Skip to content
View mello-io's full-sized avatar
🎯
Focusing
🎯
Focusing

Achievements

Achievement: QuickdrawAchievement: YOLO

Achievements

Achievement: QuickdrawAchievement: YOLO

Highlights

  • Pro

Block or report mello-io

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
mello-io/README.md

Hello there !! Let's Connect!β˜•πŸ’¬

πŸ‘¨πŸ»β€πŸ’» Security File : [DECLASSIFIED]

type:             public_trust
name:             Derick Dmello
located_in:       Albany, New York
status:           Open to β†’ SOC | GRC | DFIR roles
industry:         Public Sector & Higher Ed. Cyber Defence

education:
  - "Self-taught Red Teamer with a core focus on Cyber Defence"
  - "πŸŽ“ M.S. Digital Forensics & Cyber Security"
  - "πŸŽ“ B.S. IT Infrastructure Management & Cyber Security"

fields_of_interest:
  - "Security Operations (SOC Tier 1–3)"
  - "Incident Response & Digital Forensics (DFIR)"
  - "Governance, Risk & Compliance (GRC)"
  - "Cyber Threat Intelligence & OSINT"
  - "Cloud Security & DevSecOps"

technical_background:
  - "Threat Detection, Log Correlation & SIEM Engineering"
  - "IR Playbook Development & Root Cause Analysis"
  - "Security Compliance β†’ NIST CSF/800-53, CIS, ISO 27001, ISO 42001, SOC2, PCI-DSS"
  - "Vulnerability Assessment & Adversary Simulation"
  - "Sandboxing, Virtualization & Homelab Infrastructure"

currently_building:
  - "SIEM detection rule library (Splunk + Elastic)"
  - "IR automation scripts (Python-based triage & log aggregation)"
  - "ATT&CK-mapped homelab threat simulation environment"

2026_goals:
  - "Ship 3+ public security engineering projects"
  - "Contribute to open-source threat intel tooling"
  - "Earn CISSP / OSCP"

πŸ“Š GitHub Activity

πŸ”¬ Featured Projects

Project Description Status
🏒 ResolvX GRC A complete end-to-end GRC program for a fictional mid-size fintech SaaS service organization 🟒 Active
🐍 Mini-PySec Projects Python security tool suite β€” offensive & defensive, built through full SDLC 🟒 Active
πŸ—οΈ Homelab Enterprise IT Simulated enterprise IT environment for detection & response testing 🟒 Active
πŸ“‘ SIEM Detection Library Splunk & Elastic detection rules mapped to MITRE ATT&CK πŸ”¨ In Progress
πŸ“‹ IR Automation Scripts Python-based incident triage, log parsing & IOC correlation tooling πŸ”¨ In Progress

🧰 Toolkit

Security Ops Splunk Β  Elastic Stack Β  MS Sentinel Β  Wazuh Β  CrowdStrike Falcon Β  The Hive Β  MITRE ATT&CK Β  Nessus Β  OpenVAS
DFIR Autopsy Β  Volatility Β  KAPE Β  FTK Imager Β  Redline Β  Belkasoft X Β  Wireshark Β  CAINE
Network & Infra Cisco Β  Checkpoint NGFW Β  Active Directory Β  VPN / IDS / IPS Β  VMware ESXi Β  Entra ID
Compliance NIST CSF Β  NIST 800-53 Β  NIST 800-37 Β  ISO 27001:2022 Β  ISO 42001:2023 Β  PCI-DSS Β  HIPAA Β  SOC 2 Β  Vanta Β  RSA Archer

"Security is not a product, but a process." – Bruce Schneier

Pinned Loading

  1. Operations-in-Cyber-Defense-I Operations-in-Cyber-Defense-I Public

    This academic project explores defensive cybersecurity operations through practical implementation of Security Operations Center (SOC) workflows and Network Security Monitoring (NSM)

    1

  2. Operations-in-Cyber-Defense-II Operations-in-Cyber-Defense-II Public

    This project demonstrates Digital Forensics and Incident Response (DFIR) methodologies in enterprise Security Operations Centers.

  3. ResolvX-GRC-Program ResolvX-GRC-Program Public

    A complete end-to-end GRC program for a fictional mid-size fintech SaaS service organization "ResolvX".

    HTML

  4. Mini-PySec-Projects Mini-PySec-Projects Public

    Small scale locally deployable python projects for offensive and defensive security.

    Python

  5. Project-HIKE Project-HIKE Public

    An end-to-end on-prem enterprise security lab designed to simulate real-world adversary behavior and validate defensive detection and response using SysSDLC principles, MITRE ATT&CK, and SOC tools.

  6. Project-T1 Project-T1 Public

    This project focuses on understanding how real attacker behavior is observed, detected, and analyzed by a modern EDR platform