available for opportunities

Lloyd SatoCyber Security Professional

Master's Graduate with commercial experience in security operations and risk management. I translate technical threats into business advice.

Get In Touch View Experience

2+ Years in SOC & Research

MSc Cyber & Forensics

Sec+ CompTIA Certified

lloyd@soc ~ %

>whoami Lloyd Sato — Security Analyst >cat about.txt • Protecting companies from cyber attacks • Investigating security incidents • Researching how malware avoids detection >tools --list security: Splunk · Sentinel · Defender scripting: Python · PowerShell · SQL · C++ >

01 About

Background

I specialize in translating technical threats into business advice, managing risk registers, and implementing security frameworks (MITRE ATT&CK). Currently operating as a Security Operations Analyst (SOC L1), handling the full incident lifecycle to minimize operational disruption.

I hold a Master of Cyber Security and Forensics from the University of Westminster and possess certifications including CompTIA Security+.

Core Competencies

Microsoft Defender for Endpoint & Splunk
Infrastructure scans using Nessus
Static and dynamic analysis of malware
Python, PowerShell, and SQL

02 Skills

Technical Skills

SIEM & EDR

Splunk Microsoft Sentinel CrowdStrike Microsoft Defender

Malware Analysis

Static Analysis Dynamic Analysis Any.Run REMnux

Languages & Scripting

Python PowerShell SQL C++

Vulnerability Management

Nessus Risk Registers Incident Response

Frameworks & Standards

MITRE ATT&CK GDPR CompTIA Security+

Threat Intelligence

IoC Identification CTI Reports AMSI & EDR Evasion

03 Research

Featured Research

Decoding Malicious Camouflage: Analysing Evasion Techniques

Master's Project

University of Westminster

Evaluated evasion mechanisms employed by malware families to circumvent host-based defense architectures, specifically AMSI and EDR.
Conducted isolated sandbox analysis using Any.Run and REMnux on Redline Stealer, WannaCry ransomware, and SheetRAT trojan.
Mapped all findings to the MITRE ATT&CK framework to ensure industry-standard classification.

Key Finding Uncovered an obfuscated script using memory patching to disable AMSI tracing at runtime.

Any.Run REMnux MITRE ATT&CK AMSI EDR

View Full Report

04 Experience

Work History

Security Operations Analyst (SOC L1)

Dec 2025 - Present

Acumen Technix LTD · London, UK

Deployed Microsoft Defender for Endpoint to monitor assets and block complex malware.
Administered and optimised Splunk to detect and triage incidents.
Managed risk registers using SQL to track service impacts, ensuring GDPR alignment.

Researcher

Oct 2023 - Mar 2024

University of Westminster · Westminster, UK

Conducted in-depth research into malware evasion techniques.
Performed analysis utilizing Any.Run sandbox to dissect process injection and obfuscation.
Produced actionable cyber threat intelligence reports.

Security Operations Analyst (SOC L1)

Jul 2021 - Nov 2022

HSBC · Gurgaon, India

Analysed security alerts from Microsoft Sentinel and CrowdStrike.
Conducted comprehensive analysis of malware samples to identify Indicators of Compromise.
Developed custom scripts using Python and PowerShell to automate intelligence collection.

05 Contact

Get In Touch

Open to cybersecurity roles, research collaborations, and contract work. Fill in the form and I'll get back to you within 48 hours.

mail@lloydsato.com

London, UK

Name *

Email *

Subject

Message *