotal
VirusTotal Malware / IOC Enrichment Aggregated scanning for malware and indicator enrichment.
Shodan Shodan
Shodan OSINT / Threat Intelligence Search engine for internet-connected devices and exposures.
SpiderFoot SpiderFoot
SpiderFoot OSINT Automation Automated reconnaissance across hundreds of data sources.
YARA YARA
YARA Detection / Malware Analysis Pattern-matching rules for identifying and classifying malware.
Threat Detection & Response
Wireshark Wireshark
Wireshark Network Analysis Packet-level traffic inspection and protocol analysis.
Nmap Nmap
Nmap Network Reconnaissance Host discovery and port scanning across networks.
Metasploit Metasploit
Metasploit Penetration Testing Exploitation framework for validating vulnerabilities.
Burp Suite Burp Suite
Burp Suite Web Application Testing Intercepting proxy for testing and exploiting web applications.
Automation & AI
n8n n8n
n8n SOAR / Workflow Automation Building automated workflows to enrich alerts and reduce manual effort.
Ollama Ollama
Ollama Local LLM / AI Enrichment Running local language models to assist with analysis tasks.
Python Python
Python Scripting & Automation Used for automation, parsing, and lightweight detection tooling.
Bash Bash
Bash Linux Automation Shell scripting for system tasks and Linux-based automation.
DFIR-IRIS
DFIR-IRIS Case Management / Ticketing Collaborative incident response platform for structured case tracking and documentation.
Exploitation & Validation
SQLmap SQLmap
SQLmap SQL Injection Testing Automated detection and exploitation of SQL injection flaws.
Hashcat Hashcat
Hashcat Password Cracking High-performance password recovery and hash auditing.
Frameworks & Methodologies
MITRE ATT&CK MITRE ATT&CK
MITRE ATT&CK Threat Framework Knowledge base of adversary tactics and techniques.
NIST NIST
NIST Cybersecurity Framework Governance Structuring security operations and risk management practices.
OWASP OWASP Top 10
OWASP Top 10 Web Security Standard awareness list of critical web application risks.

Companies I've Interned With

Real-world security experience across multiple organizations

Let's Work Together

Or just grab coffee and talk security.

This chapter is about contributing to a SOC environment where I can further grow in Security Operations, where my curiosity and hands-on experience can help the team move faster. If you're building a SOC that values curiosity, collaboration, and continuous learning, that's where I want to be.

Whether you have an opportunity or just want to discuss security, threat intelligence, or how I'm thinking about the industry, reach out.

Let's build something worth defending.