Joseph K. Tuncel

Cybersecurity Instructor & Practitioner

Defensive open-source labs for SOC, cloud IAM, incident response, threat modeling, vulnerability management, Linux hardening, and security awareness.

View GitHub Portfolio Download Instructor Resume

10: Public Repositories
2021+: Higher-Ed Teaching
Ph.D.: Computer Science

Abstract defensive security lab visual with cloud, log, timeline, and analysis panels

Selected Projects

Safe, local-first repositories with synthetic examples, tests, documentation, security policies, demo guides, and recruiter briefs.

SOC Alert Triage Kit

Scores synthetic alerts and renders Markdown briefings for analyst handoff.

SOC analyst · Detection engineering · IR

IAM Policy Least Privilege Auditor

Reviews local AWS IAM policy JSON for wildcard access, high-risk actions, and missing conditions.

Cloud security · IAM · AWS

CloudTrail Detection Lab

Runs synthetic CloudTrail detections for root activity, missing MFA, logging tampering, and S3 exposure.

Cloud SOC · SIEM logic · Teaching lab

Incident Response Timeline Builder

Normalizes evidence events into readable UTC timelines for tickets and incident review.

Incident response · Evidence · Reporting

Container Baseline Linter

Checks Dockerfiles and Kubernetes JSON manifests for root, privileged, hostPath, and host networking risks.

DevSecOps · Docker · Kubernetes

Security Awareness Micro Labs

Grades short security-awareness lessons with learner-friendly answer explanations.

Cybersecurity instructor · Awareness · Assessment

Threat Model STRIDE CLI

Turns architecture JSON into STRIDE review questions and default mitigation prompts.

AppSec · Threat modeling · Secure design

Vulnerability Prioritization Board

Ranks vulnerabilities with CVSS, exploit maturity, exposure, asset criticality, and controls.

Vuln management · Risk · GRC

Linux Hardening Audit

Audits local Linux snapshots for root SSH, password auth, IP forwarding, and duplicate UID 0 accounts.

Linux security · Hardening · Audit

PII Redaction Scanner

Finds and redacts common sensitive-data patterns before sharing logs or reports.

Privacy · GRC · Data protection

Role Fit

Teaching + practice: technical depth, classroom clarity, and repeatable defensive workflows.

Cybersecurity Instructor

Higher-education teaching since 2021, secure software development instruction, curriculum design, and learner assessment.

SOC / Incident Response

Alert triage, CloudTrail detections, incident timelines, evidence organization, and analyst communication.

Cloud IAM / DevSecOps

AWS IAM review, CloudTrail monitoring, container baselines, cloud controls, documentation, and remediation language.

Vulnerability / GRC

Risk-based vulnerability prioritization, PII redaction, audit-friendly notes, and stakeholder-ready explanations.

Proof Points

Each project is intentionally scoped to defensive use: local synthetic fixtures, no live-target scanning, no credential collection, and no offensive automation.

Working Python CLIs with unit tests and example data.
Security policies, contribution guides, issue templates, and PR templates.
Recruiter briefs and demo guides for quick technical review.
Resume packets for practitioner and instructor roles.

Download Practitioner Resume Download Instructor Resume