SJVIK

Cybersecurity Analyst · Security Operations · Incident Response

Secure systems. Measured outcomes. Real SOC experience.

5+ years in enterprise SOC environments — Splunk-driven threat detection, Python-automated alert validation, and incident response workflows built to NIST 800-53 and CJIS standards.

View Experience Get in Touch

40% MTTR reduction

Python-automated alert validation cut incident response time at Sound Transit's 24/7 enterprise SOC.

3,000+ endpoints monitored

150+ SOC incidents resolved per month across Splunk, SolarWinds, and Blackrock3 — 99.9% uptime sustained.

Multi-domain security work

CJIS Level 4 cleared. Enterprise transit, DoD, and law enforcement environments.

Experience

Professional background

Enterprise SOC operations, DoD compliance, law enforcement IT, and infrastructure auditing.

IT Operations Center Analyst

Sound Transit · Seattle, WA · Mar 2024 – Mar 2025

Led SOC workflows in a 24/7 enterprise environment across 3,000+ endpoints. Automated alert validation with Python — drove a 40% reduction in MTTR and enabled NIST 800-53 compliance. Resolved 150+ incidents/month via Splunk, SolarWinds, and Blackrock3 at 99.9% uptime. Overhauled ServiceNow workflows and built SOPs that cut analyst onboarding time by 25%.

Splunk SolarWinds Python ServiceNow NIST 800-53 HIPAA CJIS
View Case Study →

IT Security Specialist

Joint Base Lewis-McChord · Tacoma, WA · Mar 2017 – Mar 2018

Rebuilt DoD security environments for 500+ users. Managed DISA STIG-compliant Windows 10 deployment — 25% reduction in unauthorized access. Developed Splunk SIEM threat hunting protocols and vulnerability management strategies that delivered a 35% stronger security posture.

Splunk DISA STIG Windows Server Threat Hunting Vulnerability Management
View Case Study →

IT Consultant

Seattle University & City of Medina PD · Seattle, WA · Mar 2020 – Mar 2021

Secured hybrid operations for academic and law enforcement teams during COVID-19 continuity response. Enabled CJIS-compliant endpoint security for 200+ users, redesigned SolarWinds data flows for a 20% SOC efficiency gain, and built IR playbooks for cross-team knowledge transfer.

CJIS SolarWinds Endpoint Security IR Playbooks Remote Access

Enterprise Technology Auditor

TES USA / Amazon Campus · Tukwila, WA · Jul 2023 – Jan 2024

Coordinated infrastructure audits across 20+ Amazon buildings — AV systems, Cisco hardware, and projector infrastructure. Streamlined asset inventory documentation and developed improved tracking processes that shortened audit cycles and improved equipment accuracy across campuses.

Asset Inventory Cisco Infrastructure Auditing Documentation

Lab / Build

What I'm building

Applied security engineering, private AI infrastructure, and operational discipline — running in production.

Nexus Home Lab

Multi-node Proxmox cluster running isolated LXC services: private DNS via AdGuard, AI inference routing via Ollama and OpenClaw, Syncthing vault backup, and a LiteLLM proxy. Full change log, runbooks, and review-first deployment gates throughout.

View Case Study →

Lab Control Center

Auth-protected TypeScript/Express dashboard for real-time node health — live CPU/memory arc gauges, section status badges, auto-refresh every 30s, and an activity timeline. Driven by live shell collectors running on a cron cycle.

Current build tracks

  • Preview-first release flow for all website and service updates
  • Risk-based hardening reviews with prioritized remediation
  • Live service health sweeps with actionable exception reporting
  • Operational runbooks with explicit rollback and validation gates

Near-term roadmap

  • Connect live Proxmox and service collectors to all dashboard sections
  • SOC training lab — Grafana + detection exercises for cert prep
  • Case-study depth pages for key professional projects
  • CySA+ and PenTest+ certification completion

Skills

Technical toolkit

Enterprise security tooling, scripting, compliance frameworks, and infrastructure — applied in real environments.

SIEM & Detection

Splunk LogRhythm SolarWinds Blackrock3

Scripting & Automation

Python PowerShell Bash ServiceNow

Compliance & Frameworks

NIST 800-53 HIPAA CJIS DISA STIG ITIL

Infrastructure

Linux Proxmox VE Windows Server Docker / LXC Tailscale

Security Disciplines

Incident Response Threat Hunting Vuln Assessment Digital Forensics Malware Analysis

AI & Lab

Ollama OpenClaw Grafana AdGuard Home GitHub

Certifications

Active credentials

Industry certifications and clearances earned through applied security work.

Active

CompTIA Security+ CompTIA Network+ CompTIA A+ ITIL Foundation Linux Essentials (LPI 010-160) CJIS Level 4 Google Cybersecurity Certificate

In Progress — 2026

CCNA CySA+ PenTest+ Linux+ Project+ SSCP CEH

Education

Academic background

Formal cybersecurity and forensics training alongside applied professional experience.

B.S. Cybersecurity & Information Assurance

Western Governors University · Expected 2026

Competency-based program covering security operations, cryptography, network defense, risk management, and governance.

A.A. Cybersecurity & Forensics

Highline Community College

Foundation in digital forensics, network security, incident response methodology, and applied security analysis.

Connect

Let's work together

Actively seeking cybersecurity analyst, SOC, and incident response roles. If you value measured outcomes, documented processes, and someone who's done this work in real enterprise environments — let's talk.

steven@stevenjvik.tech LinkedIn Resume