Hands-on competition has been one of the most valuable parts of my cybersecurity experience. From national leagues to red team defense simulations, I’ve worked across a wide range of roles — from Splunk administration and OSINT analysis to Windows Server hardening and inject response. These events have challenged me to adapt quickly, collaborate under pressure, and continually build on my technical foundation. Below are highlights from the competitions I’ve participated in.
Focus Areas: Log Analysis • OSINT • Network Traffic Analysis
Rank: Top 6% Nationally (263rd out of 4,894 competitors)
During the Fall 2024 National Cyber League (NCL), I served as a core contributor on my team, focusing on log analysis, open-source intelligence (OSINT), and network traffic analysis. I earned a perfect score in all sections I contributed to, helping push our overall performance forward.
Much of my participation took place remotely — often from the backseat of a car while traveling to away games with my hockey team. Despite the challenges, I leaned on tools like Nmap and PowerShell ISE (my first time using it) to write custom scripts and automate parts of our investigation workflow.
This competition deepened my experience in rapid forensic analysis and flexible problem-solving under pressure. It also highlighted areas for future growth, especially in password hash cracking, which I plan to improve on going forward.
Focus Areas: Splunk Administration • Windows Workstation Security
Result: 5th Place in Regional Qualifiers · 98% Service Uptime
As the Splunk and Windows Workstation Administrator for our CCDC team, I was responsible for maintaining security and uptime on our user-facing systems while deploying and managing a full Splunk logging stack. With just two weeks’ notice, I learned to install and configure Splunk and the Universal Forwarder from scratch — an experience that proved invaluable once the red team launched their attacks.
Despite one teammate’s Active Directory server being compromised — which led to me getting locked out of my workstation — I successfully broke back into the system and only missed a single scoring loop during the incident. I maintained 98% service uptime across the event, contributing significantly to our 5th place finish in the regional qualifiers.
This competition sharpened my ability to detect and respond to breaches in real time, strengthened my understanding of log aggregation, and pushed me to adapt quickly under pressure. Looking ahead, I plan to deepen my knowledge of Active Directory to better support domain infrastructure in future events.
Focus Areas: Splunk • OSINT • Inject Response
Role: Inject Specialist · Team Organizer
In the Spring 2025 NCAE Cyber Games, I competed as part of a team I assembled, contributing primarily to inject-based challenges that required quick thinking and strong problem-solving skills. My focus areas included Splunk log analysis, open-source intelligence (OSINT), and ad-hoc injects requiring scripting or incident response write-ups.
I achieved a 100% score on both OSINT and Splunk injects, helping our team stay competitive across the dynamic portions of the event. The competition gave me additional hands-on experience with Splunk and exposed me to the fast-paced demands of red vs. blue style scenarios.
While I didn’t have a leadership role during the event itself, forming the team gave me a better appreciation of preparation and skill coverage. In the future, I aim to grow my Linux server administration skills to contribute more effectively across the infrastructure side of the competition.
Focus Areas: Windows Server 2025 Administration • Team Coordination
Role: Team Captain · Windows Server Admin
During the Summer 2025 eCitadel cyber competition, I led and coordinated two teams on behalf of our university cybersecurity club while also managing our Windows Server 2025 environment. My responsibilities included system hardening, log analysis, and threat detection using tools like Nmap, Event Viewer, and Malwarebytes.
We encountered major challenges right from the start — Windows Defender was already disabled, and a rootkit was pre-installed and embedded within a device driver, making early detection extremely difficult. Although we weren’t able to fully contain the compromise during the event, the experience gave me deep insight into how group policy and driver-level threats interact within Windows Server environments.
This competition pushed my leadership and technical skills simultaneously, highlighting the importance of proactive registry analysis and baseline validation. It also helped me better understand Windows internals and AD-based security dependencies, areas I plan to focus on more heavily moving forward.