Jaxon Bruns

Security Operations

Daily operational throughput in a high-volume enterprise environment:

• PhishER & Malware Analysis: High-frequency triage of malicious email submissions.
• DLP Monitoring: Daily response to Data Loss Prevention alerts.
• SOAR & SIEM: Advanced case management and YARA-L rule creation in Google SecOps.
• Google SecOps Development: Daily specialized development in UDM/SIEM workflows.

Forensic Discovery

• Anomaly Detection: Discovered "Identity Recycling" behavior involving service account manipulation.
• Event Correlation: Linked app_add/remove events to specific UUID patterns.
• Detections: Engineered SecOps rules to detect admin self-targeting and unauthorized username changes.

Cloudflare Automation Suite

• SPF/DMARC Cleanup: Scripted bulk identification and remediation of security records.
• Load Balancer Hygiene: Automated audit tool to identify unused pools.

WAF Log ETL & Enrichment

• API Orchestration: Recursive ingestion tool to bypass Cloudflare's 1,000-log limit.
• Data Enrichment: Automated lookup maps to translate OWASP rule IDs into descriptions.
• WAF Tuning: JSON to CSV transformation for ASN/IP threat analysis.

Sentinel Llama - Hybrid AI Intrusion Detection System

• Architecture: Built a real-time Hybrid IDS combining local AI analysis with cloud-based threat intelligence.
• RAG Workflow: Implemented Retrieval-Augmented Generation using Pinecone to fetch MITRE ATT&CK context for log analysis.
• Detection: Automated monitoring of Windows Security logs (Events 4625/4720) with verdicts (CLEAN/SUSPICIOUS) generated by Llama 3.2.

Personal Malware Analysis Lab

• Architecture: Designed a secure, isolated environment for dynamic malware analysis using Cuckoo3 on Ubuntu.
• Engineering: Configured nested virtualization (KVM/QEMU) within VMware Workstation Pro, bypassing Windows host restrictions.

Cloud-Native Portfolio

• Infrastructure: Deployed a high-performance static site using Azure Static Web Apps with global edge distribution.
• Security & DNS: Orchestrated DNS, SSL/TLS, and CNAME flattening via Cloudflare for enhanced security and performance.
• CI/CD: Implemented continuous deployment pipelines for automated updates.

Scrum Master Intern

• Agile Ceremonies: Facilitated ceremonies across Salesforce, InfoSec, and Networking domains.
• PI Planning: Assisted in the planning of the 3rd PI Planning Session of 2025.
• Team Facilitation: Led daily standups for Kanban teams and identified workflow blockers.
• AI Initiative: Designed and implemented AI-driven workflows.

IT Intern

• Performed hardware/software troubleshooting and repair for end users.
• Designed and implemented small-scale networks and websites.

Mobile Expert

• Delivered technical support and sales solutions for mobile devices.
• Recognized for top-tier customer service and troubleshooting expertise.

University of Nebraska-Omaha

3.787 Cumulative GPA

Concentration: Cyber Operations

Minor: Mathematics & Computer Science

Metropolitan Community College

Computer Science

Azure Fundamentals (AZ-900)

Credential ID: 86147A341BD11C2B

National Cyber League (NCL)

Competed in the Experienced Students Bracket with NULLify UNOmaha.

• Overall Rank: 49th out of 500+ schools (Top ~10%).

• Team Game Score: 43rd.

Esports & CTF Leadership

• UNO Esports Officer: Managing varsity team progression.

• Summit League Champion: Valorant (2025).

• NULLify HSCTF: 3rd Place (2020).