Evanildo Ribeiro

SOC Analyst & Security Engineer | AI Security Research

Contact Me
Evanildo Ribeiro — Cybersecurity Professional

Evanildo Ribeiro

SOC Analyst & Security Engineer | AI Security Research

SOC Analyst and Security Engineer with proven experience in defensive security operations, research-driven threat analysis, and applied incident response. I combine a strong technical foundation with a proactive mindset to detect, analyse, and respond to security events.

Deeply passionate about AI Security Research, I am focused on understanding and mitigating the emerging threats that AI systems introduce, delivering reliable protection across systems and infrastructure.

My goal is to bridge security operations, engineering, and AI security research to build resilient systems that protect organisations against both today’s threats and tomorrow’s emerging challenges.

Location London, UK
Experience Level Entry-Level
Work Authorisation UK, EU & Brazil
Languages English – Fluent  |  Portuguese – Native  |  Spanish – Intermediate
Download CV Contact Me

What I Do

Focused on supporting security operations, analysis, and defensive cybersecurity practices

01

Security Monitoring & Analysis

I actively monitor and analyse security alerts, logs, and events to identify threats and suspicious behaviour. This includes applying SOC workflows, supporting accurate escalation, and maintaining clear documentation to ensure effective detection and response across security operations.

02

Threat Awareness & Risk Support

identify and assess security risks by applying cybersecurity principles, threat intelligence, and risk-based thinking. This includes researching vulnerabilities, analysing attack techniques, and developing defensive strategies to reduce exposure and support informed security decision-making.

03

Incident Support & Investigation

I support incident response by conducting structured investigations, gathering evidence, and applying defined response processes. This includes maintaining information integrity, documenting findings accurately, and contributing to effective containment and resolution of security events.

04

Security Research & Continuous Learning

I actively engage in cybersecurity and AI Security research to stay ahead of emerging threats, tools, and defensive techniques. This includes hands-on labs, independent research into AI-driven attack surfaces, and continuous skill development aligned with SOC and Security Engineering roles.

AI Security Research

Exploring the intersection of artificial intelligence and cybersecurity — focusing on emerging threats, adversarial techniques, and defensive strategies.

MITRE ATLAS — AI Threat Framework Last Updated: April 2026
In Progress 2026

Prompt Injection Attack Techniques

Analysis of prompt injection vectors targeting LLM-based applications, including direct, indirect, and multi-step attack chains mapped to MITRE ATLAS tactics.

Prompt Injection LLM Security MITRE ATLAS
Read Writeup
Planned 2026

Adversarial ML & Model Poisoning

Examining adversarial example generation and training-time poisoning attacks against machine learning models used in security tooling and detection systems.

Adversarial ML Model Poisoning MITRE ATLAS
Read Writeup
Planned 2026

LLM Security Testing Toolkit

A practical open-source toolkit for probing LLM-based applications for injection flaws, jailbreak vectors, data leakage, and common security misconfigurations.

Tool Release LLM Security Python
View on GitHub

Research published on GitHub and external platforms as completed — updated as new analysis is produced.

Core Security Principles

The CIA Triad

The foundational model that guides every defensive decision. Confidentiality, Integrity, and Availability define how I assess risk, respond to incidents, and architect secure systems — every threat on this globe challenges one or more of these principles.

Confidentiality

Ensuring sensitive data reaches only authorised parties. Enforced through encryption, access controls, and least-privilege policies to prevent unauthorised disclosure.

Integrity

Guaranteeing data remains accurate and unaltered. Maintained through hashing, digital signatures, checksums, and rigorous audit trails that detect tampering.

Availability

Keeping systems accessible when needed. Achieved through redundancy, failover, DDoS mitigation, and continuous uptime monitoring to prevent service disruption.

0 Global Cyber Threats
Threat Origin Protected Node Interception Arc

Skills & Tools

Technical capabilities developed through academic study, research, and hands-on lab practice

Security & Monitoring

ELK Stack (Elastic/Kibana) Splunk SIEM Concepts SIGMA Rules YARA MITRE ATT&CK Log Analysis Alert Triage

Network Analysis

Wireshark Nmap tcpdump Zeek (Bro) TCP/IP Packet Analysis Network Forensics VLANs / Routing

Scripting & Automation

Python Bash / Shell PowerShell Git & GitHub Regex JSON / YAML

Frameworks & Standards

NIST CSF ISO 27001 Awareness Incident Response Risk Analysis Vulnerability Management Detection-as-Code

Operating Systems & Platforms

Kali Linux Ubuntu / Debian Windows Server Active Directory (Basics) VirtualBox / VMware

Threat Intelligence & OSINT

VirusTotal Shodan OSINT Techniques IOC Analysis Threat Feeds AlienVault OTX MISP (Awareness) URL / IP / Hash Analysis

Resume

Academic background, professional experience & continuous development

Education

  • Additional Learning & Certifications

    2026 - 2026

    Actively preparing for industry-recognised certifications and developing hands-on skills through labs, research, and practical exercises aligned with SOC and analyst roles.

