Matthew Nunez

Cybersecurity & IT Professional

Cybersecurity professional with a passion for hands-on learning

View Projects Get In Touch

About Me

Cybersecurity professional serving as an IT Security Program Specialist with the State of Tennessee, where I focus on disaster recovery planning, business impact analysis, and NIST SP 800-53 compliance. I hold a B.S. in Cybersecurity from Missouri Western State University and bring a disciplined, team-first mindset shaped by years as a student-athlete. Driven by a genuine passion for cybersecurity, I'm committed to continuously sharpening my skills and making a real impact in the field.

When I'm away from the keyboard, I enjoy fishing, staying active at the gym, and watching movies. Activities that help me recharge and bring fresh perspective to technical challenges.

Security

  • Network Security
  • Cyber Threat Intelligence (CTI)
  • SIEM/Log Analysis
  • Pishing Analysis

System Administration

  • Linux/Windows Server
  • Virtualization (Proxmox/VMware)
  • Networking (TCP/IP, VLANs)
  • Cloud (AWS)

Tools & Tech

  • Docker/Kubernetes
  • Python Scripting
  • Active Directory
  • Splunk
  • Power BI

Experience

May 2025 - Present

IT Secuirty Program Specialist

State of Tennessee

  • Coordinate and manage annual Business Impact Analyses (BIAs) with multiple agency partners to identify critical systems, recovery priorities, and operational risks
  • Develop, maintain, and update Disaster Recovery (DR) and Contingency Plans in alignment with organizational requirements and NIST SP 800-53
  • Ensure organizational compliance with NIST SP 800-53 controls related to contingency planning, Recovery Time Objective (RTO) / Recovery Point Objective (RPO) Analysis
  • Produce clear, concise dashboards, reports, and executive-level presentations for agency partners and auditors to communicate risk posture, gaps, and remediation status
  • Plan, coordinate, and execute functional and tabletop disaster recovery tests, validating recovery procedures, communication workflows, and system restoration capabilities.
February 2024 – July 2024

IT Infrastructure Intern

Boehringer Ingelheim

  • Provided technical support and managed data center operations, gaining skills in server installation, networking, and troubleshooting.
  • Verified system configurations for accuracy, troubleshooting issues related to endpoint enrollments, data backups, and network setups.
  • Led a file organization project for 400+ employees, enhancing project management and data analysis skills
  • Improved communication skills through staff coordination and accurate data collection

Certifications

🔒

Security+

CompTIA

2024
🌐

Network+

CompTIA

2025
💻

A+

CompTIA

2024
🔧

Cisco Certified Support Technician

Cisco Cybersecurity

2025
🔍

SecAI+

CompTIA

2025
☁️

AWS Solutions Architect Associate

Amazon Web Services

In Progress

Projects

🏠 HomeLab Infrastructure

Ongoing

Self-hosted media and network services lab built on enterprise virtualization technology. Features containerized applications, network segmentation, VPN tunneling, and DNS-level ad blocking. Continuously expanding with security monitoring and home automation capabilities.

Proxmox Docker Linux Pi-hole VPN LXC
View Details
  • Hardware: Dell OptiPlex running Proxmox VE, managed remotely
  • Virtualization: Multiple VMs and LXC containers for service isolation and resource efficiency
  • Media Stack: Jellyfin media server with Jellyseerr request management and *arr automation suite (Sonarr, Radarr, etc.) running in Docker containers
  • Security: VPN tunnel for media VM traffic, Pi-hole DNS sinkhole for network-wide ad blocking, network segmentation separating lab from ISP network
  • Network: Mesh network with multiple access points providing dedicated lab infrastructure, isolated from primary ISP-provided network
  • Future Plans: Security Onion for network monitoring and threat detection, Home Assistant for IoT device automation and integration

☁️ AWS Portfolio Hosting

Completed

Self-hosted portfolio website built from scratch and deployed using AWS services. Implemented CloudFront CDN, S3 static hosting, Route 53 DNS management, and SSL/TLS encryption.

AWS S3 CloudFront Route 53 ACM HTML/CSS
View Details
  • Architecture: Static site hosted on S3 bucket with public access policies, distributed globally via CloudFront CDN for low-latency performance
  • Domain & DNS: Custom domain (matthewnunez.com) managed through Route 53 with A record aliases pointing to CloudFront distribution
  • Security: Free SSL/TLS certificate provisioned via AWS Certificate Manager with DNS validation, enforced HTTPS redirection on CloudFront
  • Cost Optimization: Leveraged AWS Free Tier benefits and cost-effective services.
  • Development: Custom HTML/CSS with dark mode design, responsive mobile-first layout, optimized assets for fast loading

🛡️ TryHackMe SOC Level 1

Completed (Certificate earned)

Comprehensive hands-on training path focused on Security Operations Center fundamentals. Completed modules covering cyber defense frameworks, network security monitoring, threat intelligence, incident response procedures, and SIEM analysis using industry-standard tools.

SIEM Splunk Wireshark IDS/IPS Threat Hunting Incident Response
View Details
  • Network Analysis: Packet capture analysis with Wireshark, identifying malicious traffic patterns and suspicious network behavior
  • SIEM Operations: Log analysis and correlation using Splunk, creating custom queries and alerts for threat detection
  • Threat Intelligence: Understanding attack frameworks (MITRE ATT&CK), analyzing indicators of compromise (IOCs), and threat actor TTPs
  • Incident Response: Hands-on practice with incident handling procedures, evidence collection, and security event triage
  • Security Tools: Experience with Snort, Zeek, Suricata for network intrusion detection and prevention

🔐 Microsoft Entra ID Administration Lab

Completed

Hands-on identity and access management lab simulating real-world IT administration for a small law firm environment. Conducted on Azure Free Tier covering the full scope of tasks an on-call IT technician would encounter managing Microsoft Entra ID.

Microsoft Entra ID Azure IAM Conditional Access RBAC MFA
View Details
  • User Lifecycle Management: Provisioned, disabled, deleted, and restored user accounts simulating onboarding, leave of absence, and offboarding workflows including secure password resets
  • Group Management: Created and managed security groups with assigned membership, documented dynamic membership rules as a P1 enterprise feature
  • Roles and Permissions: Assigned and revoked built-in Entra roles including Helpdesk Administrator and User Administrator following least privilege principles to minimize attack surface
  • Conditional Access and MFA: Documented Conditional Access policy configuration and MFA enforcement strategies including the distinction between free Security Defaults and P1 Conditional Access policies
  • Incident Investigation: Investigated simulated security incidents using sign-in logs and audit logs, identified VPN false positives, and traced exact account changes through modified properties
  • Documentation: Fully documented on GitHub including objectives, steps, licensing considerations, and real-world context for each lab task

Get In Touch

Interested in collaborating or have a question? Feel free to reach out!

📧

Email

matthew.nunez3511@gmail.com

 💼

LinkedIn

/in/matthewnunez

 💻

GitHub

Coming Soon
📄 Download Resume