🎯 Cybersecurity Graduate from Wrocław University of Science and Technology

💻 Software Engineer for 2 years

🛡️ ISC2 Certified in Cybersecurity (CC)

⭐ In top 15% users on TryHackMe

I’m a cybersecurity-focused IT professional with over 2 years of hands-on experience in software engineering and test automation.

My background in QA, CI/CD pipelines, and secure development practices naturally evolved into a strong interest in:

• Application Security
• Threat Modeling
• Detection Engineering
• Secure SDLC
• Offensive security fundamentals

I recently defended my engineering thesis on deepfake detection, where I designed and trained neural network models (CNN, LSTM) to detect manipulated video content.

Cybersecurity is not just something I study — it’s the direction I’m actively building my career in.

• 🛡️ ISC2 Certified in Cybersecurity (CC)
  Issued: 2026

  

• 🔐 CompTIA Security+ (in progress)
  Expected: 2026

  

• 🌐 Cisco Networking Academy – Network Security

  Issued: 2025

  

• 🌐 Cisco Networking Academy – Enterprise Networking, Security and Automation

  Issued: 2025

  

• 📚 Preparing for CompTIA Security+
• 🧠 Expanding hands-on skills on TryHackMe
• 🛠 Building practical security-focused projects:
  • Secure SDLC demo projects
  • Detection engineering lab
  • Web application security testing reports
• 🧩 Deepening knowledge of MITRE ATT&CK & threat modeling

Security

• OWASP Top 10
• SAST (SonarQube)
• DAST (OWASP ZAP)
• SIEM (Elasticsearch)
• IDS (Snort)
• XDR (Wazuh)
• MITRE ATT&CK
• Risk assessment & threat modeling

Engineering

• Python
• TypeScript
• Bash
• Linux
• Docker
• Git
• Azure Pipelines
• CI/CD automation

Cloud & Infra

• AWS (fundamentals)
• Networking (TCP/IP, protocols)
• Secure architecture basics

I am particularly interested in:

• 🔵 Application Security Engineering
• 🔵 Security Engineering (Detection & Hardening)
• 🔴 Penetration Testing (long-term growth path)

A hands-on network traffic capture and analysis project.
Configured virtual machine environments to generate and analyze traffic, apply IDS signatures, collect logs, and practice detection workflows. Demonstrates practical detection engineering and response fundamentals that mirror real-world security operations.

⭐ Focus: network analysis, rule creation, logging & detection methods.

Collection of forensic reports and tools used to analyze digital evidence after incidents.
Includes structured write-ups of file system analysis and recovery techniques, showing capability to conduct thorough post-incident reviews and evidence documentation.

⭐ Focus: forensic methodology, data recovery, analytical reporting.

A web application for comparing and analyzing text content.
Although not a traditional security project, this application can be extended with secure coding practices and demonstrates understanding of web application development — a core skill for security engineers.

⭐ Focus: secure web app fundamentals, input validation, data handling.

Shell scripting repository showing advanced command-line knowledge.
Strong shell scripting skills are essential for automation, log parsing, incident response tasks, and building security tooling.

⭐ Focus: Linux scripting, automation, command-line proficiency.

Implementation of the Playfair cipher in C++ with accompanying CWE analysis.
Includes a study on common weaknesses and exposures (CWE) related to classic ciphers — a good example of security thinking applied to cryptographic concepts.

⭐ Focus: cryptography concepts, static code analysis, CWE awareness.

• 💼 LinkedIn: linkedin.com/in/wiktoria-migasiewicz
• 🧠 TryHackMe: https://tryhackme.com/p/Hacker.Witos

"Security is not a checklist — it’s an engineering mindset."