  • BSc (Hons) In Cybersecurity - University Of West London

    London, UK

    Sep 2020 - Jul 2024

    Focused on core cybersecurity principles including network security, risk management, cryptography, secure systems, and security analysis, with practical labs and academic research.

  • CMI Level 3 Award in First Line Management (QCF)

    Chartered Management Institute, London, UK

    May 2014 - Jul 2014

    Professional qualification focused on first-line management principles, communication, and organisational awareness, supporting effective teamwork and structured working environments.

Experience

  • RSA Cryptography — Secure File Sharing System

    Independent Security Project

    Dec 2025 - Mar 2026

    Built a Flask-based encrypted file-sharing system enforcing a verify-then-decrypt model to eliminate decryption oracle risks. Implemented AES-256-GCM, RSA-OAEP/RSA-PSS, and ECDH P-256 + HKDF for Perfect Forward Secrecy, validated by 83 unit tests covering tamper detection, key misuse, and signature forgery.

  • Research Assistant in Cybersecurity (Internship).

    UWL - London, UK

    Jun 2025 - Dec 2025

    Supported cybersecurity research activities, security analysis, and structured investigation tasks. Gained hands-on exposure to defensive security concepts, threat awareness, and analytical methodologies.

  • IoT Anomaly Detection

    Final Year Project - University of West London

    Sep 2023 - Jun 2024

    Built a machine learning-based anomaly detection system for IoT network traffic as the BSc final year project. Applied Python and scikit-learn to classify malicious patterns in captured traffic, with results visualised through Splunk and Kibana dashboards aligned with SOC monitoring workflows.

  • IT Support & Systems Technician

    Gráfica Rio LTDA - Linhares, Brazil

    Mar 2015 - Oct 2019

    Managed internal network infrastructure and workstations across Windows and macOS, serving as the sole IT point of contact to resolve hardware, software, and production system issues while standardising configurations and documentation to improve reliability.

  • Manager

    Headmasters Ltd - London, UK

    Nov 2010 - Sep 2014

    Managed a team of 18 and improved operational efficiency by 35% through workflow redesign and structured coaching. Delivered health and safety training and maintained zero compliance infractions over a three-year period.

Certifications & Credentials

Industry-recognised certifications actively pursued to validate cybersecurity expertise

Network+

CompTIA

In progress

Security+

CompTIA

In progress

AZ-900 Azure Fundamentals

Microsoft

In progress

Splunk Core Certified User

Splunk

In progress

Additional certifications will be added as I continue my cybersecurity training and complete new certifications exams.

Cybersecurity Projects

Hands-on work spanning monitoring, analysis, cryptography, and offensive security

Network Setup & Configuration

Network Setup & Configuration

Cisco IOS VLANs ACLs TCP/IP
View Project
Network Security

Network Security

Firewall IDS/IPS Nmap Linux
View Project
Anomaly Detection

Anomaly Detection

Python scikit-learn ELK Stack
View Project
RSA Cryptography

RSA Cryptography

RSA Python Encryption PKI
View Project
Packet Analysis

Packet Analysis

Wireshark tcpdump TCP/IP
View Project
Vulnerability Assessment

Vulnerability Assessment

Nessus OpenVAS CVE Risk
View Project
View All Projects on GitHub →

More projects will be added as work is completed.

Labs & Hands-On Practice

Actively building real-world skills through HackTheBox, TryHackMe, and CTF challenges

HackTheBox

Offensive & Defensive Lab Challenges

Noob Rank
0 Points
0 Machines
1 Sherlocks
View HTB Profile →

TryHackMe

Guided Learning Paths & SOC Skills

Top 100% Rank
0 Points
2 Rooms
2 Streak (days)
View THM Profile →

CTF & Pentesting

Capture The Flag & Machine Exploitation

5 Machines
3 Writeups
2 Videos
Multi Platform

VulnHub & HTB machines — walkthroughs & exploitation notes.

View CTF Labs →

Get In Touch

Open to Security Engineer or SOC analyst opportunities
Available for Opportunities

Let's Connect

I am currently seeking opportunities as a Security Engineer or SOC Analyst (early career). If you would like to discuss my background, experience, or suitability for a role, please feel free to get in touch.

Download CV
Location

London, United Kingdom

Email

contact@evanildoribeiro.com

Phone

+44 (0) 741 126 9534

LinkedIn

linkedin.com/in/evanildoribeiro