Prince Kwesi Lassey

I am a  

Specializing in security monitoring, log analysis, threat intelligence, and translating detections into incident response actions.

info@lasseysec.tech
Professional Design Banner

About Me

Portrait of Prince Kwesi Lassey

Prince Kwesi Lassey

Cybersecurity Analyst

SOC Operations Purple Team

My journey into cybersecurity has been shaped by a few twists and turns. While pursuing a BSc in Meteorology and Climate Science, I built my skills through practical experience, professional training, and hands-on projects. Security Operations (SOC), threat detection, and incident response have become areas of competence for me. Currently in my final year, this path has taught me to adapt, be resilient, and that growth rarely follows a perfect roadmap.

I bring a pattern-recognition mindset sharpened through 2+ years of hands-on cybersecurity experience. I've built and designed security labs, implemented SIEM and threat detection solutions, reviewed logs, investigated alerts, hunted for malware and phishing campaigns, developed detection rules, and automated SOC workflows. I also practice purple teaming , simulating threat actors to build stronger defences.

I'm passionate about sharing knowledge. I've volunteered as a cybersecurity trainer, helping others understand security concepts and develop practical skills. I thrive in environments where I can contribute meaningful work while learning from more experienced teammates.

My Mission

Now

Next 2–3 Years

I'm intentional about where I'm going. In the next 2–3 years, I'm deepening my expertise in SOC analysis, threat detection and incident response, while adapting to how emerging technologies, especially AI, transform the way we understand and respond to threats.

Medium-term

5–7 Year Vision

Within 5–7 years, I see myself as a Senior Analyst, leading detection strategy, mentoring junior analysts, and shaping how organizations approach threat hunting.

Long-term

The Bigger Picture

There's something bigger I'm working toward: blending cybersecurity with my background in meteorology. Satellite and space security, to me, is an untapped intersection of both fields, where the protection of weather systems and other critical infrastructure becomes essential. As my experience deepens, I want to pioneer that space.

Always

Driven by Impact

Most attacks exploit psychology, not code. If I can help one person recognize a phishing email or understand why 2FA matters, I've done something meaningful. Impact is the metric that matters most to me.

Capabilities

Tap any card to explore

SOC Operations & SIEM

Security alerts are noise until you understand them. I monitor and triage alerts across network, endpoint, and identity layers to separate real threats from false positives.

Tap to reveal

Core Capabilities

  • Analyzing security events using Splunk
  • Triaging alerts, validating suspicious activity, and escalating findings with full investigation context
  • Correlating logs and telemetry to identify attack patterns and improve detection

Impact

Helping analysts move from raw alerts to informed decisions faster through good triage.

Threat Detection & Incident Response

Every security alert is a story. I investigate by connecting evidence, attacker behavior, and telemetry to understand what happened and support faster response.

Tap to reveal

Core Capabilities

  • Analyzing phishing campaigns, malware activity, and extracting indicators of compromise
  • Performing malware analysis in sandbox environments to understand attacker intent
  • Reconstructing attack timelines and documenting findings that matter
  • Applying MITRE ATT&CK and NIST aligned processes to understand threats and support response

Impact

Transforming security alerts into actionable intelligence that improves detection, investigation, and remediation.

Network & Endpoint Security

Attackers leave traces. I analyze traffic, endpoint activity, and security controls to reconstruct how they moved and what they accessed.

Tap to reveal

Core Capabilities

  • Analyzing PCAPs to uncover suspicious activity
  • Investigating endpoint telemetry through EDR platforms and host logs
  • Detecting C2 beaconing, lateral movement, and data exfiltration patterns
  • Correlating network and endpoint signals to build a clearer security picture

Impact

Improving visibility across environments by connecting network and endpoint signals into a clearer security picture.

Security Automation & SOAR

SOC analysts are overwhelmed with repetitive work. I build workflows that automate the routine and free analysts to focus on what actually matters.

Tap to reveal

Core Capabilities

  • Automating alert enrichment and investigation workflows to reduce manual effort
  • Integrating APIs, threat intelligence platforms, and security tools
  • Augmenting analyst decisions with AI assisted analysis and natural language queries
  • Supporting faster triage and more consistent response

Impact

Helping understaffed teams do more with less by removing the tedious parts so they can focus on the hunt.

Offensive Security & Vulnerability Assessment

You can't defend what you don't understand. I think like attackers, testing, exploiting, and analyzing weaknesses, so teams can fix them before threats do.

