Carlos Morales
San Pedro,CA
Summary
Cybersecurity Analyst leveraging disciplined military leadership and frontline emergency response experience to safeguard high-value assets in fast-paced, mission-critical environments. Demonstrates exceptional adherence to protocol, chain-of-command communication, and procedural accuracy built through U.S. Navy aircraft operations and EMT emergency care. Trained in industry-standard cybersecurity frameworks including NIST, MITRE ATT&CK, and RMF. Proven ability to detect threats, analyze incidents, remain calm under pressure, and execute rapid, structured responses aligned with defense-sector expectations. Seeking a SOC Analyst or Cybersecurity Analyst role supporting secure, resilient operations for defense or federal organizations.
Overview
3
3
years of professional experience
1
1
Certification
Work History
Emergency Medical Technician
EMS
Compton, CA, USA
03.2022 - 2025
- Respond to high-urgency medical incidents requiring rapid triage, structured assessment, and decisive, protocol-driven action-mirroring cybersecurity incident escalation processes.
- Composed over 200 accurate, legally compliant documentation under pressure, aligning with the precision required in cybersecurity incident reporting.
- Over 1000 hours operating under strict governance, demonstrating consistent adherence to procedural guidelines, chain-of-command communication, and safety-critical protocols.
Plane Captain
U.S. Navy - Plane Captain, EA-18G Growler Program
Oak Harbor, WA, USA
01.2018 - 01.2021
- Maintained and safeguarded sensitive aircraft systems with 100% accountability by following Naval Air Publications and rigid procedural standards-directly transferable to cyber security's need for precise compliance and secure asset handling.
- Performed under extreme operational pressure where protocol adherence was essential to safety, readiness, and mission continuity.
- Enforced OPSEC and physical security measures to protect sensitive technologies, reinforcing defense-aligned security discipline and risk awareness.
- Deployed with VAQ-137 on CVN-75 Truman carrier to middle east waters. Performed time sensitive procedure driven aircraft maintenance, documentation and reporting under extreme and hazardous conditions.
Education
Bachelor of Science - Cybersecurity and Information Assurance
Western Governors University
Salt Lake City, UT05-2026
Skills
- Windows 10/ Windows 11/ MacOS/ Desktop deployment
- Linux(fundamentals)/SQL(basic)/Linux CLI
- NIST Incident Response lifecycle/ MITRE ATT&CK/
- Windows Event Viewer
- TCP/IP / DNS/ DHCP/Subnetting
- Network Security/ System hardening/Threat hunting
- IT Service Management
Certification
- CompTIA Security+
- CompTIA Network+
- CompTIA A+
- (ISC)² SSCP - Associate
- Linux Essentials (LPI)
- ITIL V4 Foundation
Languages
English
Spanish
Timeline
Emergency Medical Technician
EMS
03.2022 - 2025
Plane Captain
U.S. Navy - Plane Captain, EA-18G Growler Program
01.2018 - 01.2021
Bachelor of Science - Cybersecurity and Information Assurance
Western Governors University
Hands On Cybersecurity Projects
- SOC Lab (Attack and Defend), Built and operated a virtual SOC using Oracle box, implemented Wazuh SIEM, Windows 10 endpoints, and used a Kali Linux VM to model adversarial behavior and defensive monitoring., Analyzed simulated threats by correlating Wazuh alerts with Windows security logs to identify brute-force patterns and anomalous authentication activity., Utilized NIST and MITRE ATT&CK methodologies and frameworks, including adversary mapping and remediation recommendations suitable for audit and technical leadership review., Generated incident response reports in relations to threat events and recommended respective remediation steps in order to patch/mitigate vulnerabilities.
- Lets Defend (Simulated SOC Lab), Conducted simulated formal investigations on day-to-day SIEM alerts such as quishing campaigns, phishing campaigns, credential compromise, workstation compromise and quarantine., Followed CSIRT incident response lifecycle and utilized malware and threat analysis tools such as totalvirus, QR raptor, Whois, Cyberchef, abuseIPDB., Generated incident response reports, post incident remediations and recommendations and escalated events in accordance with pre-established guidelines.
- Service Desk Simulator, Simulated a real world enterprise service desk environment and resolved end-user hardware, software and network connectivity issues., Practiced professional communication via chat box and provided service solutions to end-user or guided end-user through troubleshooting process to resolve incidents.
Security Status
Eligible for DoD Secret Clearance Reinstatement (previously held)