Available for SOC & Cybersecurity Analyst roles · Charlotte, NC · Remote OK

Michael Kurdi

/ SOC-oriented security analyst · detection engineer · builds Python tooling & LLM expert systems.

michael@kurdi: ~ zsh
michael@kurdi :~$ whoami
View featured builds GitHub resume.pdf
  • 8+yrs cleared ops
  • 4shipped security builds
  • 99.68%phishing F1 (5-fold CV)
  • 3.96GPA · summa cum laude

01 / about

$ cat about.md

I'm Michael Kurdi — a CompTIA Security+ professional with more than eight years in federally regulated, security-cleared environments (FAA, OSHA, IATA, CBP). I hold a B.S. in Information Technology (Cybersecurity) from SNHU (Summa Cum Laude, 3.96 GPA) and focus on incident response, detection engineering, and Python security tooling.

I'm targeting SOC Analyst / Cybersecurity Analyst roles and I ship real code: rule-based log anomaly engines, ML phishing classifiers with cross-validated metrics, and prompt-engineered expert systems packaged with docs, tests, and print-ready resumes. I care about reproducibility, clean READMEs, and outputs a human reviewer can actually verify.

Press K anywhere to open the command palette. Or jump to #terminal for an interactive shell.

Detection & analytics

Rule-based and statistical engines for logs and email. Anomaly categories, SOC-style triage output, ML pipelines with measured cross-validated performance.

Expert LLM systems

Role priming, XML structuring, CoT, ReAct, self-reflection, and hallucination guardrails — shipped as reproducible prompts with GitHub-ready docs and UIs.

Full-stack delivery

Python, React, Flask, SQLite, REST APIs, CI-friendly static sites on GitHub Pages — with READMEs and UX that hold up to real reviewers.

02 / projects

$ ls -la ./featured

Open source, documented, deployable. No hand-waving — every repo has a README and runnable code.

Prompt System · React featured

StockPath Navigator

AI-powered trading expert system · 17 prompt-engineering techniques

stockpath-navigator
// analyze AAPL — ReAct loop
user > analyze AAPL trend
◆ reasoning: bullish pattern
◆ risk: moderate
◆ confidence: 87%
safety guardrails active

A disciplined system prompt that turns any reasoning-capable LLM into a stock market analyst and trading coach. Real-time analysis, trade journaling, emotional-state management, and an interactive React dashboard.

  • Prompt Engineering
  • ReAct
  • CoT
  • React
  • Safety Guardrails
Python · Flask · SQLite v1.0

VulnTrack Dashboard

Full-stack vulnerability management · KPIs · CRUD · REST

vulntrack · GET /api/vulnerabilities
// severity triage dashboard
200 OK 12 records loaded
critical: 3
high: 5
resolved: 4 patched

Full-stack dashboard with KPI tracking, color-coded severity, CRUD, live search/filter, and toast notifications — pre-seeded with 12 sample records. Dark-mode cybersecurity branding on a REST API.

  • Python
  • Flask
  • SQLite
  • REST
  • CRUD
Python · scikit-learn ML

Phishing Email Classifier

TF-IDF + Random Forest · 99.68% F1 · 5-fold CV · interpretable

phishing-email-classifier
# RandomForest + TF-IDF pipeline
>>> features_engineered = 207
>>> f1_cv5 = 0.9968
>>> importances.head(5)
# surfaces what drove each label

Text-based feature extraction with TF-IDF plus custom regex signals, feature-importance analysis for interpretability, and SOC-style reasoning about what drove each label.

  • Python
  • scikit-learn
  • TF-IDF
  • Cross-validation
Python · pandas · NumPy SOC

Log Anomaly Engine

Rules + statistics for brute force, port scans, volume spikes

detect --input auth.log
# rule + statistical engine
brute_force threshold hit (5/60s)
port_scan pattern detected
z_score volume spike (3.4σ)
alerts structured for SOC triage

Brute-force thresholds, port-scan patterns, off-hours access, unknown-IP heuristics, privilege escalation, and z-score volume spikes — with output structured for SOC-style triage pipelines.

  • Python
  • pandas
  • NumPy
  • Log analysis

03 / stack

$ cat ~/.stackrc

Daily drivers — tools I actually ship with, not buzzwords.

Languages

  • Python90%
  • JavaScript / TypeScript75%
  • Bash / Shell70%
  • SQL65%

Security

  • Detection engineering85%
  • Incident response80%
  • Vulnerability mgmt75%
  • Access control / IAM70%

Frameworks & Data

  • Flask · FastAPI80%
  • React75%
  • pandas · NumPy85%
  • scikit-learn78%

Tooling

  • Git · GitHub Actions90%
  • VS Code · Cursor85%
  • Docker70%
  • LLM APIs · Prompt Eng80%
pythonreactflask fastapipandasnumpy scikit-learntf-idfrandom-forest sqliterestgit dockergithub-actionsbash regexprompt-engineeringreact-native socsiemincident-response siem-huntingmitre-att&ckyara

04 / timeline

$ git log --oneline --career

Commits to the career repo. Most recent first.

  1. a1b2c3d
    2026HEAD → main

    Shipped StockPath Navigator v3.0 + portfolio overhaul

    17-technique prompt-engineered trading system with React UI. Refreshed this site for a developer-first feel — keyboard shortcuts, interactive terminal, SEO polish.

  2. f4e5d6a
    2025milestone

    Earned B.S. IT Cybersecurity · summa cum laude · SNHU

    3.96 GPA. President's List. Alpha Sigma Lambda. Capstone in detection/response fundamentals.

  3. 9c8b7a6
    2025cert

    Passed CompTIA Security+ ce

    Foundational certification aligned with SOC and GRC expectations.

  4. 5d4c3b2
    2024build

    Open-sourced phishing classifier + log anomaly engine

    ML and rule-based detection with cross-validated metrics, feature interpretability, and SOC-shaped triage output.

  5. 1a2b3c4
    2017–presentops

    8+ yrs · cleared, regulated operations

    FAA, OSHA, IATA, CBP compliance. Security clearance + CBP badge endorsement. Access control, audit readiness, incident-handling reflexes you can't fake.

05 / terminal

$ ./portfolio.sh

A real sandboxed shell. Try help, about, projects, skills, contact, sudo hire-me.

zsh — michael@kurdi — 120×40
michael@kurdi:~$

06 / contact

$ curl michael --hire

Open to SOC Analyst / Cybersecurity Analyst / Detection Engineering · remote or Charlotte, NC.

Email me Download resume.pdf Web resume
GitHub
@KM-it-ops
LinkedIn
michael-kurdi
Email
kurdi.michael.it@gmail.com