Tap to reveal

Core Capabilities

  • Performing reconnaissance, enumeration, and vulnerability assessments
  • Testing web applications against OWASP Top 10 risks and validating real risk
  • Simulating attacker techniques in controlled environments
  • Identifying and prioritizing weaknesses that matter using Nmap, Burp Suite, Metasploit, and SQLmap

Impact

Using adversary perspectives to find vulnerabilities before they become security incidents.

Writeups

Security is a craft that sharpens with practice. These writeups are a record of that practice, each one documents my thinking, methodology, and tooling as I work through hands-on labs across offensive and defensive security disciplines. Writing clearly about what I find is as much part of the work as finding it.

107 Completed
17 In Progress
Completed In Progress Hover to pause

Certifications & Credentials

CompTIA Security+ CompTIA
CompTIA Security+ Issued by CompTIA Completed
Google Cybersecurity Professional Certificate Google
Google Cybersecurity Professional Certificate Issued by Google Completed
ISC2 CC ISC2
ISC2 Certified in Cybersecurity Issued by ISC2 Completed
Cisco CyberOps Associate Cisco
Cisco CyberOps Associate Issued by Cisco Completed
Ethical Hacker Cisco
Ethical Hacker Issued by Cisco Completed
Junior Cybersecurity Analyst Career Path Cisco
Junior Cybersecurity Analyst Career Path Issued by Cisco Completed
Certified Cybersecurity Educator Professional Red Team Leaders
Certified Cybersecurity Educator Professional Issued by Red Team Leaders Completed

Tooling

SOC Operations & SIEM
Splunk Splunk
Splunk SIEM Platform Core platform for log search, correlation, and alert triage.
Security Onion Security Onion
Security Onion SIEM / IDS Open-source platform for intrusion detection and log management.
ELK Stack ELK Stack
ELK Stack Log Analysis Elasticsearch, Logstash, and Kibana for centralized log analysis.
Suricata Suricata
Suricata IDS / IPS Network detection engine for real-time intrusion alerts.
OPNsense OPNsense
OPNsense Firewall / Network Security Open-source firewall and routing platform.
Threat Intelligence & Hunting
VirusTotal VirusTotal
VirusTotal Malware / IOC Enrichment Aggregated scanning for malware and indicator enrichment.
Shodan Shodan
Shodan OSINT / Threat Intelligence Search engine for internet-connected devices and exposures.
SpiderFoot SpiderFoot
SpiderFoot OSINT Automation Automated reconnaissance across hundreds of data sources.
YARA YARA
YARA Detection / Malware Analysis Pattern-matching rules for identifying and classifying malware.
Threat Detection & Response
Wireshark Wireshark
Wireshark Network Analysis Packet-level traffic inspection and protocol analysis.
Nmap Nmap
Nmap Network Reconnaissance Host discovery and port scanning across networks.
Metasploit Metasploit
Metasploit Penetration Testing Exploitation framework for validating vulnerabilities.
Burp Suite Burp Suite
Burp Suite Web Application Testing Intercepting proxy for testing and exploiting web applications.
Automation & AI
n8n n8n
n8n SOAR / Workflow Automation Building automated workflows to enrich alerts and reduce manual effort.
Ollama Ollama
Ollama Local LLM / AI Enrichment Running local language models to assist with analysis tasks.
Python Python
Python Scripting & Automation Used for automation, parsing, and lightweight detection tooling.
Bash Bash
Bash Linux Automation Shell scripting for system tasks and Linux-based automation.
DFIR-IRIS
DFIR-IRIS Case Management / Ticketing Collaborative incident response platform for structured case tracking and documentation.
Exploitation & Validation
SQLmap SQLmap
SQLmap SQL Injection Testing Automated detection and exploitation of SQL injection flaws.
Hashcat Hashcat
Hashcat Password Cracking High-performance password recovery and hash auditing.
Frameworks & Methodologies
MITRE ATT&CK MITRE ATT&CK
MITRE ATT&CK Threat Framework Knowledge base of adversary tactics and techniques.
NIST NIST
NIST Cybersecurity Framework Governance Structuring security operations and risk management practices.
OWASP OWASP Top 10
OWASP Top 10 Web Security Standard awareness list of critical web application risks.

Companies I've Interned With

Real-world security experience across multiple organizations

Let's Work Together

Or just grab coffee and talk security.

This chapter is about contributing to a SOC environment where I can further grow in Security Operations, where my curiosity and hands-on experience can help the team move faster. If you're building a SOC that values curiosity, collaboration, and continuous learning, that's where I want to be.

Whether you have an opportunity or just want to discuss security, threat intelligence, or how I'm thinking about the industry, reach out.

Let's build something worth defending.